Health mailbox's password is exposed in logs for a failed probe in Exchange Server 2016 and 2013

Symptoms

Assume that you use probes for monitoring Microsoft Exchange Server 2016 and Exchange Server 2013. When there's a failed probe, the details of the health mailbox service's account and its password are logged, and you may notice that the password is shown in plain text. Here is an example of the details for a failed ActiveSync probe:

Invoke-MonitoringProbe -Identity: "ActiveSync.Protocol\ActiveSyncDeepTestProbe" –Server: ServerName | fl
RunspaceId: RunspaceId
Server: ServerName
MonitorIdentity: ActiveSync.Protocol\ActiveSyncDeepTestProbe 
RequestId: RequestId
Error: Error occurred:
          User: UserName
          Password: Password
          Target: RequestURL
          Response: <Settings xmlns="Settings:"><Status>StatusValue</Status></Settings>

Cause

This issue occurs because the password isn't correctly handled in the probe message.

Resolution

To fix this issue, install one of the following updates:

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References

Learn about the terminology that Microsoft uses to describe software updates.

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

Thank you for your feedback!

×