Symptoms
Assume that you use probes for monitoring Microsoft Exchange Server 2016 and Exchange Server 2013. When there's a failed probe, the details of the health mailbox service's account and its password are logged, and you may notice that the password is shown in plain text. Here is an example of the details for a failed ActiveSync probe:
Invoke-MonitoringProbe -Identity: "ActiveSync.Protocol\ActiveSyncDeepTestProbe" –Server: ServerName | fl
RunspaceId: RunspaceId Server: ServerName MonitorIdentity: ActiveSync.Protocol\ActiveSyncDeepTestProbe RequestId: RequestId Error: Error occurred: User: UserName Password: Password Target: RequestURL Response: <Settings xmlns="Settings:"><Status>StatusValue</Status></Settings>Cause
This issue occurs because the password isn't correctly handled in the probe message.
Resolution
To fix this issue, install one of the following updates:
-
For Exchange Server 2016, install Cumulative Update 9 or a later cumulative update for Exchange Server 2016.
-
For Exchange Server 2013, install Cumulative Update 20cumulative update for Exchange Server 2013.
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
References
Learn about the terminology that Microsoft uses to describe software updates.