Environment
Retain 3.x
Exchange Module
Situation
A job only archives some of users or fails immediately. The log shows EWS and LDAP 32 Errors. But a job on a single user works fine.
Resolution
With Exchange the mail server isn't accessed directly but is called through a CAS server. A single user job will work because Retain can call the users mailbox directly via the address book. When it is told to archive a post office Retain will use LDAP for autodiscover to gather all mailboxes even those of new users since the last address book refresh.
However if one or more of the Retain or Worker or CAS or Exchange or IIS or AD servers is using a different DNS entry there won't be a way to resolve the lookup.
Make sure that all servers related to mail are pointing to the same DNS, especially the CAS servers and that basic authentication is enabled for EWS and autodiscover is enabled on all the CAS servers.
see also
Determining if Basic Authentication is enabled on your network
Creating a DNS SRV record for Exchange
Multi-domain Login of Exchange Users
Additional Information
This article was originally published in the GWAVA knowledgebase as article ID 2369.