Removing a default database

Hello!

One more strange issue: in all my deployments of Exchange Server 2013SP1 I always start from removing a default mb database and I never had any problems with it. The procedure is ~ as follows:

1) I create a new mailbox db.
2) Get-Mailbox Arbitration | New-MoveRequest -TargetDatabase NewDB
3) Get-Mailbox Monitoring| New-MoveRequest -TargetDatabase NewDB
4) Get-Mailbox | New-MoveRequest -TargetDatabase NewDB

5) Make sure Administrator account has been moved to the new db.

6) Delete the default db.
7) Restart
8) Log on to ECP as Administrator.


Today the two new installations end up  with the following error on 8)  "Log on to ECP as Administrator":

The IIS log shows this:

"2015-04-17 13:56:17 fe80::191b:2b21:3254:ddd%12 POST /owa/auth.owa &CorrelationID=<empty>;&cafeReqId=8bb165df-6c57-49f0-9ee9-9590c6f981db; 443 TestCompany\Administrator fe80::191b:2b21:3254:ddd%12 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko https://exch1.testcompany.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fexch1.testcompany.com%2fowa 500 0 0 15"

Looks like the Administrator's mailbox has not been moved into the new database, but Get-MoveRequest and Get-Mailbox... showed that Administrator's mailbox was really in the new db.

Moreover, right after deletion of the default db (after item 6) I signed out from ECP and logged back to it - the logon was successfull (at this moment the default database had been already deleted!). And only after restarting the server it started showing this error.

While logged on as Administrator I created one more exchange administrative user account in the new db - it doesn't experience any issues with logging on to ECP.

No errors show in any Windows logs.

What should I check in this situation?

Thank you in advance,

Michael


April 17th, 2015 2:43pm

What exactly was the validation process as described in step #5?  Make sure all of the services set to 'automatic' are started on MBX and CAS servers (if
Free Windows Admin Tool Kit Click here and download it now
April 17th, 2015 2:50pm

"What exactly was the validation process as described in step #5?"

For example:

RunspaceId                             : 6036c666-da17-4c1a-8465-76e5cb4aa5c7
Database                               : TestCompany
Location                               :
UseDatabaseRetentionDefaults           : True
RetainDeletedItemsUntilBackup          : False
DeliverToMailboxAndForward             : False
IsExcludedFromServingHierarchy         : False
LitigationHoldEnabled                  : False
SingleItemRecoveryEnabled              : False
RetentionHoldEnabled                   : False
EndDateForRetentionHold                :
StartDateForRetentionHold              :
RetentionComment                       :
RetentionUrl                           :
LitigationHoldDate                     :
LitigationHoldOwner                    :
LitigationHoldDuration                 : Unlimited
ManagedFolderMailboxPolicy             :
RetentionPolicy                        :
AddressBookPolicy                      :
CalendarRepairDisabled                 : False
ExchangeGuid                           : da0cb195-14d4-4755-b661-a689dc5abae6
MailboxContainerGuid                   :
AggregatedMailboxGuids                 : {}
ExchangeSecurityDescriptor             : System.Security.AccessControl.RawSecurityDescriptor
ExchangeUserAccountControl             : None
AdminDisplayVersion                    : Version 15.0 (Build 847.32)
MessageTrackingReadStatusEnabled       : True
ExternalOofOptions                     : External
ForwardingAddress                      :
ForwardingSmtpAddress                  :
RetainDeletedItemsFor                  : 14.00:00:00
IsMailboxEnabled                       : True
Languages                              : {en-US}
OfflineAddressBook                     :
ProhibitSendQuota                      : Unlimited
ProhibitSendReceiveQuota               : Unlimited
RecoverableItemsQuota                  : 30 GB (32,212,254,720 bytes)
RecoverableItemsWarningQuota           : 20 GB (21,474,836,480 bytes)
CalendarLoggingQuota                   : 6 GB (6,442,450,944 bytes)
DowngradeHighPriorityMessagesEnabled   : False
ProtocolSettings                       : {RemotePowerShell1}
RecipientLimits                        : Unlimited
ImListMigrationCompleted               : False
IsResource                             : False
IsLinked                               : False
IsShared                               : False
IsRootPublicFolderMailbox              : False
LinkedMasterAccount                    :
ResetPasswordOnNextLogon               : False
ResourceCapacity                       :
ResourceCustom                         : {}
ResourceType                           :
RoomMailboxAccountEnabled              :
SamAccountName                         : Administrator
SCLDeleteThreshold                     :
SCLDeleteEnabled                       :
SCLRejectThreshold                     :
SCLRejectEnabled                   

April 17th, 2015 3:02pm

P.S. "What exactly was the validation process as described in step #5?"

And I suppose this "right after deletion of the default db (after item 6) I signed out from ECP and logged back to it - the logon was successfull (at this moment the default database had been already deleted!)" can  validate the moving as well.

Free Windows Admin Tool Kit Click here and download it now
April 17th, 2015 3:10pm

If you run Get-Mailbox Administrator | FL Database does it show the new DB name and not the old?  What if you try the IP of the CAS server instead of the FQDN, does it work?  Can you access OWA as administrator or do you get the same HTTP 500 error?
April 17th, 2015 3:34pm

Since only the database was change the only thing that comes to mind is to make sure RpcClientAccessServer on database was set to the CAS or CASArray.

Get-MailboxDatabase "<database name>" | fl *rpc*

Free Windows Admin Tool Kit Click here and download it now
April 17th, 2015 8:09pm

Hi MF47,

Have you tried the above suggestions ? How about the result ?

Best regards,

April 20th, 2015 8:10am

"Get-Mailbox Administrator | FL Database"

"What if you try the IP of the CAS server instead of the FQDN, does it work?  Can you access OWA as administrator or do you get the same HTTP 500 error?" - the same error.

Free Windows Admin Tool Kit Click here and download it now
April 20th, 2015 9:32am

"Get-MailboxDatabase "<database name>" | fl *rpc*"


- that's the correct output...

April 20th, 2015 9:37am


Now I can successfully log on to Administrator's mailbox using OWA

...but trying to open ECP leads to the same error (after typing Administrator / Password):

So the question is: what's the difference between logging into OWA and ECP?

Regards,

Michael


  • Edited by MF47 Monday, April 20, 2015 2:56 PM
Free Windows Admin Tool Kit Click here and download it now
April 20th, 2015 2:42pm

When you log into ECP, you are using the OWA login ressources.

Authentication settings should be the same on OWA and ECP Vdir (Forms for both, or WI for both, etc.). What are your current auth mecanism for both OWA and ECP?

April 20th, 2015 3:18pm

My settings are as follows:

ECP:

Name                            : ecp (Default Web Site)
InternalAuthenticationMethods   : {Basic, Fba}
MetabasePath                    : IIS://EXCH1.TestCompany.com/W3SVC/1/ROOT/ecp
BasicAuthentication             : True
WindowsAuthentication           : False
DigestAuthentication            : False
FormsAuthentication             : True
LiveIdAuthentication            : False
AdfsAuthentication              : False
OAuthAuthentication             : False

OWA:

Name                                                : owa (Default Web Site)
InternalAuthenticationMethods                       : {Basic, Fba}
MetabasePath                                        : IIS://EXCH1.TestCompany.com/W3SVC/1/ROOT/owa
BasicAuthentication                                 : True
WindowsAuthentication                               : False
DigestAuthentication                                : False
FormsAuthentication                                 : True
LiveIdAuthentication                                : False
AdfsAuthentication                                  : False
OAuthAuthentication                                 : False

Regards,

Michael



  • Edited by MF47 Tuesday, April 21, 2015 9:29 AM
Free Windows Admin Tool Kit Click here and download it now
April 21st, 2015 9:28am

P.S. By the way, according to this article
"https://technet.microsoft.com/en-us/library/gg247612%28v=exchg.150%29.aspx?f=255&MSPPError=-2147217396"

OWA vd should have the following permissions in IIS: BASIC.

But my IIS shows this:

Enabling Basic authentication changes nothing.

Regards,

Michael

April 21st, 2015 10:07am

Hello, in the future use this to deploy your exchange with correct database name, location, etc:

./Setup.exe /m:Install /Roles:ca,mb,mt /IAcceptExchangeServerLicenseTerms /InstallWindowsComponents /DBFilePath:"E:\Folder\DB.edb" /LogFolderPath:"E:\Folder" /MdbName:"DB"

Free Windows Admin Tool Kit Click here and download it now
April 21st, 2015 12:00pm

"Hello, in the future use this to deploy your exchange with correct database name, location, etc:" - Christophe, please excuse me, but I don't understand why my (and the default) method is not correct?
April 21st, 2015 12:41pm

Because when you deploy with standard method Exchange setup will create a default database with a name you don't want. With this method, you create the correct database name, location, etc.

Is it more clear for you ?

Free Windows Admin Tool Kit Click here and download it now
April 22nd, 2015 8:11am

Yes, it's clear - thank you.
April 22nd, 2015 9:52am

"So the question is: what's the difference between logging into OWA and ECP?" - what can prevent Administrator from logging into ECP while allowing Administrator to log on to its mailbox?
Free Windows Admin Tool Kit Click here and download it now
April 27th, 2015 8:43am

Hi MF47,

Let me know the result of below URL: Customize the domain name as per your environment.

https://exch1.testcompany.com/ecp?ExchClientVer=15 

April 27th, 2015 12:43pm

Hu Satyajit321,

I'll do it a bit later - need to rebuild the lab.

Free Windows Admin Tool Kit Click here and download it now
April 29th, 2015 3:30am

Hello all,

"Let me know the result of below URL: Customize the domain name as per your environment.

https://exch1.testcompany.com/ecp?ExchClientVer=15 

"

- the same error:



Regards,

Michael

May 25th, 2015 12:32pm

from the exchange shell on your CAS server, type in "Get-EcpVirtualDirectory -Server <your server name> | FL" and tell us what the output is.
Free Windows Admin Tool Kit Click here and download it now
May 26th, 2015 2:53pm

May 27th, 2015 8:47am

Hi MF47,

Is this issue with only the account which is moved to new DB or to other Admins created on the new DB as well.

Free Windows Admin Tool Kit Click here and download it now
May 28th, 2015 8:50am

Hi Satyajit321,

"Is this issue with only the account which is moved to new DB" - yes, it's only Administrator account wich can't log on to ECP. The other one (ExAdmin) that has been created in the new DB does not suffer from it.

Regards,

Michael

May 28th, 2015 9:14am

what if you change the authentication from forms based, to Ntlm and Windows integrated?  Since this is a test environment and you're only using it internal, it's worth a try.
Free Windows Admin Tool Kit Click here and download it now
May 28th, 2015 2:49pm

I've already tried various authentication options with no luck... I can successfully log on to Administrator's mailbox (via OWA) but not to ECP.


  • Edited by MF47 Thursday, May 28, 2015 3:01 PM typo
May 28th, 2015 3:01pm

stupid question, but I don't think it's been asked yet.  Have you verified this issue by trying from another PC or internal location in order to rule  out an issue on your computer?
Free Windows Admin Tool Kit Click here and download it now
May 28th, 2015 4:53pm

That's not stupid question - of course I've verified it from various computers. The most weird thing for me in this issue that when I installed Exchange on that same machine several months ago it worked perfect...
May 29th, 2015 4:04am

By the way, yesterday I installed the second CAS/Mailbox  server (Exch2) and successfully logged on to ECP as Administrator on Exch2. Given that Administrator's mailbox resides on Exch1 I must have been redirected to Exch1\ECP and it worked. Why it does not work on Exch1 (or any other  computers)...???
Free Windows Admin Tool Kit Click here and download it now
May 29th, 2015 6:59am

Is the issue strictly if you try to access the ECP from the server itself?  If you put the path into a browser on your PC does it work?
May 29th, 2015 4:11pm

No, from any computer except Exch2.
Free Windows Admin Tool Kit Click here and download it now
May 30th, 2015 3:34am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics