Hi...
Can u please check the authentication of owa and ecp in your cas server IIS .
The default configuration for ECP authentication is Anonymous authentication: Enabled & Basic Authentication enabled. The default configuration for OWA authentication is Basic Authentication enabled.
Can you open owa? if owa is working, what is the behavior if you click on options button in owa?
Regards,
I have checked the IIS in the CAS server. The ECP authentication is Anonymous and Basic enabled. The OWA is Basic and Anonymous, now I have disabled Anonymous for OWA but still the same.. Is it the mailbox servers IIS? what authentications they should have? Is it the RAM? I have 4 GB on the CAS.. Just thinking.. I cannot access the mailboxes server's URL for ecp and owa I recieve "404 - file or directory not found". So I'm only trying from the CAS. The certificate binded to the ECP HTTPS page is "Microsoft Exchange" and assigned to all IP addresses. I have checked event viwer too no events captured for this. I have run the health cmdlets, everything is fine... Please help me..
can you please remove anonymous authentication from ecp in IIS of cas server and try?
please run iisreset after removing the ecp anonymous authentication..
Regards
I have tried same thing. Now my configurations are OWA and ECP only basic enabled. I restarted IIS from the console root. I have noted that when I enter "https://<CASserver>/ecp.. it redirects me to https://<CASserver>/owa/auth.....
Even the ECP page domain\username are always written by default.... I want to test on fresh page...
Any ideas,
Regards
ecp redirection to owa is the default behavior of exchange 2013. if you want to change the owa login from domain\username run the following command in exchange management shell
Set-OwaVirtualDirectory "CAS-Servername\owa (Default Web Site)" -LogonFormat Username -DefaultDomain mydomain.com
if you run the above command, you can login with username and pwd only.. domain name is no more required.
Thank you I changed it. But still I cannot log in. This behavour is very annoying! I enter the password and press on sign in, the page refresh like I didn't enter the password.. If I enter the password incorrect it displays the message that the passwrod is wrong. Can you please help me.. I have tried everything I know. Now the IIS configruations for ECP and OWA are only basic authentication.
I run the command Test-EcpConnectivity I get: Test user 'extest_69cc4d0778544 isn't accessible, so this cmdlet won't be able to test Client Access Server. Then with red: Could not find or sign in with the user domain\'extest_69cc4d0778544. If this task is being run without credentials, sign in as Domain Administrator..... to verify that the user exists on Mailbox Server Exchange2.com (My 2nd mailbox server).
Any idea?
Best Regards
Yes I have mentioned the message above but not the whole thing. It include run new-testcasconnetivityuser.ps1 script from exchange script folder too. It is very strange issue.... I don't think Microsoft miss this issue. It displays the same log in page again like I haven't entered the credentials!
Another error message I saw in the event viewer but in the Back-end (Mailbox Server) as below:
WebHost failed to process a request.
Sender Information: System.ServiceModel.ServiceHostingEnvironment+HostingManager/12036987
Exception: System.ServiceModel.ServiceActivationException: The service '/owa/service.svc' cannot be activated due to an exception during compilation. The exception message is: The authentication schemes configured on the host ('IntegratedWindowsAuthentication') do not allow those configured on the binding 'WebHttpBinding' ('Anonymous'). Please ensure that the SecurityMode is set to Transport or TransportCredentialOnly. Additionally, this may be resolved by changing the authentication schemes for this application through the IIS management tool, through the ServiceHost.Authentication.AuthenticationSchemes property, in the application configuration file at the <serviceAuthenticationManager> element, by updating the ClientCredentialType property on the binding, or by adjusting the AuthenticationScheme property on the HttpTransportBindingElement.. ---> System.NotSupportedException: The authentication schemes configured on the host ('IntegratedWindowsAuthentication') do not allow those configured on the binding 'WebHttpBinding' ('Anonymous'). Please ensure that the SecurityMode is set to Transport or TransportCredentialOnly. Additionally, this may be resolved by changing the authentication schemes for this application through the IIS management tool, through the ServiceHost.Authentication.AuthenticationSchemes property, in the application configuration file at the <serviceAuthenticationManager> element, by updating the ClientCredentialType property on the binding, or by adjusting the AuthenticationScheme property on the HttpTransportBindingElement.
at System.ServiceModel.Channels.HttpTransportBindingElement.UpdateAuthenticationSchemes(BindingContext context)
at System.ServiceModel.Channels.HttpsTransportBindingElement.BuildChannelListener[TChannel](BindingContext context)
at System.ServiceModel.Channels.Binding.BuildChannelListener[TChannel](Uri listenUriBaseAddress, String listenUriRelativeAddress, ListenUriMode listenUriMode, BindingParameterCollection parameters)
at System.ServiceModel.Description.DispatcherBuilder.MaybeCreateListener(Boolean actuallyCreate, Type[] supportedChannels, Binding binding, BindingParameterCollection parameters, Uri listenUriBaseAddress, String listenUriRelativeAddress, ListenUriMode listenUriMode, ServiceThrottle throttle, IChannelListener& result, Boolean supportContextSession)
at System.ServiceModel.Description.DispatcherBuilder.BuildChannelListener(StuffPerListenUriInfo stuff, ServiceHostBase serviceHost, Uri listenUri, ListenUriMode listenUriMode, Boolean supportContextSession, IChannelListener& result)
at System.ServiceModel.Description.DispatcherBuilder.InitializeServiceHost(ServiceDescription description, ServiceHostBase serviceHost)
at System.ServiceModel.ServiceHostBase.InitializeRuntime()
at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(ServiceActivationInfo serviceActivationInfo, EventTraceActivity eventTraceActivity)
at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath, EventTraceActivity eventTraceActivity)
--- End of inner exception stack trace ---
at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath, EventTraceActivity eventTraceActivity)
at System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String relativeVirtualPath, EventTraceActivity eventTraceActivity)
Process Name: w3wp
Process ID: 10896
My authentication is Windows authentication only for OWA and ECP Windows Authentication and Basic as per the article: http://support.microsoft.com/kb/2778897/en-us
Regards
the order of installation of exchange roles in 2013 is Mailbox Role first and CAS second. Please refer to exchange deployment assistant for installation steps.
http://technet.microsoft.com/en-us/exdeploy2010/default(EXCHG.150).aspx
I tried to uninstall CAS first but I recieved errors like argument.... I don't remember I tried to delete the folder manually and remove entries from the registry and from ADSI. Then I moved to the mailbox servers. Now I removed them manually too from the mailboxes but when the readness check come to install it again I recieve this error: The following error was generating "error.clear(); if (Get-Service W3Svc' |?{.Name -eq "W3Svc'_}) { Set=Service W3Svc -startupTypeAutomatic Start-SetupService - ServiceName W3Svc} "was run: "Service 'WAS' failed to reach status 'Running' on the server."
I have two mailboxes server and one CAS. When I open up the ECP and enter the username and password nothing happen it simply refresh the page! When I enter an incorrect password, it gives you a message that it is incorrect. What is the issue? I have verified the services and IIS bindings which are in CAS Default Web Page port 80 and 443 (With Exchange certificate) and Mailboxes backend with ports 444 and 81. Authentications enabled are basic and ananomouys. I tried to reinstall the CAS but it didn
I have tried another browser but same issue. I have formatted the servers completely and reinstalled mailbox and CAS only without redundancy. I just don't want to spend more time troubleshooting.
I will update to CU2. Which server is first CAS or mailbox? Do I have to install CU1 first? Thank you.
I even started a support case with Microsoft and they found the issue within 10 minutes.
It turned out to be a problem with the SSL certificate on the Default Web Site.
Try changing this back to the original Exchange Server certificate that was supplied with the installation. Only need to be done on the Default Web Site (not on the Exchange Back End website). Do an iisreset /noforce /timeout:600 afterwards and see if it works again.
If it does: please recreate a CSR within the Exchange MMC or ECP and supply that to a Certificate Authority.
This topic is archived. No further replies will be accepted.
Other recent topics
