Symptom
In Exchange 2013, when using admin account to access ECP, you will get an error 500 Unexpected as below. However, when using the same account to access OWA, everything is ok, and other normal accounts can access OWA also.
At the same time, if you check the event log, you will get the following error:
Current users: yourdomain.com/User/adminRequest for URL 'https://servername.yourdomain.com:444/ecp/default.aspx(https://servername/ecp/)' failed with the following error: System.Configuration.ConfigurationErrorsException:
(hexadecimal value 0x03)is an invalid character. Line 1, position 1 (C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\ecp\quarantine\web.config line 1) ---> System.Xml.XmlException:
(hexadecimal value 0x03)is an invalid character. Line 1, position 1 System.Xml.XmlTextReaderImpl.Throw(String res, String[] args) System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace()
System.Xml.XmlTextReaderImpl.ParseDocumentContent() System.Configuration.XmlUtil..ctor(Stream stream, String name, Boolean readToFirstElement, ConfigurationSchemaErrors schemaErrors) System.Configuration.BaseConfigurationRecord.InitConfigFromFile()
Cause
According to the error information, there are some invalid characters in the file (C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\ecp\quarantine\web.config ).
In Exchange Mailbox server, when we open this file with notepad, we will find that all the content are garbled. That is the cause.
Solution:
1. Try to copy the following code to replace the contents of the file, and save it.
2. Restart mailbox server.
__________________________________________________________________________________________
<?xml version="1.0"?>
<configuration>
<location path="Quarantine.slab">
<system.web>
<authorization>
<allow roles="Get-QuarantineMessage@R:Organization"/>
<!-- Deny everyone else -->
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="EditQuarantineAdvFilter.aspx">
<system.web>
<authorization>
<allow roles="Get-QuarantineMessage@R:Organization"/>
<!-- Deny everyone else -->
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="QuarantineDetails.aspx">
<system.web>
<authorization>
<allow roles="Get-QuarantineMessage@R:Organization"/>
<!-- Deny everyone else -->
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="QuarantineSDO.aspx">
<system.web>
<authorization>
<allow roles="Get-QuarantineMessage@R:Organization"/>
<!-- Deny everyone else -->
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="ReleaseQuarantine.aspx">
<system.web>
<authorization>
<allow roles="Release-QuarantineMessage@R:Organization"/>
<!-- Deny everyone else -->
<deny users="*"/>
</authorization>
</system.web>
</location>
</configuration>
Reference: https://social.technet.microsoft.com/Forums/zh-CN/74a108a8-21f3-4f5e-8fee-94942698797a/exchange-2013ecp500?forum=exchangeserverz