Exchange 2013 error 500 by accessing ECP as admin
I have a small Exchange 2013 (SP1) site with just one CAS.
By accessing of the CAS, OWA runs properly for each user and also the options-page is well available not so by accessing it as "admin" because of the "error 500". The same occurs by accessing ECP directly via
https://cas/ecp: after passing of credentials the normal options-page occurs for each user not so for the admin.
January 8th, 2015 9:31am
Can you explain "admin" do you mean any domain admin? Try going to the ecp page locally on the cas server so you can get a detailed description of the 500 error.
January 8th, 2015 9:48am
With "admin" I mean the domain administrator account which is the ECP-admin too.
I see no special errors by accessing ecp page locally. Just "HTTP 500: internal Server error
January 8th, 2015 10:10am
Strange. After few hours it works again on the CAS locally, but only locally. I have absolutely no idea what the problem is...
January 8th, 2015 10:30am
Check your app event logs on your CAS server it should have something there regarding the failed login.
January 8th, 2015 1:49pm
I see several errors, e.g.: 1006:
Der Postfachreplikationsdienst von Microsoft Exchange konnte Auftrge in einer Postfachdatenbank nicht verarbeiten. Datenbank: Fehlende Datenbank (a3634ca3-02bd-4072-bb02-a4e386f24b12)
Fehler: Die Datenbank 'a3634ca3-02bd-4072-bb02-a4e386f24b12' ist nicht vorhanden.
Looks like I had to check for the requests regarding this database and to suspend them appropriately..?
January 8th, 2015 2:06pm
I don't think the 1006 errors have anything to do with it, you don't see any specific errors relating to login?
January 8th, 2015 2:15pm
No, I don't see any Login-Errors, but a lot of other ones regarding this no more existing database, e.g. 10002, 6002, 36888, 36874 etc.
Allthough I don't know whether they caused my problem, I believe, my next steps should go to fix the last first. Any Idea how to find out and remove all the activities related to this GUID-database?
January 8th, 2015 2:22pm
Just a sanity check, the admin account is a mailbox enabled user?
January 8th, 2015 2:38pm
Yes it is a mailbox enabled user.
Sanity check - pls stand by...
January 8th, 2015 2:57pm
There ist something very very strange and I have absolutely no idea what it is:
- sitting here at home I can access admin-ECP with Google-Chrome - not so with the IE;
- sitting on another place I can access admin-ECP with all browsers - but cannot acces my own Mailbox via OWA;
... and so on.
So, I suppose the IIS somehow performs access restrictions related to persisten data of the browser. Is it possible?
January 8th, 2015 4:14pm
Hi Rainer
I recommend you try the following method and check if any helps:
1. Change bindings of the default website to conform to Microsoft recommended settings ({http port 80 *}{http port 80 127.0.0.1}{https port 443 *}{https port 443 127.0.0.1})
2. Insure that "Require SSL" is checked on the root of the default website
3. Remove all of those "HTTP Redirect" settings
4. Restart IIS
In addition, I also recommend you try to restart the CAS server and check the result.
Best regards,
January 9th, 2015 4:19am
Hi Nico & James,
thanks a lot for your feedback! In the meantime I found out the following:
- The problems with databases are fixed - they had nothing to do with my IIS phenomenon;
- The different behavior by accessing of the ECP page of the admins and users mailbox is also fixed there were indeed a problem with the persistent browser data which caused the error;
- However, there is still the error 500 by accessing of
some mailboxes, no matter if accessing OWA or ECP L.
January 9th, 2015 10:12am
Hi Customer,
Before we go any further, I would like to double confirm our issue first since the previous reply is a little confusing.
- What kind of some mailboxes affected? Admin account with mailboxes enabled or normal user mailboxes cant access OWA/ECP?
- All browsers affected or just IE not work but others like chrome work fine? Have we deleted the IE cookies? Please double confirm and let me know.
- Can we login local OWA/ECP on the
local server? Please recycle the MSExchangeOWAAppPool and MSExchangeECPAppPool first in IIS Manager, then try test on the CAS server and let me know the result.
https://Localhost
https://CAS.contoso.com, CAS.contoso.com is the CAS server name.
https://localhost/owa
4. Whats the different between the working mailbox and the some mailboxes which cant login OWA/ECP? What if we move the affected mailboxes to another database?
5. Do we have Exchange 2007/2010 server in the environment? And the affected mailboxes reside on the Exchange 2007/2010 server?
6. When the issue happened, please check the services on the server, are all Exchange needed services started? Please check especially the Microsoft Exchange Forms Based Authentication service.
7. Have we tried to recreate the OWA/ECP virtual directory, will issue persists?
Please try above steps and let me know if any update. Thank you!
Best Regards,
Eric Zou
January 16th, 2015 4:11am
Hi Customer,
Before we go any further, I would like to double confirm our issue first since the previous reply is a little confusing.
- What kind of some mailboxes affected? Admin account with mailboxes enabled or normal user mailboxes cant access OWA/ECP?
- All browsers affected or just IE not work but others like chrome work fine? Have we deleted the IE cookies? Please double confirm and let me know.
- Can we login local OWA/ECP on the
local server? Please recycle the MSExchangeOWAAppPool and MSExchangeECPAppPool first in IIS Manager, then try test on the CAS server and let me know the result.
https://Localhost
https://CAS.contoso.com, CAS.contoso.com is the CAS server name.
https://localhost/owa
4. Whats the different between the working mailbox and the some mailboxes which cant login OWA/ECP? What if we move the affected mailboxes to another database?
5. Do we have Exchange 2007/2010 server in the environment? And the affected mailboxes reside on the Exchange 2007/2010 server?
6. When the issue happened, please check the services on the server, are all Exchange needed services started? Please check especially the Microsoft Exchange Forms Based Authentication service.
7. Have we tried to recreate the OWA/ECP virtual directory, will issue persists?
Please try above steps and let me know if any update. Thank you!
Best Regards,
Eric Zou
-
Marked as answer by
Serinar
Wednesday, January 21, 2015 8:23 AM
January 16th, 2015 9:01am
Hi Customer,
Before we go any further, I would like to double confirm our issue first since the previous reply is a little confusing.
- What kind of some mailboxes affected? Admin account with mailboxes enabled or normal user mailboxes cant access OWA/ECP?
- All browsers affected or just IE not work but others like chrome work fine? Have we deleted the IE cookies? Please double confirm and let me know.
- Can we login local OWA/ECP on the
local server? Please recycle the MSExchangeOWAAppPool and MSExchangeECPAppPool first in IIS Manager, then try test on the CAS server and let me know the result.
https://Localhost
https://CAS.contoso.com, CAS.contoso.com is the CAS server name.
https://localhost/owa
4. Whats the different between the working mailbox and the some mailboxes which cant login OWA/ECP? What if we move the affected mailboxes to another database?
5. Do we have Exchange 2007/2010 server in the environment? And the affected mailboxes reside on the Exchange 2007/2010 server?
6. When the issue happened, please check the services on the server, are all Exchange needed services started? Please check especially the Microsoft Exchange Forms Based Authentication service.
7. Have we tried to recreate the OWA/ECP virtual directory, will issue persists?
Please try above steps and let me know if any update. Thank you!
Best Regards,
Eric Zou
-
Marked as answer by
Serinar
3 hours 33 minutes ago
January 16th, 2015 12:01pm
Hi Serinar,
Could you please let us know whether you try above steps and any update? Thanks for your time.
Best Regards,
Eric Zou
January 21st, 2015 3:26am
Hi all,
after many hours of investigations I found out, that the health-mailboxes (retrieved by "Get-Database -Monitoring") were damaged or somehow inconsistent. So, I simply hat to recreate them and the site runs propperly.
Thanks a lot!
January 21st, 2015 3:34am
Hi Serinar,
Glad to know that we have found the issue related to the health monitoring mailboxes and issue resolved after we recreate them. Thank you for your time and efforts so far.
Best Regards,
Eric Zou
January 21st, 2015 3:46am
Just to add to this thread, we fixed the same error on our Exchange 2013 system by accessing the EAC externally (e.g. over ADSL). We just launched the EAC once and that 'fixed' internal access too.
I should add that the problem only affected one of our admin's accounts. Other admin accounts could log into the EAC from the same PC, same logged-on user, same browser.
Strange but true.
April 28th, 2015 8:00am