Exchange OWA ECP error, users cannot access options. Event viewer points to RBAC query?
Our users are no longer able to access "See all options" from within OWA. Trying throws up the on screen message of "Unexpected error. An error occourred and your request couldn't be completed. Please try again." Searching event viewer on the exchange server has the following event for every time someone accesses (or tries to) ECP. Current user: ******* Request for URL 'http://exchange01/ecp/default.aspx?rfr=owa&p=Customize/Messaging.aspx' failed with the following error: System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.ArgumentException: 'MobileDevices' is not a valid RBAC query. at Microsoft.Exchange.PowerShell.RbacHostingTools.RbacQuery..ctor(String rbacQuery) at Microsoft.Exchange.PowerShell.RbacHostingTools.RbacPrincipal.IsInRole(String rbacQuery, Boolean& canCache) at Microsoft.Exchange.PowerShell.RbacHostingTools.RbacPrincipal.IsInRole(String role) at System.Web.Configuration.AuthorizationRule.IsTheUserInAnyRole(StringCollection roles, IPrincipal principal) at System.Web.Configuration.AuthorizationRule.IsUserAllowed(IPrincipal user, String verb) at System.Web.Configuration.AuthorizationRuleCollection.IsUserAllowed(IPrincipal user, String verb) at System.Web.Security.UrlAuthorizationModule.IsUserAllowedToPath(HttpContext context, VirtualPath virtualPath) at System.Web.SiteMapProvider.IsAccessibleToUser(HttpContext context, SiteMapNode node) at System.Web.StaticSiteMapProvider.GetChildNodes(SiteMapNode node) at Microsoft.Exchange.Management.ControlPanel._Default.CreateDataContract(SiteMapNode sNode) at Microsoft.Exchange.Management.ControlPanel._Default.CreateDataContract(SiteMapNode sNode) at Microsoft.Exchange.Management.ControlPanel._Default.CreateDataContract(SiteMapNode sNode) at Microsoft.Exchange.Management.ControlPanel._Default.CreateNavTree() at Microsoft.Exchange.Management.ControlPanel._Default.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) --- End of inner exception stack trace --- at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.default_aspx.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) System.ArgumentException: 'MobileDevices' is not a valid RBAC query. at Microsoft.Exchange.PowerShell.RbacHostingTools.RbacQuery..ctor(String rbacQuery) at Microsoft.Exchange.PowerShell.RbacHostingTools.RbacPrincipal.IsInRole(String rbacQuery, Boolean& canCache) at Microsoft.Exchange.PowerShell.RbacHostingTools.RbacPrincipal.IsInRole(String role) at System.Web.Configuration.AuthorizationRule.IsTheUserInAnyRole(StringCollection roles, IPrincipal principal) at System.Web.Configuration.AuthorizationRule.IsUserAllowed(IPrincipal user, String verb) at System.Web.Configuration.AuthorizationRuleCollection.IsUserAllowed(IPrincipal user, String verb) at System.Web.Security.UrlAuthorizationModule.IsUserAllowedToPath(HttpContext context, VirtualPath virtualPath) at System.Web.SiteMapProvider.IsAccessibleToUser(HttpContext context, SiteMapNode node) at System.Web.StaticSiteMapProvider.GetChildNodes(SiteMapNode node) at Microsoft.Exchange.Management.ControlPanel._Default.CreateDataContract(SiteMapNode sNode) at Microsoft.Exchange.Management.ControlPanel._Default.CreateDataContract(SiteMapNode sNode) at Microsoft.Exchange.Management.ControlPanel._Default.CreateDataContract(SiteMapNode sNode) at Microsoft.Exchange.Management.ControlPanel._Default.CreateNavTree() at Microsoft.Exchange.Management.ControlPanel._Default.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) Putting "valid RBAC Query" into search engines has produced no results so I need a bit of direction on how to fix this. Thanks Alex
November 29th, 2011 4:37am

Hello, Does this issue occut to all the users? How about using a Exchange admin account to check if the option can be access via OWA? Please check the IIS log on the CAS server and find all the error code when the user access the ECP virtual directory. Post the detailed error code for further research. Thanks, Simon Wu Exchange Forum Support Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
Free Windows Admin Tool Kit Click here and download it now
December 1st, 2011 4:18am

Which version of Exchange you are using 2007 or 2010 ? What is the service pack level and update rollup level? Ensure latest service packs and update rollups are installed. Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
December 1st, 2011 9:45pm

I have the same issue on one of my ex2k10 server that was updated to RU6, then rolled back to RU3. The error msgs are identical. The servers that have not been updated and are still on RU3 seems to be fine. I haven't found a resolution to this either and I can't find an rbac role called MobileDevices.
Free Windows Admin Tool Kit Click here and download it now
December 2nd, 2011 12:57pm

It just started happening on some servers in have with RU6 on SP1. Are we any further with this?
December 13th, 2011 5:00pm

I want to keep this bumped, need an answer from MSFT if I can...this is a new issue, probably from Rollup 6.
Free Windows Admin Tool Kit Click here and download it now
December 13th, 2011 9:12pm

Bump again
December 15th, 2011 11:00am

David - I did the exact same thing roll back to 4 from 6. same error. what have you tried so far...
Free Windows Admin Tool Kit Click here and download it now
December 15th, 2011 11:27am

I just started getting this too - I haven't updated or anything lately. Running 2010 RU5. Going to try rebooting tonight.
December 19th, 2011 4:39pm

Please post the Test E-mail Auto Configuration results Launch OUTLOOK, hold Ctrl key and right-click the system tray icon. You will see two new options in the context menu, i.e; Connection Status and Test E-mail Auto Configuration.Viral Rathod Blog : http://viralr.wordpress.com
Free Windows Admin Tool Kit Click here and download it now
December 20th, 2011 4:15am

Hello All, I am facing the same issue while accessing the ECP virtual directory but the users get a diferrent error as 'unexpected error' while accessing the options under OWA. The exchange is 2010 With RU6. Please suggest.
December 20th, 2011 8:16am

Good day to all. I am to running exchange 2010 and have had some issues since yesterday. i'm running Exchange 2010 SP2. been running awesome till yesterday. i wanted to do the UR6 which all completed 100% since then. users were unable to log in remotely via RDP or OWA. i then removed UR6 things went back to normal :) :).. so i thought. Users were now able to log in remotely. but now i want to to change my out of office using OWA. and i get the error Mobile devices> same as above errors. i am unable to fix this. Tried to go in RBAC does not allow me. and i have done all the access rights and all the changes that need to be made in order to log into RBAC and no luck.. i have also gone and checked IIS all is in order.. i am not running only exchange 2010 and have removed all the "latest" updtes and have disabled updates. if anyone has got any solution to this. please please it would be greatly appreaciated. Thank you and have a great day.
Free Windows Admin Tool Kit Click here and download it now
December 20th, 2011 9:30am

Hi viral rathod i know that you are looking for someone elses results.. i have done the test which part of the results are you looking for. there are 3 of them.. please let me know like that i can post them up. thank you
December 21st, 2011 9:37am

Hello to all.. wanted to let everyon know that i have managed to solve the issue that i was having regarding access to OWA options. all has been sorted out after a few hours or research. all up and running.. thank you
Free Windows Admin Tool Kit Click here and download it now
December 22nd, 2011 7:26am

Hello, Can you please let me know, how you were able to fix the issue in regards to the OWA options. Thanks and Regards, Zaksater
December 22nd, 2011 5:30pm

Hello, Can you please let me know, how you were able to fix the issue in regards to the OWA options. Thanks and Regards, Sebastian Mika
Free Windows Admin Tool Kit Click here and download it now
December 27th, 2011 5:33am

good day.. sorry for the late reply was away on holiday.. i followed the above steps that other users posted. where i removed the OWA from IIS.. to my knowledge this should have only been removed from IIS.. but i was wrong.. this also removes the "file" from AD.. so you will have to log on to Exchange Server.. start run command ADSIedit. this will take you to deep into AD. ( any change wrong change here will cause AD to crash Please be carefule). in there navigate to CN=Services>CN=Micro*echange>CN=Firstorg*>CN=admin*groups>CN=exchange admin*groups>CN=servers>CN= "exchange servername">CN=protocols>CN=HTTP>. in there i created a new OWA folder/connection. once that's created there are few more settings that need to add/change. right in that OWA folder and properties . scroll down until xchange esternal host name( enter your external host add) scroll to internal host name ( enter internal exhange host name ). this will create the folder/icon in IIS manager. restart your server.. once your exhanger server is up and running go to Exchange management console>server config*>client access, click on OWA on the right hand side extra options will appear. click on Reset Virtual Directory. this will open up another screen choose OWA line. this will reset the virtual directory. wait a few moments and OWA will start to work again local and remote.. also some other info. my server is on Roll up 6. i have just compared my services to another server that is running on roll up 6 and all is up to date and working.. forgive me for such a long explination but these are all the steps i had to do. thank you have a great day.
January 3rd, 2012 4:08am

Thanks this solved my issues as well. Thanks Michael Zorbadakis
Free Windows Admin Tool Kit Click here and download it now
June 1st, 2012 6:11am

exactly my problem! Thank you!
June 8th, 2012 2:07am

I had the same problem. When installed UR6, <allow roles="MobileDevices+Mailbox+Get-ActiveSyncDeviceStatistics@R:Self+Get-CASMailbox@R:Self"/> entry is added in the web.config file located in the following folder by default C : \ Program Files \ Microsoft \ Exchange Server \ V14 \ ClientAccess \ ecp \ Troubleshooting \ web.config. When UR6 is removed, thus returning to a previous version (in my case for UR2), the entry is not removed. In this case I had to change the entry to <allow roles="Mailbox+Get-ActiveSyncDeviceStatistics@R:Self+Get-CASMailbox@R:Self"/>. Done that got the directory acesssar ecp options and the option normally. Thanks. Krizia Gonalves. Thank you very much. It could solve the issue.
Free Windows Admin Tool Kit Click here and download it now
July 23rd, 2012 3:25am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics