Exchange Server 2013 ECP Login
I am bit puzzled and frustrated with this issue I have in my lab. I have exported my test mailboxes from my 2010 environment (other settings are minor and easily reproduced), and uninstalled 2010. Next I went and installed 2013 RTM from TechNet.
The first time I installed 2013 the install was successful, but when the ECP came up it was just a empty browser window - it would never display. So I thought, maybe there was something left over from the previous 2010 server. I blew away the
OS (was 2008 R2) and built a clean 2012 server. Installed all the Exchange 2013 prerequisites, extended the Schema and installed 2013 using all the defaults in the wizard.
This time the the ECP login came up, but here is where it gets puzzling and frustrating. I put my Admin credentials in (this account has all proper group membership that I'm aware of) and the screen goes blank for a second and then the OWA login is
displayed. The ECP never comes up again, just goes straight to the OWA login. If I enter my credentials in the OWA login, the screen just flashes and the password field clears but doesn't login.
I have tried uninstalling and cleaning up AD and reinstalling, but the same thing keeps happening. I can't help but think it has something to do with permissions, but I'm not sure what that would be.
November 3rd, 2012 4:41pm
Hi MRMO,
Did you try to access ECP via https://exchangeservername.domain.com/ecp?
Is there any error event in the Event Viewer?
It seems that you still use your old AD environment, if possible, please install a flash AD and install Exchange 2013 again.
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
tnmff@microsoft.com.
November 5th, 2012 11:08am
Perform a iisreset from command prompt and try to login to ECP. while accessing ECP, the credential will ask from owa page (OWA url will be displayed) and once you entered the details, it will be automatically redirected to ECP.
November 5th, 2012 8:53pm
Did the IISRESET and opened IE. Navigated to the ECP and the OWA pages, the screen flashes, the password field clears then nothing.
I know the page must be talking to AD because if I purpose to enter the wrong password it tells me the password is wrong.
November 5th, 2012 9:07pm
So after a good bit of time looking for clues, I noticed that this pops up in the application log every time the screen flashes and the password field clears. I really have no idea what this means or how to fix it - maybe a cert issue in IIS ?!?!
Log Name: Application
Source: MSExchange Front End HTTP Proxy
Date: 11/6/2012 7:24:56 PM
Event ID: 3
Task Category: Core
Level: Error
Keywords: Classic
User: N/A
Computer: servername.domain.com
Description:
[Ecp] An internal server error occurred. The unhandled exception was: System.Security.Cryptography.CryptographicException: Invalid provider type specified.
at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()
at Microsoft.Exchange.HttpProxy.FbaModule.ParseCadataCookies(HttpApplication httpApplication)
at Microsoft.Exchange.HttpProxy.FbaModule.OnBeginRequestInternal(HttpApplication httpApplication)
at Microsoft.Exchange.HttpProxy.ProxyModule.<>c__DisplayClassa.<OnBeginRequest>b__9()
at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(TryDelegate tryDelegate, FilterDelegate filterDelegate, CatchDelegate catchDelegate)
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="MSExchange Front End HTTP Proxy" />
<EventID Qualifiers="49152">3</EventID>
<Level>2</Level>
<Task>1</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-11-07T01:24:56.000000000Z" />
<EventRecordID>209382</EventRecordID>
<Channel>Application</Channel>
<Computer>servername.domain.com</Computer>
<Security />
</System>
<EventData>
<Data>Ecp</Data>
<Data>System.Security.Cryptography.CryptographicException: Invalid provider type specified.
at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()
at Microsoft.Exchange.HttpProxy.FbaModule.ParseCadataCookies(HttpApplication httpApplication)
at Microsoft.Exchange.HttpProxy.FbaModule.OnBeginRequestInternal(HttpApplication httpApplication)
at Microsoft.Exchange.HttpProxy.ProxyModule.<>c__DisplayClassa.<OnBeginRequest>b__9()
at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(TryDelegate tryDelegate, FilterDelegate filterDelegate, CatchDelegate catchDelegate)</Data>
</EventData>
</Event>
November 7th, 2012 4:34am
Hi MRMO,
This is a quick note to let you know that we are performing research on this issue. Please wait, thanks.
November 7th, 2012 10:42am
I appreciate it, and thank you Frank...
November 7th, 2012 5:35pm
When Exchange 2013 is first created you'll find that the default Enterprise Admin mailbox account is automatically added to ECP as the default login credential. IF you delete mailbox as it is logical to do, there is no way to log back into ECP
unless you first create a new admin user under the Exchange Security schema and ensure that account has a mailbox in the system. The fix is simple
1. Find another user with a mailbox already active on Exchange 2013 and give him the proper Exchange Security rights in AD that the default admin had.
2. Reboot! <--I had to reboot to get the setting to take)
I had the same issue and I realized that the only change I made was in disabling the default admin mailbox. The effect of this is that ECP will still see your correct username and password for the admin account with no mailbox, but with the mailbox disabled,
it won't log into ECP! A great undocumented feature.
HTH.
Mike
November 7th, 2012 8:29pm
No, I didn't delete or disable any accounts. As soon as the install completed I attempted to login and was unable. As a matter of fact, I have yet to be able to login to the ECP.
November 7th, 2012 9:33pm
Frank,
A couple more discoveries to consider in researching this. I got to thinking about what Mike (MToussaint) said above. Though I didn't delete or disable the account I used for installation it does show as corrupted when I do a Get-Mailbox.
This is the same account I have been using for all the install / reinstalls. So I decided to logon to a Win7 box as that account and then create a Outlook profile to see how that goes, and it wouldn't even see the mail server to create the profile, while
other test users I was able to create Outlook profiles.
Also, I found an issue with Sites & Services. About a month ago I upgraded my ISP connection, created a new Subnet and moved all my devices t othat subnet, but I forgot to add the subnet to Sites and Services.
So I don't have much confidence in my current installation, so my plan is to uninstall Exchange, scrub the VM it was installed on, delete the account used to install Exchange with and start over. I'll let you know how it goes when I'm done with the
install.
November 8th, 2012 3:50pm
I had a problem getting logged in (a script error, not a blank page), and determined that the account I used for installation was showing corruption as well. After messing around in EMS for quite a while, I found that the enable-mailbox command was
what you use to create a mailbox for an existing account. I created a mailbox for my account, and was able to log in to EAC with it. I don't know if this will help you, or even if it will give me the access I need without additional commands or
manipulation in AD to add permissions, but it might be worth trying.
November 8th, 2012 9:19pm
In my case, I have installed and uninstalled Exchange several times and the test accounts had stale / old information in the Exchange attributes from previous installations.
This is easy to fix. All I had to do was to go into ADSIEdit, select a user object, Filter on attributes with values and just clear the values - email address, database name, MTAHome, etc.
I'm just about dones cleaning up the mess, and ready to reinstall.
November 9th, 2012 12:02am
Finished reinstalling, and still no joy. Here are the steps I did, so if somebody sees something I'm missing please let me know.
- Uninstalled Exchange.
- Removed mail server from domain.
- Deleted mail server (VM).
- Deleted old Exchange Admin account used for install. Made copy of copy AD Admin account (member of Enterprise Admins and Schema Admins).
- Built new 2012 mail server (VM) and applied latest Windows Updates.
- Opened a Powershell as Administrator and ran the following commands:
- Install-WindowsFeature RSAT-ADDS
- Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth,
Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server,
Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation
- Downloaded from the internet and instaleld the following software:
- Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit
- Microsoft Office 2010 Filter Pack 64 bit
- Microsoft Office 2010 Filter Pack SP1 64 bit
- Then from Exchange media I extended the Schema:
- setup.exe /PS /IAcceptExchangeServerLicenseTerms
- setup.exe /P /OrganizationName: First Organizationname /IAcceptExchangeServerLicenseTerms
- Finally, I proceeded to install Exchange:
- Launched Setup as Administrator and took all the Defaults.
November 9th, 2012 4:37am
Deleted old Exchange Admin account used for install. Made copy of copy AD Admin account (member of Enterprise Admins and Schema Admins).
Hi MRMO,
Did you check the new admin mailbox this time whether it is still corrupted? (Though I didn't delete or disable the account I used for installation it does show as corrupted when I do a Get-Mailbox. This is the same account I have been using for
all the install / reinstalls. )
"So I decided to logon to a Win7 box as that account and then create a Outlook profile to see how that goes, and it wouldn't even see the mail server to create the profile, while other test users I was able to create Outlook profiles."
Could you please create a new test mailbox and try it again(you can create the mailbox via EMS)?
And please log on to OWA by the test mailbox, if it works, please click the Settings->Options to go to ECP page.
If it still works, please log off the OWA first, then add the test account to the "Organization Management" group via ADUC->Microsoft Exchange Security Groups.
This time, please log on to ECP page directly to see whether it works.
"Built new 2012 mail server (VM) and applied latest Windows Updates"
Just a reminder, if you cloned the VM, please make sure you create a new SID.
November 9th, 2012 5:21am
Yeah, that was the first thing I did and it looks good.
[PS] C:\Windows\system32>get-mailbox
Creating a new session for implicit remoting of "Get-Mailbox" command...
Name Alias ServerName
ProhibitSendQuota
---- ----- ----------
-----------------
DiscoverySearchMailbox... DiscoverySearchMa... mail-1 50 GB (53,687,091,200 bytes)
Exchange Admin exchange-admin mail-1 Unlimited
[PS] C:\Windows\system32>
In powershell I was able to create a mailbox by running this command:
- Enable-Mailbox -Identity DOMAIN\alias -Database "Mailbox Database 1234567890"
After creating the above mailbox I was able to create an Outlook profile. I was however prompted for credentials while logged in as that account. But I cannot log into OWA as the above account.
As far as cloning the VM, no I created it from scratch in 2012 Hyper-V to avoid that (SID) as a possible issue.
Frank, do the steps I took to build this Exchange server look correct to you?
November 9th, 2012 5:54am
By the way, this is what gets logged in the Event Viewer in the Application Log.
Log Name: Application
Source: MSExchange Front End HTTP Proxy
Date: 11/8/2012 8:30:04 PM
Event ID: 3
Task Category: Core
Level: Error
Keywords: Classic
User: N/A
Computer: mail-1.plugnplay.local
Description:
[Ecp] An internal server error occurred. The unhandled exception was: System.Security.Cryptography.CryptographicException: Invalid provider type specified.
at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()
at Microsoft.Exchange.HttpProxy.FbaModule.ParseCadataCookies(HttpApplication httpApplication)
at Microsoft.Exchange.HttpProxy.FbaModule.OnBeginRequestInternal(HttpApplication httpApplication)
at Microsoft.Exchange.HttpProxy.ProxyModule.<>c__DisplayClassa.<OnBeginRequest>b__9()
at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(TryDelegate tryDelegate, FilterDelegate filterDelegate, CatchDelegate catchDelegate)
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="MSExchange Front End HTTP Proxy" />
<EventID Qualifiers="49152">3</EventID>
<Level>2</Level>
<Task>1</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-11-09T02:30:04.000000000Z" />
<EventRecordID>4771</EventRecordID>
<Channel>Application</Channel>
<Computer>mail-1.plugnplay.local</Computer>
<Security />
</System>
<EventData>
<Data>Ecp</Data>
<Data>System.Security.Cryptography.CryptographicException: Invalid provider type specified.
at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()
at Microsoft.Exchange.HttpProxy.FbaModule.ParseCadataCookies(HttpApplication httpApplication)
at Microsoft.Exchange.HttpProxy.FbaModule.OnBeginRequestInternal(HttpApplication httpApplication)
at Microsoft.Exchange.HttpProxy.ProxyModule.<>c__DisplayClassa.<OnBeginRequest>b__9()
at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(TryDelegate tryDelegate, FilterDelegate filterDelegate, CatchDelegate catchDelegate)</Data>
</EventData>
</Event>
November 9th, 2012 5:56am
As far as cloning the VM, no I created it from scratch in 2012 Hyper-V to avoid that (SID) as a possible issue.
I didn't thoroughly read the new posts in this thread, because I don't think I can help unless my "answer" in
this thread helps (ie you need more memory/swap even though it doesn 't seem like it). However, I would like to point out that if you used the same name and joined the same domain without deleting that computer account from AD first, you still have
the same SID, because when you join a domain, you generate or inherit a new SID (depending on whether or not you are taking over an existing computer account). This is IIRC, and from Active Directory FL 2000, I just assume it hasn't changed.
November 9th, 2012 4:13pm
I think I'm doing OK with regards to resources.
CPU = 8% on average
Memory = 70% on average
Ethernet = 100Kbps on average
I made sure to disjoin the VM from the domain and then went back to "delete" the object from the directory. I then deleted the VM in Hyper-V and started all over again - didn't cut any corners when I started over.
November 9th, 2012 4:34pm
I give up.
I need a functioning Exchange server in my lab so I can work with FIM. I'm going back to Exchange 2010...
November 10th, 2012 8:30pm
Hi,
Did you change the certificate to Exchange 2013 after the installation? If you did, did you also select all the options to it (IIS, IMAP, POP etc)? I noticed in my lab that I had pretty much the same fault as you and it occurred after I changed the certificate
and enabled it to all the services by accident. However on the other node on my lab this didn't happened when I changed the certificate by choosing only "IIS" service to it.
I got my faulty node back to life by deleting the "aftermarket" certificate from the node completely and after that restarting the whole server. What I noticed was that after the restart Exchange made another self-signed certificate to itself. I did also
had to do re-bind the bindings from IIS configuration manager (for HTTPS) and change so that they both were bind to the new self-signed Exchange certificate... another one was to the old certificate and another one was blank (and after that of course restart
whole bunch of Exchange and IIS services). After that i imported the "aftermarket" certificate again and enabled it to service "IIS" on Exchange and everything was working correctly even after that... and still is (and I hope will be).
November 28th, 2012 7:22pm
Sorry, but I had to rollback to Exchange 2010 since I was falling behind on FIM 2010 R2 testing. I need a stable Exchange environment to test the email notifications in FIM. I thought going to Exchange 2013 would be as easy as it was going
to Exchange 2010, but it wasn't....
November 28th, 2012 8:52pm
Sounds like the horror years when I was still a Netware administrator and Novell kept switching their admin platforms around from NWAdmin to Console One to the web based thing I cant remember it's name, iManager or something.
How hard was it to make an MMC based admin tool for us? Seriously? Or is this one of the "wait until SP1" things like in Exchange 2007 when we didnt have a tool to manage public folders until SP1?
November 29th, 2012 12:44am
I am experiencing the same problem, see also
this thread.
-
Proposed as answer by
Joern Gutting
Sunday, April 21, 2013 9:13 PM
November 29th, 2012 6:40pm
I have the same problem as MRMO - flashes and then nothing. Tried suggestions in this thread nothing works.
Any word on a solution yet from the Microsoft mods who posted?
November 29th, 2012 8:21pm
I am experiencing the same problem, see also
this thread.
- Proposed as answer by
Joern Gutting
Sunday, April 21, 2013 9:13 PM
November 29th, 2012 9:40pm
I am experiencing the same problem, see also
this thread.
- Proposed as answer by
Joern Gutting
Sunday, April 21, 2013 9:13 PM
November 29th, 2012 9:40pm
I am experiencing the same problem, see also
this thread.
-
Proposed as answer by
Joern Gutting
Sunday, April 21, 2013 9:13 PM
November 29th, 2012 9:40pm
I managed to solve this one in my installation, see
this thread for the solution.
-
Proposed as answer by
Rudi VT
Thursday, November 29, 2012 11:44 PM
November 29th, 2012 11:44pm
I managed to solve this one in my installation, see
this thread for the solution.
- Proposed as answer by
Rudi VT
Thursday, November 29, 2012 11:44 PM
November 30th, 2012 2:44am
I managed to solve this one in my installation, see
this thread for the solution.
- Proposed as answer by
Rudi VT
Thursday, November 29, 2012 11:44 PM
November 30th, 2012 2:44am
I managed to solve this one in my installation, see
this thread for the solution.
-
Proposed as answer by
Rudi VT
Thursday, November 29, 2012 11:44 PM
November 30th, 2012 2:44am
Doesnt seem to be the case for me - here is the relevant output i receive when I type the command. Provider = (null)
================ Certificate 5 ================
Serial Number: 7882a75e7d8f688b40370094fa05957b
Issuer: CN=Microsoft Exchange Server Auth Certificate
NotBefore: 11/16/2012 6:05 PM
NotAfter: 10/21/2017 6:05 PM
Subject: CN=Microsoft Exchange Server Auth Certificate
Signature matches Public Key
Root Certificate: Subject matches Issuer
Cert Hash(sha1): 4c c5 e8 31 ad ec 8b b6 5f 48 96 4e a6 67 43 b1 60 8d 76 8c
Key Container = 243b4c10-a52e-4182-a716-398d083ef3f4
Provider = (null)
Missing stored keyset
================ Certificate 6 ================
Serial Number: 37a9238873bbd7a2472744beda652573
Issuer: CN=Microsoft Exchange Server Auth Certificate
NotBefore: 11/27/2012 8:14 PM
NotAfter: 11/1/2017 8:14 PM
Subject: CN=Microsoft Exchange Server Auth Certificate
Signature matches Public Key
Root Certificate: Subject matches Issuer
Cert Hash(sha1): 4b bc e5 c3 29 b1 35 c1 99 d7 3c 35 62 ee a1 9b e9 7b 2a 9b
Key Container = 4663dc83-e47f-4324-b0ca-0f8663bb185e
Provider = (null)
Missing stored keyset
December 5th, 2012 10:17pm
Ive had the same but solved it by making the account member of the organisation management.
March 31st, 2013 7:05pm
MRMO,
I had the exact same problem. Here's what I figured out...
You have to install CAS before the mailbox role or both at the same time. If you're wanting them on separate servers then install the CAS server first and then the mailbox server. After the mailbox server is installed the ECP will load correctly.
Either loading only CAS or the mailbox server first will cause the blank screen problem.
I installed the mailbox server first and ran into this issue. I had to start from scratch. When I installed the CAS server by itself I had the same issue until I installed the mailbox server.
I setup another test environment and installed the roles simultaneously without any problems
I hope this helps.
-
Edited by
Marshall Lucas
Monday, April 15, 2013 8:29 PM
Typo
April 15th, 2013 8:28pm
MRMO,
I had the exact same problem. Here's what I figured out...
You have to install CAS before the mailbox role or both at the same time. If you're wanting them on separate servers then install the CAS server first and then the mailbox server. After the mailbox server is installed the ECP will load correctly.
Either loading only CAS or the mailbox server first will cause the blank screen problem.
I installed the mailbox server first and ran into this issue. I had to start from scratch. When I installed the CAS server by itself I had the same issue until I installed the mailbox server.
I setup another test environment and installed the roles simultaneously without any problems
I hope this helps.
- Edited by
Marshall Lucas
Monday, April 15, 2013 8:29 PM
Typo
April 15th, 2013 11:28pm
MRMO,
I had the exact same problem. Here's what I figured out...
You have to install CAS before the mailbox role or both at the same time. If you're wanting them on separate servers then install the CAS server first and then the mailbox server. After the mailbox server is installed the ECP will load correctly.
Either loading only CAS or the mailbox server first will cause the blank screen problem.
I installed the mailbox server first and ran into this issue. I had to start from scratch. When I installed the CAS server by itself I had the same issue until I installed the mailbox server.
I setup another test environment and installed the roles simultaneously without any problems
I hope this helps.
- Edited by
Marshall Lucas
Monday, April 15, 2013 8:29 PM
Typo
April 15th, 2013 11:28pm
MRMO,
I had the exact same problem. Here's what I figured out...
You have to install CAS before the mailbox role or both at the same time. If you're wanting them on separate servers then install the CAS server first and then the mailbox server. After the mailbox server is installed the ECP will load correctly.
Either loading only CAS or the mailbox server first will cause the blank screen problem.
I installed the mailbox server first and ran into this issue. I had to start from scratch. When I installed the CAS server by itself I had the same issue until I installed the mailbox server.
I setup another test environment and installed the roles simultaneously without any problems
I hope this helps.
-
Edited by
Marshall Lucas
Monday, April 15, 2013 8:29 PM
Typo
April 15th, 2013 11:28pm
Hey Marshall,
Did you have to blow out your CAS server or where you able to just re-install the mailbox server. I installed the Mailbox server first as well as it was the logical thing to do :)
May 1st, 2013 9:35pm
Actually the first time I ran into this problem I had to remove the mailbox role and then install CAS first. The next time I ran into the problem I was able to install CAS on a second server and everything worked correctly.
-
Proposed as answer by
Aaron Paul Rykhus
Sunday, May 05, 2013 10:47 AM
May 2nd, 2013 2:44pm
Actually the first time I ran into this problem I had to remove the mailbox role and then install CAS first. The next time I ran into the problem I was able to install CAS on a second server and everything worked correctly.
- Proposed as answer by
Aaron Paul Rykhus
Sunday, May 05, 2013 10:47 AM
May 2nd, 2013 5:44pm
Actually the first time I ran into this problem I had to remove the mailbox role and then install CAS first. The next time I ran into the problem I was able to install CAS on a second server and everything worked correctly.
- Proposed as answer by
Aaron Paul Rykhus
Sunday, May 05, 2013 10:47 AM
May 2nd, 2013 5:44pm
Actually the first time I ran into this problem I had to remove the mailbox role and then install CAS first. The next time I ran into the problem I was able to install CAS on a second server and everything worked correctly.
-
Proposed as answer by
Aaron Paul Rykhus
Sunday, May 05, 2013 10:47 AM
May 2nd, 2013 5:44pm
I My case.
Login by Domain Admin was failing, so
I created new user account in AD. and Added this user to Administrator group. And relogin with this user and I could login to ECP.
Manoj
November 13th, 2013 1:41am
Here's what we did that fixed this.
set-ecpvirtualdirectory -Identity "ecp (default web site)" -windowsauthentication $true -formsauthentication $false
do an ipconfig /flushdns on your desktop.
log in to your ecp with https://yourservername/ecp/?exchclientver=15
December 31st, 2013 12:18pm
Here's what we did that fixed this.
set-ecpvirtualdirectory -Identity "ecp (default web site)" -windowsauthentication $true -formsauthentication $false
do an ipconfig /flushdns on your desktop.
log in to your ecp with https://yourservername/ecp/?exchclientver=15
This Fixed it for me!
Oh, and by the way - Thank you Microsoft for designing Exchange 2013 like your Arse. Getting redirected to your 2010 Mailbox when clearly trying to access the Admin Console (from /ecp to /owa) is a colossal screwup on your end.
Thanx for always making it a bloody nightmare to migrate / use your products. I'm going to start looking into Openchange and if it works as expected - switch us to a LINUX mail server.
-
Edited by
JJBotha
Thursday, December 11, 2014 7:21 AM
Added comment
December 11th, 2014 6:59am
Here's what we did that fixed this.
set-ecpvirtualdirectory -Identity "ecp (default web site)" -windowsauthentication $true -formsauthentication $false
do an ipconfig /flushdns on your desktop.
log in to your ecp with https://yourservername/ecp/?exchclientver=15
This Fixed it for me!
Oh, and by the way - Thank you Microsoft for designing Exchange 2013 like your Arse. Getting redirected to your 2010 Mailbox when clearly trying to access the Admin Console (from /ecp to /owa) is a colossal screwup on your end.
Thanx for always making it a bloody nightmare to migrate / use your products. I'm going to start looking into Openchange and if it works as expected - switch us to a LINUX mail server.
-
Edited by
JJBotha
Thursday, December 11, 2014 7:21 AM
Added comment
December 11th, 2014 9:59am
In my case the problem was that I tried to install the exchange in another server and it give me an error. I create another server and install everything again and works but with this problem. I tried to log in and the screen became white.
I use the command "get-mailbox" and see that my administrator was in the old database (my first installation). This was my problem.
I just open the ADSIEDIT looked for mt Adminstrator clicked in
Properties and delete the information on homeMDB and
msExchHomeServer. After that I checked again with the command "get-mailbox"
and the account had disappear.
After that I create again the account with the command "enable-mailbox -identity DOMAIN\Administrator
That's it.
It worked to me I hope it can help someone.
February 4th, 2015 5:55am
It didn't create me a new cert, but a certificte with friendly name "exchange" was ok to use with IIS bindings. After the binding I had to IISRESET once more
August 26th, 2015 1:55am