Exchange 2013 SP1 -OWA and ECP login authentication

Coexisting with Exchange 2007 in the same Org.
Just been through a nightmare where I changed the authentication type from Basic and Forms to Windows Integrated Authentication through the EAC for OWA and ECP. It broke them completely. Three hours later after rebuilding the two virtual directories I have
it working.
So I learnt about the backend process for both ECP and OWA and realised I have to have the authentication types the same in front and back end.
1. Is there a way to set authentication for both components at the same time? (that's a stoopid design)
2. So now I have integrated authentication- but I cannot login as someone else unless of course I login to windows as that other person. Which authentication do I need to add  to allow prompting ifor other credentials (or is this not possible)?
3. Set-ECPvirtualdirectory can set the backend but get-ecpvirtualdirectory can not. It was really difficult to see the two sections had different authentication settings. Is there a way to see them?

I would recommend Basic Authentication and set Group Policy to add Exchange URLs to Trusted sites and modify IE settings to "Automatic login using current username/password" option for trusted settings.
This way Single-Signon would work for domain joined systems and Basic authentication would prompt for any unsuccessful logins
However, from the best practices perspective, I would recommend Form based authentication, unless there are business reasons for not doing it this way.
- Sarvesh Goel - Enterprise Messaging Administrator

Similar Messages

  • Exchange 2013 SP1 OWA something went wrong

    Hi,
    I have a three node exchange 2013 DAG cluster that I upgraded to SP1 three days ago.   All email flows currently work and ECP is available on all node on all browsers for all users.   OWA was working on 2013 CU3.   After 
    the upgrade to SP1  and I confirmed that all email flows were working,  I did change the administrators  username.  I noticed OWA problems after that, but they would have happened before the administrator rename.  I have confirmed 
    certificates and binding are correct on all three nodes.  I did rebuild the OWA directory on one node with no success.
    However OWA is only available using Firefox (tested on several users on several machines) .   Logging on to ECP using IE 11 works fine (multiple users) Logging on to OWA using  IE 11 give me the error.  This is happening on
    all three nodes using IE 11 but not Firefox 27
    something went wrong
    Sorry, we can't get that information right now. Please try again later. If the problem continues, contact your helpdesk.
    X-OWA-Error: ClientError;exMsg='_u' is undefined;file=ReferenceError: '_u' is undefined at $LE (https://exch02.loran3.net/owa/prem/15.0.847.32/scripts/boot.1.mouse.js:1:155) at Anonymous function (https://exch02.loran3.net/owa/prem/15.0.847.32/scripts/boot.1.mouse.js:1:305913) at $8J (https://exch02.loran3.net/owa/prem/15.0.847.32/scripts/boot.0.mouse.js:91:60172) at $E (https://exch02.loran3.net/owa/prem/15.0.847.32/scripts/boot.0.mouse.js:91:59789) at $4pj (https://exch02.loran3.net/owa/prem/15.0.847.32/scripts/boot.0.mouse.js:91:57814) at $6JC (https://exch02.loran3.net/owa/prem/15.0.847.32/scripts/boot.0.mouse.js:91:58302) at Anonymous function (https://exch02.loran3.net/owa/prem/15.0.847.32/scripts/boot.1.mouse.js:1:306768) at $8J (https://exch02.loran3.net/owa/prem/15.0.847.32/scripts/boot.0.mouse.js:91:60172) at $E (https://exch02.loran3.net/owa/prem/15.0.847.32/scripts/boot.0.mouse.js:91:59789) at $4pj (https://exch02.loran3.net/owa/prem/15.0.847.32/scripts/boot.0.mouse.js:91:57814):406
    X-OWA-Version: 15.0.847.32
    X-FEServer: EXCH02
    X-BEServer: null
    Date: 1/2/1601 2:43:20 PM
      Log Name:      System
    Source:        Microsoft-Windows-DistributedCOM
    Date:          3/13/2014 11:45:50 PM
    Event ID:      10028
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          SYSTEM
    Computer:      exch01.loran3.net
    Description:
    DCOM was unable to communicate with the computer EXCH02.loran3.net using any of the configured protocols; requested by PID     115c (c:\windows\system32\inetsrv\w3wp.exe).
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
        <EventID Qualifiers="0">10028</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8080000000000000</Keywords>
        <TimeCreated SystemTime="2014-03-14T05:45:50.109325400Z" />
        <EventRecordID>12481</EventRecordID>
        <Correlation />
        <Execution ProcessID="596" ThreadID="1372" />
        <Channel>System</Channel>
        <Computer>exch01.loran3.net</Computer>
        <Security UserID="S-1-5-18" />
      </System>
      <EventData>
        <Data Name="param1">EXCH02.loran3.net</Data>
        <Data Name="param2">    115c</Data>
        <Data Name="param3">c:\windows\system32\inetsrv\w3wp.exe</Data>
        <Binary>3C5265636F726423313A20436F6D70757465723D286E756C6C293B5069643D3539363B332F31342F3230313420353A34353A35303A3130393B5374617475733D313832353B47656E636F6D703D323B4465746C6F633D313436313B466C6167733D303B506172616D733D303B3E3C5265636F726423323A20436F6D70757465723D286E756C6C293B5069643D3539363B332F31342F3230313420353A34353A35303A3130393B5374617475733D313832353B47656E636F6D703D323B4465746C6F633D3135333B466C6167733D303B506172616D733D343B7B506172616D23303A2D323134363839333030367D7B506172616D23313A347D7B506172616D23323A36383132367D7B506172616D23333A317D3E</Binary>
      </EventData>
    </Event>                   ---------------------                 I am also getting
    the following error
    Log Name:      Application
    Source:        ASP.NET 4.0.30319.0
    Date:          3/14/2014 12:46:26 AM
    Event ID:      1309
    Task Category: Web Event
    Level:         Warning
    Keywords:      Classic
    User:          N/A
    Computer:      exch01.loran3.net
    Description:
    Event code: 3005
    Event message: An unhandled exception has occurred.
    Event time: 3/14/2014 12:46:26 AM
    Event time (UTC): 3/14/2014 6:46:26 AM
    Event ID: 7741cd563e154a14a0ba52343b4e30ee
    Event sequence: 328
    Event occurrence: 87
    Event detail code: 0
    Application information:
        Application domain: /LM/W3SVC/2/ROOT/owa-1-130392504882416692
        Trust level: Full
        Application Virtual Path: /owa
        Application Path: C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\owa\
        Machine name: EXCH01
    Process information:
        Process ID: 8756
        Process name: w3wp.exe
        Account name: NT AUTHORITY\SYSTEM
    Exception information:
        Exception type: MapiExceptionIllegalCrossServerConnection
        Exception message: MapiExceptionIllegalCrossServerConnection: Monitoring mailbox [] with application ID [Client=OWA] is not allowed to make cross-server calls from [EXCH01.loran3.net] to [EXCH03.loran3.net]
       at Microsoft.Mapi.CrossServerDiagnostics.BlockCrossServerCall(ExRpcConnectionInfo connectionInfo, String mailboxDescription)
       at Microsoft.Mapi.CrossServerConnectionPolicy.CheckAndBlockMonitoringMailboxes(ExRpcConnectionInfo connectionInfo)
       at Microsoft.Mapi.CrossServerConnectionPolicy.Apply(ExRpcConnectionInfo connectionInfo)
       at Microsoft.Mapi.ExRpcConnectionFactory.Create(ExRpcConnectionInfo connectionInfo)
       at Microsoft.Mapi.MapiStore.OpenMapiStore(String serverDn, String userDn, String mailboxDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, String httpProxyServerName, ConnectFlag connectFlags, OpenStoreFlag
    storeFlags, CultureInfo cultureInfo, Boolean wantRedirect, String& correctServerDN, ClientIdentityInfo clientIdentity, Boolean unifiedLogon, String applicationId, Client xropClient, Boolean wantWebServices, Byte[] clientSessionInfo, TimeSpan connectionTimeout,
    TimeSpan callTimeout, Byte[] tenantHint)
       at Microsoft.Mapi.MapiStore.OpenMailbox(String serverDn, String userDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, ConnectFlag connectFlags, OpenStoreFlag storeFlags, CultureInfo cultureInfo, ClientIdentityInfo
    clientIdentity, String applicationId, Byte[] tenantPartitionHint, Boolean unifiedLogon)
       at Microsoft.Exchange.Data.Storage.MailboxSession.ForceOpen(MapiStore linkedStore, Boolean unifiedSession)
    Request information:
        Request URL:
    https://localhost:444/owa/proxylogon.owa
        Request path: /owa/proxylogon.owa
        User host address: 127.0.0.1
        User: LORAN3\SM_ae42d22c64ff48a5a
        Is authenticated: True
        Authentication Type: Kerberos
        Thread account name: NT AUTHORITY\SYSTEM
    Thread information:
        Thread ID: 39
        Thread account name: NT AUTHORITY\SYSTEM
        Is impersonating: False
        Stack trace:    at Microsoft.Mapi.CrossServerDiagnostics.BlockCrossServerCall(ExRpcConnectionInfo connectionInfo, String mailboxDescription)
       at Microsoft.Mapi.CrossServerConnectionPolicy.CheckAndBlockMonitoringMailboxes(ExRpcConnectionInfo connectionInfo)
       at Microsoft.Mapi.CrossServerConnectionPolicy.Apply(ExRpcConnectionInfo connectionInfo)
       at Microsoft.Mapi.ExRpcConnectionFactory.Create(ExRpcConnectionInfo connectionInfo)
       at Microsoft.Mapi.MapiStore.OpenMapiStore(String serverDn, String userDn, String mailboxDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, String httpProxyServerName, ConnectFlag connectFlags, OpenStoreFlag
    storeFlags, CultureInfo cultureInfo, Boolean wantRedirect, String& correctServerDN, ClientIdentityInfo clientIdentity, Boolean unifiedLogon, String applicationId, Client xropClient, Boolean wantWebServices, Byte[] clientSessionInfo, TimeSpan connectionTimeout,
    TimeSpan callTimeout, Byte[] tenantHint)
       at Microsoft.Mapi.MapiStore.OpenMailbox(String serverDn, String userDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, ConnectFlag connectFlags, OpenStoreFlag storeFlags, CultureInfo cultureInfo, ClientIdentityInfo
    clientIdentity, String applicationId, Byte[] tenantPartitionHint, Boolean unifiedLogon)
       at Microsoft.Exchange.Data.Storage.MailboxSession.ForceOpen(MapiStore linkedStore, Boolean unifiedSession)
    Custom event details:
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="ASP.NET 4.0.30319.0" />
        <EventID Qualifiers="32768">1309</EventID>
        <Level>3</Level>
        <Task>3</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2014-03-14T06:46:26.000000000Z" />
        <EventRecordID>115079</EventRecordID>
        <Channel>Application</Channel>
        <Computer>exch01.loran3.net</Computer>
        <Security />
      </System>
      <EventData>
        <Data>3005</Data>
        <Data>An unhandled exception has occurred.</Data>
        <Data>3/14/2014 12:46:26 AM</Data>
        <Data>3/14/2014 6:46:26 AM</Data>
        <Data>7741cd563e154a14a0ba52343b4e30ee</Data>
        <Data>328</Data>
        <Data>87</Data>
        <Data>0</Data>
        <Data>/LM/W3SVC/2/ROOT/owa-1-130392504882416692</Data>
        <Data>Full</Data>
        <Data>/owa</Data>
        <Data>C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\owa\</Data>
        <Data>EXCH01</Data>
        <Data>
        </Data>
        <Data>8756</Data>
        <Data>w3wp.exe</Data>
        <Data>NT AUTHORITY\SYSTEM</Data>
        <Data>MapiExceptionIllegalCrossServerConnection</Data>
        <Data>MapiExceptionIllegalCrossServerConnection: Monitoring mailbox [] with application ID [Client=OWA] is not allowed to make cross-server calls from [EXCH01.loran3.net] to [EXCH03.loran3.net]
       at Microsoft.Mapi.CrossServerDiagnostics.BlockCrossServerCall(ExRpcConnectionInfo connectionInfo, String mailboxDescription)
       at Microsoft.Mapi.CrossServerConnectionPolicy.CheckAndBlockMonitoringMailboxes(ExRpcConnectionInfo connectionInfo)
       at Microsoft.Mapi.CrossServerConnectionPolicy.Apply(ExRpcConnectionInfo connectionInfo)
       at Microsoft.Mapi.ExRpcConnectionFactory.Create(ExRpcConnectionInfo connectionInfo)
       at Microsoft.Mapi.MapiStore.OpenMapiStore(String serverDn, String userDn, String mailboxDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, String httpProxyServerName, ConnectFlag connectFlags, OpenStoreFlag
    storeFlags, CultureInfo cultureInfo, Boolean wantRedirect, String&amp; correctServerDN, ClientIdentityInfo clientIdentity, Boolean unifiedLogon, String applicationId, Client xropClient, Boolean wantWebServices, Byte[] clientSessionInfo, TimeSpan connectionTimeout,
    TimeSpan callTimeout, Byte[] tenantHint)
       at Microsoft.Mapi.MapiStore.OpenMailbox(String serverDn, String userDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, ConnectFlag connectFlags, OpenStoreFlag storeFlags, CultureInfo cultureInfo, ClientIdentityInfo
    clientIdentity, String applicationId, Byte[] tenantPartitionHint, Boolean unifiedLogon)
       at Microsoft.Exchange.Data.Storage.MailboxSession.ForceOpen(MapiStore linkedStore, Boolean unifiedSession)
    </Data>
        <Data>https://localhost:444/owa/proxylogon.owa</Data>
        <Data>/owa/proxylogon.owa</Data>
        <Data>127.0.0.1</Data>
        <Data>LORAN3\SM_ae42d22c64ff48a5a</Data>
        <Data>True</Data>
        <Data>Kerberos</Data>
        <Data>NT AUTHORITY\SYSTEM</Data>
        <Data>39</Data>
        <Data>NT AUTHORITY\SYSTEM</Data>
        <Data>False</Data>
        <Data>   at Microsoft.Mapi.CrossServerDiagnostics.BlockCrossServerCall(ExRpcConnectionInfo connectionInfo, String mailboxDescription)
       at Microsoft.Mapi.CrossServerConnectionPolicy.CheckAndBlockMonitoringMailboxes(ExRpcConnectionInfo connectionInfo)
       at Microsoft.Mapi.CrossServerConnectionPolicy.Apply(ExRpcConnectionInfo connectionInfo)
       at Microsoft.Mapi.ExRpcConnectionFactory.Create(ExRpcConnectionInfo connectionInfo)
       at Microsoft.Mapi.MapiStore.OpenMapiStore(String serverDn, String userDn, String mailboxDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, String httpProxyServerName, ConnectFlag connectFlags, OpenStoreFlag
    storeFlags, CultureInfo cultureInfo, Boolean wantRedirect, String&amp; correctServerDN, ClientIdentityInfo clientIdentity, Boolean unifiedLogon, String applicationId, Client xropClient, Boolean wantWebServices, Byte[] clientSessionInfo, TimeSpan connectionTimeout,
    TimeSpan callTimeout, Byte[] tenantHint)
       at Microsoft.Mapi.MapiStore.OpenMailbox(String serverDn, String userDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, ConnectFlag connectFlags, OpenStoreFlag storeFlags, CultureInfo cultureInfo, ClientIdentityInfo
    clientIdentity, String applicationId, Byte[] tenantPartitionHint, Boolean unifiedLogon)
       at Microsoft.Exchange.Data.Storage.MailboxSession.ForceOpen(MapiStore linkedStore, Boolean unifiedSession)
    </Data>
      </EventData>
    </Event>

    Thanks
    I have three  servers exch01,exch02,and exch03.  All three have both CAS and mailbox server roles.   This problem  does not occur using firefox (OWA and ECP are available) but the problem occurs with IE 11  and safari (ECP
    work, OWA dos not)  I have tried this from different machines and different users.  I have cleared the browser's cache and have even reloaded the client machines.  The problem occurs across all three exchange servers. 
    I have used iis manager to confirm the binding are correct. (works on Firefox) 
    From the local server ,  If I browse to
    https://localhost/ecp  I get my ecp page.   If I browse to
    https://localhost/owaI get the something went wrong page (X-OWA-Error: ClientError;exMsg='_u' is undefined;file=ReferenceError: '_u' is undefined)
    If I try to browse to https://localhost:444/owa/proxylogon.owa  I get the error page "this page cannot be displayed"
    I confirmed port 444 bindings are correct

  • Exchange 2013 Sp1 OWA Error

    Hi,
    I installed a new exch2013 sp1 server and created few users.
    In that Administrator can able to access OWA & Admin Center without any error.
    Where Other users not able to access OWA- its prompting error Something Went wrong.
    I didn't check with Outlook client.
    I gone thru forums and reset the Virtual Directory, Cleared the Exchcanary data 0,1,2 using ADSI edit.
    Nothing works. Please help me to resolve this issue.
    Regards
    Dinesh

    Hi Dinesh,
    From your description, I recommend you use the Test-ServiceHealth cmdlet to check if all services Exchange server needed are started. If no, please start the services Exchange server needed and check the result.
    What's more, please make sure that OWA is enabled for other users.
    Hope it helps.
    Best regards,
    Amy Wang
    TechNet Community Support

  • Viewing attachments in Public Folders in Exchange 2013 SP1 OWA

    Hello!
    Tell me please should the file preview work in Public Folders (for example for docx files) in OWA 2013 SP1? This file can be easily opened in MS Word but clicking the
    Preview leads to the following error:
    Thank you in advance,
    Michael

    Hi Jessie,
    Thank you for your help!
    "To preview these files in Inbox in OWA, Exchange 2013 could has its own process to achieve this function. I tried it in Exchange 2013 CU1 environment, it is also working when previewing these files in the Inbox
    in OWA." - that's the only possible explanation... but it means this article is not correct:
    http://technet.microsoft.com/library/2591b1be-92c4-4192-9f5e-e4e6b319170a"
    "By default, the following file types are displayed
    using Office Web Apps Server:
    Word documents (doc, docx, dotx, dot, dotm extensions)
    Excel documents (xls, xlsx, xlsm, xlm, xlsb extensions)
    PowerPoint documents (ppt, pptx, pps, ppsx, potx, pot, pptm, potm, ppsm extensions)
    ...cause I can preview files without Office Web Apps Server. Why there's no corresponding information on technet?
    To put it mildly, documentation for Exchange 2013 is rather strange...
    Regards,
    Michael

  • Exchange 2013 SP1 OWA the page can't be displayed issue

    OWA the page can't be displayed
    Hi,  i've Exchange topology (upgraded from 2007 one server)
    2 CAS servers NLB with VIP 172.16.0.98
    2 MBX Servers DAG with DAG
    using Cisco ASA NAT public IP for example 9.9.9.9 ....> 172.16.0.98
    i've created split DNS zone for public domain in internal DNS to unify URLs internal and external Mail.Domain.Com
    i've created internal zone called Mail.Domain.Com and Autodiscover.domain.com point to VIP 172.16.0.98
    Everything is OK but sometimes users report when they access OWA from inside or outside when user submit user/ pass faced error  the page can't be displayed?
    i tried this this user from different browsers and different computer the same issue 
    if i tried another user from the same computer it works fine
    the strangest point after 30-60 minutes it backs to live and everything going fine
    i checked event viewer there is nothing related to this issue.
    in sometimes if i tried to access manual to CAS1.Domain.Local / IP address/ owa it works fine.
     URL changes to https://Mail.Domain.Com/owa/auth.owa
    i red some about putting my public domain as remote domain but it's not clear !
    any ideas please?

    If it works properly when connecting directly to the server, then something is misconfigured in the load balancer or something else in that data path.
    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Thanks Ed, 
    NLB converged is OK. and all users are running well, except while this issue accrued.
    i checked event viewer under exchange managed availability 
    EMSMDB.Connect() step of ComplianceOutlookLogonToArchiveMapiHttpCtpProbe/MBX2DB2 has failed against ExCAS1.Domain.LOCAL proxying to Unknown for [email protected].
    Latency: 00:00:00.0380000
    ActivityContext: 
    Outline: [37]6/19/2014 11:27:05 AM [FAILED!] EMSMDB.Connect(); 
    Likely root cause: UnknownIssue
    Details: 
    Error: Error returned in ConnectCallResult. Error code = LogonFailed (0x80040111)
    Log:     Mailbox logon verification
            EMSMDB.Connect()
            Task produced output:
            - TaskStarted = 6/19/2014 11:27:05 AM
            - TaskFinished = 6/19/2014 11:27:05 AM
            - Exception = Microsoft.Exchange.RpcClientAccess.RopExecutionException: Error returned in ConnectCallResult. Error code = LogonFailed (0x80040111) ---> System.Exception: Microsoft.Exchange.RpcClientAccess.Server.LoginFailureException:
    Unable to access AD (StoreError=LoginFailure) ---> Microsoft.Exchange.Data.Storage.MailboxInfoStaleException: Can't connect to the mailbox of user Mailbox database guid: d020aa7f-371b-4da5-808a-3a5d18dc8d81 because the ExchangePrincipal object
    contains outdated information. The mailbox may have been moved recently. ---> Microsoft.Exchange.Data.Storage.DatabaseNotFoundException: The database with ID d020aa7f-371b-4da5-808a-3a5d18dc8d81 couldn't be found.
       at Microsoft.Exchange.Data.Storage.ActiveManager.ActiveManager.GetServerNameForDatabase(Guid databaseId, GetServerForDatabaseFlags gsfdFlags, IPerformanceDataLogger perfLogger, IADDatabase& database)
       at Microsoft.Exchange.Data.Storage.ActiveManager.ActiveManager.GetServerForDatabase(Guid databaseId, GetServerForDatabaseFlags gsfdFlags, IPerformanceDataLogger perfLogger)
       at Microsoft.Exchange.Data.Storage.DatabaseLocationProvider.GetLocationInfo(Guid mdbGuid, Boolean bypassCache, Boolean ignoreSiteBoundary)
       --- End of inner exception stack trace ---
       at Microsoft.Exchange.Data.Storage.DatabaseLocationProvider.GetLocationInfo(Guid mdbGuid, Boolean bypassCache, Boolean ignoreSiteBoundary)
       at Microsoft.Exchange.RpcClientAccess.Server.UserManager.User.UpdatePrincipalCacheIfNeeded()
       at Microsoft.Exchange.RpcClientAccess.Server.UserManager.User.UpdatePrincipalCacheWrapped(Boolean ignoreCrossForestMailboxErrors)
       --- End of inner exception stack trace ---
       at Microsoft.Exchange.RpcClientAccess.Server.UserManager.User.UpdatePrincipalCacheWrapped(Boolean ignoreCrossForestMailboxErrors)
       at Microsoft.Exchange.RpcClientAccess.Server.UserManager.Get(SecurityIdentifier authenticatedUserSid, String actAsLegacyDN, String userDomain)
       at Microsoft.Exchange.RpcClientAccess.Server.RpcDispatch.<>c__DisplayClassc.<EcDoConnectEx>b__8()
       at Microsoft.Exchange.RpcClientAccess.Server.RpcDispatch.Execute(Func`1 getExecuteParameters, Func`1 executeDelegate, Action`1 exceptionSerializationDelegate)
       --- End of inner exception stack trace ---
            - ErrorDetails = 
            - RespondingRpcClientAccessServerVersion = 15.0.847.30
            - Latency = 00:00:00.0377761
        EMSMDB.Connect() failed.
        Task produced output:
        - TaskStarted = 6/19/2014 11:27:05 AM
        - TaskFinished = 6/19/2014 11:27:05 AM
        - Exception = Microsoft.Exchange.RpcClientAccess.RopExecutionException: Error returned in ConnectCallResult. Error code = LogonFailed (0x80040111) ---> System.Exception: Microsoft.Exchange.RpcClientAccess.Server.LoginFailureException: Unable
    to access AD (StoreError=LoginFailure) ---> Microsoft.Exchange.Data.Storage.MailboxInfoStaleException: Can't connect to the mailbox of user Mailbox database guid: d020aa7f-371b-4da5-808a-3a5d18dc8d81 because the ExchangePrincipal object contains outdated
    information. The mailbox may have been moved recently. ---> Microsoft.Exchange.Data.Storage.DatabaseNotFoundException: The database with ID d020aa7f-371b-4da5-808a-3a5d18dc8d81 couldn't be found.
       at Microsoft.Exchange.Data.Storage.ActiveManager.ActiveManager.GetServerNameForDatabase(Guid databaseId, GetServerForDatabaseFlags gsfdFlags, IPerformanceDataLogger perfLogger, IADDatabase& database)
       at Microsoft.Exchange.Data.Storage.ActiveManager.ActiveManager.GetServerForDatabase(Guid databaseId, GetServerForDatabaseFlags gsfdFlags, IPerformanceDataLogger perfLogger)
       at Microsoft.Exchange.Data.Storage.DatabaseLocationProvider.GetLocationInfo(Guid mdbGuid, Boolean bypassCache, Boolean ignoreSiteBoundary)
       --- End of inner exception stac
    if user access to ExMBX2.Domain.Local it works fine.?
    any ideas please ?

  • Lync integration not working after Exchange 2013 SP1 is installed...

    Hi,
    I have two Exchange 2013 servers running and everything is fine, almost.
    The problem is that on the first server we had OWA with Lync integration working before installing SP1, but after the installation of SP1, it doesn't Work any more.
    The second server was installed with SP1 from the start, but we can't get the Lync integration to Work on this one either..
    When we log in to OWA, it just starts to sign in but then says "there was a problem signing in, if this continues please contact your helpdesk"
    I have checked the Exchange server for events, and i can see the event ID 112 everytime i recycle the Application Pool, so there are some connection between Exchange and Lync..
    Have any of you Guys seen or experienced any thing like this?
    Thanks in advance.
    Regards
    Kenneth

    Hi,
    I recommend that you refer to the following article to troubleshoot the issue:
    Troubleshooting tips for Exchange 2013 OWA IM Integration to Lync 2013
    This post describes how to configure Exchange 2013 OWA to have IM integration to Lync 2013. Here I would like to give some troubleshooting tips in case you can't get the integration to work.
    In addition, here is a similar thread for your reference:
    Lync 2013 with Exchange 2013 SP1 OWA integration failed   
    Hope this helps!
    Thanks.                              
    Niko Cheng
    TechNet Community Support

  • Exchange 2013 SP1 setup fails at prerequisite Analysis

    I installed a completely new server network with Hyper-v 2012R2
    I installed two virtual 2012R2 servers: DC01 as the Domain Controller of "testdomain.local" and EX01 as the Exchange server.
    EX01 is joined the domain "testdomain" from DC01
    I log in on EX01 with an in AD created testdomain\exadmin account who is member of domain admins, enterprise admins, schema admins, administrators and group policy creator owners.
    I have run the command Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience,
    NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing,
    Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression,
    Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, Telnet-Client, RSAT-ADDS
    on EX01
    I have installed the Microsoft Unified Communications Managed API 4.0
    Then I run the Exchange 2013 SP1 setup and the prerequisite check gives the following errors:
    Error:
    You must be a member of the 'Organization Management' role group or a member of the 'Enterprise Admins' group to continue.
    For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.GlobalServerInstall.aspx
    Error:
    You must use an account that's a member of the Organization Management role group to install or upgrade the first Mailbox server role in the topology.
    For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.DelegatedBridgeheadFirstInstall.aspx
    Error:
    You must use an account that's a member of the Organization Management role group to install the first Client Access server role in the topology.
    For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.DelegatedCafeFirstInstall.aspx
    Error:
    You must use an account that's a member of the Organization Management role group to install the first Client Access server role in the topology.
    For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.DelegatedFrontendTransportFirstInstall.aspx
    Error:
    You must use an account that's a member of the Organization Management role group to install or upgrade the first Mailbox server role in the topology.
    For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.DelegatedMailboxFirstInstall.aspx
    Error:
    You must use an account that's a member of the Organization Management role group to install or upgrade the first Client Access server role in the topology.
    For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.DelegatedClientAccessFirstInstall.aspx
    Error:
    You must use an account that's a member of the Organization Management role group to install the first Mailbox server role in the topology.
    For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.DelegatedUnifiedMessagingFirstInstall.aspx
    Error:
    Setup encountered a problem while validating the state of Active Directory: Active Directory server  is not available. Error message: Active directory response: The LDAP server is unavailable.  See the Exchange setup log for more information on this
    error.
    For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.AdInitErrorRule.aspx
    Error:
    Either Active Directory doesn't exist, or it can't be contacted.
    For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.CannotAccessAD.aspx
    I can connect with the Active Directory Sites and Domains and other applets to the AD. So Why these errors???
    HELP!
    Regards, Manu
    Manu van Winkel

    Hi, thanks for the answer.
    I restarted the server and did the "run as administrator": same result.
    The first errormessage in the exchangesetup.log is:
    [ERROR] Setup encountered a problem while validating the state of Active Directory: Active Directory server  is not available. Error message: Active directory response: The LDAP server is unavailable.  See the Exchange setup log for more information
    on this error.
    When I run dcdiag /s:DC01 from EX01 it passes all tests except:
    DFSREvent "The RPC server is unavailable"
    KccEvent "The RPC server is unavailable."
    SystemLog  "The RPC server is unavailable."
    Could these be of any influence?
    Running dcdiag on DC01 passes all tests.
    The only thing I changed after setting up DC01, was changing the fixed IP-adres from 192.168.25.3 to 192.168.25.2, but I ran ipconfig /flushdns and ipconfig /registerdns and dcdiag /fix afterwards.
    The only roles installed on DC01 are AD DS (I tried installing exchange before and after adding the AD DS role), AD, DNS, DHCP and Fileservices
    I don't know where to look anymore....
    Manu van Winkel

  • Exchange 2013: how to set up multiple domain for OWA and ECP

    Exchange 2013 on Windows 2012R2
    Currently we have set this up using the guide below:
    http://mouzzamh.wordpress.com/2013/02/04/accessing-owa-from-multiple-domain-url/
    We can access OWA and ECP using the internal IP address/owa or ECP but when we use the URL it fails.
    We gave it an external IP address as well just to check if it will externally since the external DNS are pointing to the correct records: same issue it only works on IP address/owa or /ecp
    We were able to follow the guide from start to finish including the certs..
    The only difference on the guide and our exchange IIS environment for the new website is when he mentioned "Under IIS Settings / ISAPI and CGI Restrictions" we only have "ISAPI filters"...." ISAPI and CGI Restrictions" is only
    applicable to the default and backend website..
    Also, when the guide points to the path, should it be the new website path?
    Or maybe to avoid confusion, can anyone guide me on how to do it or any other guide that helped you if ever you had the same issue as mine?
    Thanks.

    Hi,
    Please run the following to check your OWA virtual directories for all web sites:
    Get-OWAVirtualDirectory | FL Identity,*URL*,path
    Personal suggestion, please consider to deploy another new CAS server. Then we can configure different OWA URLs in different servers. And pointed mail.domain.com and webmail.domain.com to two CAS servers respectively.
    Regards,
    Winnie Liang
    TechNet Community Support

  • Exchange 2013 issue / OWA time-out and WiFi/Cell problem.

    Hi everybody,
    I'm having some issues with an Exchange 2013 server.
    When some users try to logon to the OWA page it keeps loading the page and ends with a time-out.
    This only applies to 6 or 7 users, other users can login and open the page.
    I tried to replace the signed certificate to solve this problem, and did a online analyzer check, most tests come out good.
    I can't seem to find the source of this problem.
    There are also multiple users that are having trouble to receive e-mail through the wifi on phones and tablets at home but when they switch to 3g it works fine.
    You might need more information, just ask.. i don't know where to search anymore.
    I tried inheritance on the AD, disabled SSL in the IIS, restarted the server, replaced the signed cert. etc.
    Update:
    I set the selfsigned cert in the IIS default web page,, to check if it responds to the certificate and it does, so the issue doesn't come from the certificate.
    This issue probably came up after CU1, and i've read something about healthboxes..
    I'm going to install CU6 and hope for good result.
    Kind regards,
    Tim

    I've installed CU6, only one of the six users have gained access to OWA or ECP.
    Al the other users won't get a logon screen, just a blank page.
    So there is no option to insert a username or password to login, the page keeps loading and ends with "the page cannot be displayed"
    But on my working spot i can open owa or ecp without any issues.
    I've recreated the virtual directory for ECP and OWA with powershell, and checked the certificate.
    I checked if the same certificate was connected to the back-end port 444, and this is set correct.
    I even reconnected the cert on 444 with the following.
    Open the Command Prompt
    Run-
    netsh http show sslcert
    This will show the certs, copy and paste this information into notepad.  Under     IP:port   : 127.0.0.1:443, note the certificate hash and application ID.
    Run this command-  (Yes, I know there is no :444 listed in the output from the earlier command.)
    netsh http delete sslcert ipport=0.0.0.0:444
    Run this command.  Replace certhas with the certificate hash and appid with the application ID you saved in notepad.
    netsh http add sslcert ipport=0.0.0.0:444 certhash=123123123123123 appid="{123123123123-1231231235}"
    I used powershell to set the login authentication,
    et-Owavirtualdirectory -identity "YourMailBoxServerName\owa (Exchange Back End)" -WindowsAuthentication $True -Basicauthentication $false -Formsauthentication $false
    set-Owavirtualdirectory -identity "YourCASserverName\owa (Default Web Site)" -WindowsAuthentication $True -Basicauthentication $false -Formsauthentication $false
    and iisreset /noforce
    I unchecked the "require SSL" on the default website and left it enabled on the owa and ecp etc.
    Checked if HTTP over Proxy is installed, but this one is need to install exchange 2013.
    I've checked all ECP/OWA directories in in the IIS, the directories point to the Exchange V15 folders, this should be correct.
    Something is really broken, i really can use the help..
    I'm going to try to install Exchange 2013 SP1, but i don't know if this one is needed when CU6 has been installed.
    The strange thing is, it seem to be location based, not user based.
    I can login perfectly, but when i try this at one of the employees, it ends up blank.
    When i try to connect on a location dat does not work, at the exact time i press the enter-key to open the page, the eventviewer logs the following:
    Event 4634 - An account was logged off.
    For the issue on the smartphones and tablets, everything worked fine a few months ago, and happens to users on different ISP connections.
    I already checked the inheritance settings on the users in the AD.
    Kind regards,
    Tim

  • Exchange 2013 SP1 & Custom OWA Theme

    On Friday of last week we updated from Exchange 2013 CU2 to Exchange 2013 SP1. Since updating our custom OWA theme no longer works. We configured it according to the following guide:
    http://technet.microsoft.com/en-us/library/bb201700(v=exchg.150).aspx
    The theme we customized was stored in the following location:
    \Client Access\OWA\version\Owa2\resources\themes\"title of our theme"
    Themes no longer appear to be stored in this location and I am uncertain as to where they have moved and how to apply them. Has anyone else run into this issue?

    Hi,
    Can we try to re-importing the theme again?
    Thanks
    Mavis
    Mavis Huang
    TechNet Community Support

  • Exchange 2013 SP1 and CUCM 9.1.2 - Exch not recognizing called extension

    I think I'm almost there in getting Exchange 2013 SP1 UM working with CUCM 9.1.2...I've got two issues at the moment that I need a little help with.
    1) When I dial my VM pilot (6040) from a UM enabled extension it prompts to enter an extension. When I dial the same extension and let it ring to VM, Exchange picks up and says "the person you are trying to reach does not have a valid voice mail box
    on our system".
    2) This just started happening this afternoon, when I dial my VM pilot (6040) exch3 picks up as thats what I have my route pattern pointing to. If I enter the extension of a mailbox on exch2, I get stuck in a endless loop.
    I've followed this post as a guide but it hasn't resolved my issue.
    https://supportforums.cisco.com/discussion/11914031/exchange-2013-um-and-cucm-86
    My Exchange environment looks like this:
    Site 1:
    exch1 - CAS/Mailbox, used for mainly utility type work, journal, dedicated SMTP flows etc
    exch2 - CAS/Mailbox, part DAG13
    exch3 - CAS/Mailbox, part of DAG13
    Site 2:
    exch2dr - CAS/Mailbox, part of DAG13
    exch3dr - CAS/Mailbox, part of DAG13
    DAG13 is stretched between two sites, there are no users at our DR site so CUCM is pointing to Site 1 for UM. Each site has an internet facing CAS-only server for OWA/EAS etc.
    Any help is greatly appreciated. I'd love to get rid of Unity. 
    EDIT:
    I just found this event in the event logs:
    The Microsoft Exchange Unified Messaging service on the Mailbox server received a diverted call with ID "d51600-3a3140c5-9b8-c1414ac@EXCH3-IPADDR" for extension "4099" on UM dial plan "CUCM" from UM IP gateway "CUCM IP",
    but no UM-enabled mailbox for the corresponding extension could be found. Please check the extension and make sure that the corresponding mailbox is enabled for UM and associated with the correct UM dial plan.

    9.1.2 I think it is, we upgraded to avoid the known DNS bug
    I cant see how to PM you either
    The crux of it was outlined below with some tweaks
    http://blogs.technet.com/b/canitpro/archive/2014/04/30/step-by-step-integration-between-exchange-2013-um-and-cisco-unified-communication-manager.aspx
    As we have multiple combined role servers, our trunks are set up as follows:
    1. 1 x CAS Trunk - contains all CAS Servers on port 5060
    2. 4 x MBX Trunks - contains Maibox Server with ports 5062-5068
    On top of that, we had to Allow "Redirecting Diversion Header Delivery - Inbound (and Outbound)" on the CAS Trunk but DISABLE it on the Mailbox Trunks
    Also, make sure that you are using Telephone Extension Dial plans in Exchange 2013 (Despite them being unable to be associated with a 13 Server - EX13 answers for all calls anyway)
    Lastly, the MS documentation is a little strange - it says that as your last step of UM migration, you should point your Call Manager to 2013 - I don't agree with that statement, EX13 routes calls back to 2010 UM Servers perfectly fine, so treat it the same
    as any other CAS based service - point to 2013, and it will handle the rest

  • Cannot write email body in OWA with Exchange 2013 SP1 CU6

    Hi,
    I have a problem with Exchange 2013 SP1 with CU6.
    All of OWA user cannot write in the body of email. They can write the Object and the recipient but they cannot select body and write the body message. We have try with multiple Web brother and desactivate all Add-on but the problem still there...
    The only way that works is to respond to an email, and in that case, it's working, we can write normally in the body of email.
    Have you an idea ?
    Thanks in advance!
    Sebastien

    Hi, 
    After contacting Microsoft support, we have found the solution.
    The problem appear after we have recently install the patch described in this KB 2997209:
    https://support.microsoft.com/kb/2997209?wa=wsignin1.0
    But on 2013 Mailbox Server, Echange is not installed in the default path C:\ but on D:\
    So we have to manually copy the content of folder D:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa\prem\15.0.995.29 in the folder 15.0.995.31 (MAKE a BACKUP of FOLDER BEFORE!)
    No need to reboot, or restart IIS, it's working after that!
    @+
    Sébastien

  • Exchange 2013 SP1 Object is corrupted and inconsistent state after Lync 2013 Installation

    Hi Fellows,
    I am facing an issue with Exchange 2013 SP1 (5.0.847.32)
    environment. I recently installed Lync 2013 (version: 5.0.8308.0) a week ago and just recently start getting the below error when configuring delegation or modifying the users/groups from Exchange Control Panel:
    "The Object <object DN> has been corrupted, and it's in an inconsistent state. The following validation errors happened:
    The access control defines the ObjectType <object guid> that can't be resolved.."
    I can see some forum threads with same issue (links given below) but unable to find if this is a known issue and how to get it resolved. Need assistance if anyone has faced same and could help me out to figure it.
    http://social.technet.microsoft.com/Forums/exchange/en-US/72310530-d1de-4b39-a0fb-1592247df03f/access-control-entry-issue-after-installing-lync-2013-into-the-forest?forum=exchangesvrdeploy
     http://www.networksteve.com/exchange/topic.php/Issue_with_exchange_2013_lync_2013_intergration/?TopicId=37192&Posts=2
    J.A

    Hi
    Usually the affected SID objects are referring to deleted objects.
    Use the PsGetSid tool to try to resolve them.

  • Exchange 2013 SP1 and SCOM 2012 R2

    Hi there, 
    Hopefully someone can assist me with this issue, if it is one... 
    I am halfway through an Exchange migration, from Exchange 2010 SP3 on Server 2008 R2 to Exchange 2013 SP1 on Server 2012 R2.
    76 users in total, roughly 80GB of Public Folders.
    I have configured the 2013 environment with a cross datacenter DAG, also increased all of the timeouts of the cluster to take this into consideration, and everything appears to function as expected. 
    Added both 2013 machines to SCOM 2012 R2 for at least a week with no active users on it, and all monitoring reported ok, no issues. 
    Exchange 2010 is configured to use webmail.company.com for RPC over HTTP, which is what I have configured 2013 to use as well. 
    Implemented Microsoft ARR for client access to Exchange 2013, as opposed to ISA we've used for Exchange 2010. 
    A week ago, changed the DNS records for webmail.company.com from ISA to ARR, and all clients connected perfect. 
    Thought, ok, now we can start the migration. So far everything "seems" to be going perfect with the mailbox moves, however, SCOM is really noisy. 
    Attempted to reran the probe for EWS and got the error below:
    Is there perhaps anyone that can assist me with these errors?
    Cheers

    FYI... IIS ARR is not supported for Exchange Server.
    Check in event log if you are getting anything related to the issue.
    About Outlook POP UP to end users. Check the event log on 2010/2013 for MRS events.
    Are those mailboxes still moving or in move request?
    Cheers,
    Gulab Prasad
    Technology Consultant
    Blog:
    http://www.exchangeranger.com    Twitter:
      LinkedIn:
       Check out CodeTwo’s tools for Exchange admins
    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

  • Migrate to Windows 2012 R2 and Exchange 2013 SP1 using database portability

    Hi, I'm planning to migrate from Exchange 2013 SP1 running on Windows 2012 to Exchange 2013 SP1 on Windows 2012 R2.
    Is it possible to use database portability to move the databases from the exchange installation on win 2012 to the new installation on Win 2012 R2? This would save a great deal of time not doing the mailbox moves.
    I've searched similar cases but couldn't find any, all speak about disaster recovery and database portability but I've found no articles that uses the migration scenario.
    Would it be possible to do and if so, what would the steps be? Do I need to delete the database from the source server, move the database files to the new server and mount them and relocate the mailboxes? Or should I dismount the database on the source server,
    move them to the new server and mount them and relocate the mailboxes?
    Frank.

    Hi,
    According to your description, I recommend you consider using DAG to achieve your requirement.
    The following steps for your reference:
    1.Prepare a new server which installed windows 2012 R2 for Exchange 2013 mailbox server.
    2.After you deploy Exchange 2013 Mailbox servers, you can create a DAG, add Mailbox servers to the DAG, and then replicate mailbox databases between the DAG members.
    3.After replication, you can mount all the databases on the new server.
    Hope this helps!
    Thanks.
    Niko Cheng
    TechNet Community Support
    This no way a resolution. This won't work at all as Both OS will be different and you can't form the Cluster.
    Please Unmark it!
    Cheers,
    Gulab Prasad
    Technology Consultant
    Blog:
    http://www.exchangeranger.com    Twitter:
      LinkedIn:
       Check out CodeTwo’s tools for Exchange admins
    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

Maybe you are looking for

  • SAP Server Manager Error after BPC installation on domain controller

    Hi, I have installed BPC on a domain controller with windows 2003 server (english version). When I launch diagnostic in the "SAP Server Manager"  I have the following error message " Current user Name does not have permission for Adminitrators group"

  • New bt infinity with HH5. How to use own router?

    Hi guys, I have just this morning had my infinity 2 installed. Went with BT as I had read it's very easy to use your own router. My engineer has just left. I was expecting an openreach modem, but didn't realise HH5 had the modem built in. No problem,

  • Optical Flares obscuration not working

    As you see in the picture, I have a logo layer (with transparency) in between an Optical flare and a camera... and I set the Optical flares obscuration to the logo layer (with the transparency) but the flare is still on top of the layer instead of be

  • Obscenely large Illustrator files - HELP!!

    I realize many have asked before countless times "How do I reduce file size?" I have tried many of the tips and tricks I've read here and elsewhere on the Internet and continue to have problems.  I'm hoping someone can help. Here are a few details: 

  • I need to xlsx viewer?

    My Excel 2010 has crashed. And I ASAP need to view the content of my work excel file.