After logging into Exchange 2016’s ECP you receive an HTTP Error 500 (same goes with OWA):

06-12-_2016_12-23-00

Searching the internet ends up with several possible solutions to this issue, ranging from missing System Attendant Mailboxes, to bogus ADSI settings regarding the Exchange CAS Service. I tried several of them to no prevail.

And it doesn’t matter whether you enter DOMAIN\Administrator or administrator@domain.local for your username. In most cases the simplest solution is to execute UpdateCas.ps1 PowerShell script located in the C:\Program Files\Microsoft\Exchange Server\V15\Bin folder, followed by an IISReset:

06-12-_2016_13-58-01 

Once there was a case where UpdateCas.ps1 didn’t work, which left me with executing the following PowerShell cmdlets, in subsequent order:

  1. Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -FormsAuthentication $False -BasicAuthentication $True
  2. Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -FormsAuthentication $True -BasicAuthentication $True
  3. Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -FormsAuthentication $false -BasicAuthentication $true
  4. Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -FormsAuthentication $true -BasicAuthentication $true
  5. iisreset

Again, one Exchange 2016 Server in particular was immune against all those tricks and needed the following adjustments:

  1. Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -FormsAuthentication $false -BasicAuthentication $true -WindowsAuthentication $true
  2. Get-OWAVirtualDirectory | Set-OWAVirtualDirectory -FormsAuthentication $false -BasicAuthentication $true -WindowsAuthentication $true
  3. iisreset
  4. Recycle MSExchangeECPAppPool
  5. Recycle MSExchangeOWAAppPool

Keep in mind that Authentication Settings for both Virtual Directories ECP and OWA must be identical:

14-12-_2016_10-55-35

After that I was able to successfully log into ECP and OWA again.

Update 2016-12-15

On another occassion it turned out that the Mailbox Database the user tried to access via OWA was actually unmounted. The Event Log showed a lot of Event IDs 1023, Event Source: MSExchange ActiveSync, with the following Event Message:

Exchange ActiveSync tried to access a mailbox on Mailbox server “yourserver.domain.local”. It could not access the mailbox because the Mailbox server is offline.

15-12-_2016_10-03-12

After mounting the corresponding Mailbox Database everything worked as expected. By coincidence the Administrator’s Mailbox was hosted on the exact same Mailbox Database, thus rendering the Administrator account unable to log into ECP and OWA, neither, resulting in http error 500.

Further reading:

Exchange 2016 – HTTP Error 500 after logging into ECP/OWA
Tagged on:     

Leave a Reply