none
HTTP error 503 randomly in exchange webmail OWA RRS feed

  • Question

  • After installing some security updates in this Windows Server SBS 2008, I notice that webmail started to be instable, giving this error in browsers when trying to access login page:

    service unavailable 
    HTTP ERROR 503. The service is unavailable. 

    If trying several times refreshing the page it gives the webmail.

    Also I am using an old Exchange 2007.

    I am trying to solve this problem but I really dont know what can be causing this =/.

    UPDATE:

    So after some tests I have discovered that I am also getting another error, when sometimes it shows login, where after a sucessfully login it shows this error:

    Request 
    Url: https://server:443owa/default.aspx 
    User host address: 10.0.0.88 

    Exception 
    Exception type: Microsoft.Exchange.Data.Storage.StorageTransientException 
    Exception message: There was a problem accessing Active Directory. 

    Call stack 
    Microsoft.Exchange.Data.Storage.ExchangePrincipal.FromUserSid(ADRecipientSession recipientSession, SecurityIdentifier userSid) 
    Microsoft.Exchange.Clients.Owa.Core.OwaWindowsIdentity.CreateExchangePrincipal() 
    Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.GetExchangePrincipal(OwaContext owaContext, ExchangePrincipal& exchangePrincipal) 
    Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie) 
    Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext) 
    Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext) 
    System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() 
    System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) 

    Inner Exception 
    Exception type: Microsoft.Exchange.Data.Directory.ADTransientException 
    Exception message: Could not find any available Global Catalog in forest gfe-sa.local. 

    Call stack 
    Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType, ADObjectId domain, String serverName, Int32 port, NetworkCredential credential) 
    Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType) 
    Microsoft.Exchange.Data.Directory.ADSession.GetConnection(String preferredServer, Boolean isWriteOperation, Boolean isNotifyOperation, ADObjectId& rootId) 
    Microsoft.Exchange.Data.Directory.ADSession.GetReadConnection(String preferredServer, ADObjectId& rootId) 
    Microsoft.Exchange.Data.Directory.ADSession.Find(ADObjectId rootId, String optionalBaseDN, ADObjectId readId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, CreateObjectDelegate objectCreator, CreateObjectsDelegate arrayCreator) 
    Microsoft.Exchange.Data.Directory.ADSession.Find(ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, CreateObjectDelegate objectCtor, CreateObjectsDelegate arrayCtor) 
    Microsoft.Exchange.Data.Directory.ADSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties) 
    Microsoft.Exchange.Data.Directory.Recipient.ADRecipientSession.FindBySid(SecurityIdentifier sId) 
    Microsoft.Exchange.Data.Storage.ExchangePrincipal.FromUserSid(ADRecipientSession recipientSession, SecurityIdentifier userSid) 

    I have saw that 503 error appearing at Chrome and Edge.
    • Edited by FabioC88 Tuesday, April 17, 2018 2:59 PM
    Tuesday, April 17, 2018 2:01 PM

Answers

  • I have finally fixed this problem.

    After checking  C:\Windows\System32\LogFiles\HTTPERR folder where IIS logs are going, I found a lot of entries for:

    -#Fields: date time c-ip c-port s-ip s-port cs-version cs-method cs-uri sc-status s-siteid s-reason s-queuename 
    2018-04-17 16:48:58 10.0.0.82 53082 10.0.0.2 443 HTTP/1.1 POST /EWS/Exchange.asmx 503 3 ConnLimit MSExchangeServicesAppPool 

    Just to share with you, if you encounter such problem with exchange or other internal website you must go to IIS 7, and there just check each website on Advanced Settings at your right menu under Actions, it will be in ID.

    In this case since I had this problem at site ID 3, as you can see at the above entrie(s-siteid), still in Advanced Settings I just expanded Connection Limits, and changed Maximum Concurrent Connections from 500 to 3000 (I have read at least for IIS 6 that it should not pass from 8000 for security reasons), and didnt have anymore entries and users using webmail reporting this problem.

    I really dont know why this webmail started to receive so many entries because there was no new employers/users using Exchange or either new devices where it could be accessing from there.

    So I have check every source ip (s-ip) at IIS ports and there was no DDOS attacks at this webmail from unknown IPs.

    I really dont know what was causing this.

    • Marked as answer by FabioC88 Wednesday, April 18, 2018 3:10 PM
    Wednesday, April 18, 2018 3:10 PM

All replies

  • After restart Exchange OWA webmail, I was able to gain access.

    So it seems to me that coul be a problem in IIS but not seing a way to solve it.

    Tuesday, April 17, 2018 3:02 PM
  • I have finally fixed this problem.

    After checking  C:\Windows\System32\LogFiles\HTTPERR folder where IIS logs are going, I found a lot of entries for:

    -#Fields: date time c-ip c-port s-ip s-port cs-version cs-method cs-uri sc-status s-siteid s-reason s-queuename 
    2018-04-17 16:48:58 10.0.0.82 53082 10.0.0.2 443 HTTP/1.1 POST /EWS/Exchange.asmx 503 3 ConnLimit MSExchangeServicesAppPool 

    Just to share with you, if you encounter such problem with exchange or other internal website you must go to IIS 7, and there just check each website on Advanced Settings at your right menu under Actions, it will be in ID.

    In this case since I had this problem at site ID 3, as you can see at the above entrie(s-siteid), still in Advanced Settings I just expanded Connection Limits, and changed Maximum Concurrent Connections from 500 to 3000 (I have read at least for IIS 6 that it should not pass from 8000 for security reasons), and didnt have anymore entries and users using webmail reporting this problem.

    I really dont know why this webmail started to receive so many entries because there was no new employers/users using Exchange or either new devices where it could be accessing from there.

    So I have check every source ip (s-ip) at IIS ports and there was no DDOS attacks at this webmail from unknown IPs.

    I really dont know what was causing this.

    • Marked as answer by FabioC88 Wednesday, April 18, 2018 3:10 PM
    Wednesday, April 18, 2018 3:10 PM