none
Exchange 2016 2 Site Environment ; One Site ECP\EAC and EWS not working RRS feed

  • Question

  • Hello Geniuses,

    We have a 2 site 2016 environment where in we are experiencing issues with ECP(EAC) and EWS connectivity in one of the site.

    This is how the config looks like :

    Active Active DAG spanned across both sites.

    Site 1 - 

    A DNS record in forward lookup zone for autodiscover is pointing to a CAS server in Site 1 (this is internet facing as well and is responsible for all client connections)

    2 Exchange servers part of DAG where everything works fine as expected including all client protocols and services like EWS and EAC (after installing a new exchange server can successfully authenticate to EAC; local host url works fine)

    Site 2 - 

     2 Exchange servers part of DAG where everything works as expected except EAC and EWS (After installing a new Exchange server, can't authenticate to EAC .. no error messages just comes back to login page, however local host url gets redirected to webmail.company.com right after entering creds and then comes back to the authentication page with no error messages)

    If I try to open site 2 new servers EAC from any random site 1  machine with its url like : https://site2server.company.local\ecp , it works and i can login to it using admin creds BUT if i do the same from any machine in site 2, authentication does not work.

    nslookup to autodiscover.company.com shows the Site1 CAS server IP (from both sites)

    nslookup to webmail.company.com shows the Site1 CAS server IP (from both sites)

    I have checked the Virtual Directories and all internal entries look fine as they are on site 1 which works fine. Can someone please advise why EAC wont let me login in Site 2 ? 

    Thanks in advance,

    GD


    GD


    • Edited by Gudakesh (GD) Sunday, October 13, 2019 12:01 PM info added
    Sunday, October 13, 2019 11:53 AM

Answers

All replies

  • Hi,

    >>however local host url gets redirected to webmail.company.com

    Localhost should be resolved to 127.0.0.1, do you set any redirect in your organization? Do you modified the local host fine.

    >> if i do the same from any machine in site 2, authentication does not work.

    What do you mean authentication does not work?

    I would suggest you try to crate a new administrator which hosted on site 2 Exchange's database, then try to use this new administrator to login EAC.

    Regards,

    Kyle Xu


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Monday, October 14, 2019 6:40 AM
    Moderator
  • Thank you for Replying Kyle,

    I just created another admin account and gave Exchange Org access .. this new account seems working and can access EAC of site 2 server from both locations (Site1&2).

    I wonder what is wrong with my own admin account then ? i noticed that my admin account had a mailbox associated with it which i have now "Disabled"

    can you suggest as to why one account has this issue and how to fix it ?

    thanks

    Monday, October 14, 2019 11:11 AM
  • Only one Admin account can not authenticate to EAC of Site1 servers out of 2 sites environment.

    GD

    Monday, October 14, 2019 12:35 PM
  • >>i noticed that my admin account had a mailbox associated with it which i have now "Disabled"

    I think this is the issue. After disable AD account, it may exist issue with verification form AD.

    Regards,

    Kyle Xu


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Thursday, October 17, 2019 7:43 AM
    Moderator
  • Hi Kyle,

    I believe I already figured out that a single admin account is the issue , and looking for a fix.

    Anything you can suggest to fix the issue instead ? I checked HomeMDB from ADSIedit and other related props.

    Thanks


    GD

    Friday, October 18, 2019 11:45 AM
  • CU update fixed it.

    Thanks!

    GD


    GD

    • Marked as answer by Gudakesh (GD) Monday, October 21, 2019 4:08 PM
    Monday, October 21, 2019 4:08 PM