none
Exchange 2013 ECP login looping RRS feed

  • Question

  • Hi all.  I am having issue login to the Exchange 2013 ECP portal.  Originally our environment has one Exchange 2013 with SP1 server.  So we've create one more Exchange 2013 server running on SP1 and Rollup Update 11.  Then configured DAG and move the database into the DAG.  However, I am not able to login to the ECP portal of this new server at https://server_name/ecp. The odd thing is I can login to OWA through the URL https://server_name/owa, but just not the ECP portal.  After I entered my AD user name and password (or other domain admin account), it keep prompting me back to the EP login screen.  There is no error messages at all.  ECP and OWA access is fine on the old Exchange 2013 server.

    I've checked the virtual directories, IIS permission, and they are identical to the old Exchange 2013 server.  It is running on a SAN certificate, and not signed with the provider is "Microsoft RSA SChannel Cryptographic Provider"

    Since this server is now in production, I didn't restart the IIS service.  I also don't want to re-create the ECP and OWA virtual directories at this moment as the OWA is working fine.  I am just wondering is there other things I can try.  Thank you


    • Edited by Tinha9413 Friday, March 18, 2016 7:14 PM
    Friday, March 18, 2016 6:46 PM

Answers

  • Hi Ed. Yes, I meant CU 11 (Rollup Update is the term for Exchange 2010)

    Thank you for all the suggestions.  Magically today I am able to login to ECP portal on this new Exchange 2013.  The only thing that we've done last week before I leave is entering the PowerShell command

    "Set-ECPVirtualDirectory -Identity "InternalCAS\ecp (default web site)" -AdminEnabled $True" on this server.  Yet we didn't restart IIS afterward.  I am wondering if this is the fix for this issue.  Probably new Exchange installation auto disable ECP access?  Anyhow, I am able to login to ECP portal now.  Thank you all. 


    Monday, March 21, 2016 4:52 PM

All replies

  • Exchange 2013 doesn't have Update Rollups.  Do you mean Cumulative Update 11?

    Verify in IIS that the Back-End Web Site has the Exchange self-signed certificate bound to it.

    You may have run into the dreaded Mailbox Anchoring issue.

    http://blogs.technet.com/b/exchange/archive/2015/12/15/exchange-management-shell-and-mailbox-anchoring.aspx

    You can move the mailbox for your administrator account to the new server or if it's not mailbox-enabled, you can move the arbitration mailboxes to Exchange 2013.

    If you have to, instead you can open PowerShell as administrator and load the Exchange 2013 cmdlets using this command:

    Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn

    You may need to delete the PowerShell cookie under:

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WSMAN\Client\ConnectionCookies

    or just the administrator's Windows logon profile and then log on again.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Friday, March 18, 2016 8:16 PM
    Moderator
  • Hi,

    Have you encountered any error during the installation process?
    Have you tired to change other browsers for test?
    Try to browser the site using http://localhost/ecp.
    Please change the following authentication for ecp virtual directory:Set-EcpVirtualDirectory -Identity "E15MBX\ecp (Exchange Back End)" -WindowsAuthentication $true -FormsAuthentication $false
    Also check if you can find some related Application Event Log when a login attempt fails.
    Regards,
    David 


    Monday, March 21, 2016 2:15 AM
    Moderator
  • Hi Ed. Yes, I meant CU 11 (Rollup Update is the term for Exchange 2010)

    Thank you for all the suggestions.  Magically today I am able to login to ECP portal on this new Exchange 2013.  The only thing that we've done last week before I leave is entering the PowerShell command

    "Set-ECPVirtualDirectory -Identity "InternalCAS\ecp (default web site)" -AdminEnabled $True" on this server.  Yet we didn't restart IIS afterward.  I am wondering if this is the fix for this issue.  Probably new Exchange installation auto disable ECP access?  Anyhow, I am able to login to ECP portal now.  Thank you all. 


    Monday, March 21, 2016 4:52 PM
  • You're welcome.  Please feel free to mark responses as the answer and/or helpful as appropriate.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Monday, March 21, 2016 5:10 PM
    Moderator