locked
Unable to access OWA or ECP. - "Something went wrong" or "500 unexpected error" RRS feed

  • Question

  • Our environment consist of 3 client access servers with 8 mailbox servers.  I recently installed windows updates on all of the servers.  Now when a user tries to access OWA it fails and says "Something went wrong" when I try to access ECP I receive "500 unexpected error"

    I have tried building a new CAS and mailbox servers with the default settings but it still fails.  I did not install the latest Windows updates on the new servers.  I tried creating new databases with new users and it also fails.  

    There are also these ASP.NET 4.0.30319.0 warnings showing in the application log:

      

    Log Name:      Application
    Source:        ASP.NET 4.0.30319.0
    Date:          8/30/2013 11:02:13 AM
    Event ID:      1309
    Task Category: Web Event
    Level:         Warning
    Keywords:      Classic
    User:          N/A
    Computer:      FacultyEmail01.corjesu.org
    Description:
    Event code: 3005 
    Event message: An unhandled exception has occurred. 
    Event time: 8/30/2013 11:02:13 AM 
    Event time (UTC): 8/30/2013 4:02:13 PM 
    Event ID: 1088bfe111264e01b536f66f2591c15a 
    Event sequence: 48245 
    Event occurrence: 1597 
    Event detail code: 0 
     
    Application information: 
        Application domain: /LM/W3SVC/2/ROOT/owa-1-130223042171473642 
        Trust level: Full 
        Application Virtual Path: /owa 
        Application Path: C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\owa\ 
        Machine name: FACULTYEMAIL01 
     
    Process information: 
        Process ID: 13764 
        Process name: w3wp.exe 
        Account name: NT AUTHORITY\SYSTEM 
     
    Exception information: 
        Exception type: NullReferenceException 
        Exception message: Object reference not set to an instance of an object.
       at Microsoft.Exchange.Clients.Common.Canary15.Init(Byte[] userContextIdBinary, Byte[] timeStampBinary, String logonUniqueKey, Byte[] hashBinary, String logData)
       at Microsoft.Exchange.Clients.Common.Canary15..ctor(String logonUniqueKey)
       at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpCookie(HttpCookie cookie, String logonUniqueKey, Canary15Profile profile)
       at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpContext(HttpContext httpContext, String logOnUniqueKey, Canary15Profile profile)
       at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.InternalOnPostAuthorizeRequest(Object sender)
       at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.OnPostAuthorizeRequest(Object sender, EventArgs e)
       at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
       at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

     
     
    Request information: 
        Request URL: https://localhost:444/owa/logoff.owa 
        Request path: /owa/logoff.owa 
        User host address: 127.0.0.1 
        User: CORJESU\SM_cab26786a5604c759 
        Is authenticated: True 
        Authentication Type: Kerberos 
        Thread account name: NT AUTHORITY\SYSTEM 
     
    Thread information: 
        Thread ID: 12 
        Thread account name: NT AUTHORITY\SYSTEM 
        Is impersonating: False 
        Stack trace:    at Microsoft.Exchange.Clients.Common.Canary15.Init(Byte[] userContextIdBinary, Byte[] timeStampBinary, String logonUniqueKey, Byte[] hashBinary, String logData)
       at Microsoft.Exchange.Clients.Common.Canary15..ctor(String logonUniqueKey)
       at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpCookie(HttpCookie cookie, String logonUniqueKey, Canary15Profile profile)
       at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpContext(HttpContext httpContext, String logOnUniqueKey, Canary15Profile profile)
       at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.InternalOnPostAuthorizeRequest(Object sender)
       at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.OnPostAuthorizeRequest(Object sender, EventArgs e)
       at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
       at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
     
     
    Custom event details: 

    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="ASP.NET 4.0.30319.0" />
        <EventID Qualifiers="32768">1309</EventID>
        <Level>3</Level>
        <Task>3</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2013-08-30T16:02:13.000000000Z" />
        <EventRecordID>721791</EventRecordID>
        <Channel>Application</Channel>
        <Computer>FacultyEmail01.corjesu.org</Computer>
        <Security />
      </System>
      <EventData>
        <Data>3005</Data>
        <Data>An unhandled exception has occurred.</Data>
        <Data>8/30/2013 11:02:13 AM</Data>
        <Data>8/30/2013 4:02:13 PM</Data>
        <Data>1088bfe111264e01b536f66f2591c15a</Data>
        <Data>48245</Data>
        <Data>1597</Data>
        <Data>0</Data>
        <Data>/LM/W3SVC/2/ROOT/owa-1-130223042171473642</Data>
        <Data>Full</Data>
        <Data>/owa</Data>
        <Data>C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\owa\</Data>
        <Data>FACULTYEMAIL01</Data>
        <Data>
        </Data>
        <Data>13764</Data>
        <Data>w3wp.exe</Data>
        <Data>NT AUTHORITY\SYSTEM</Data>
        <Data>NullReferenceException</Data>
        <Data>Object reference not set to an instance of an object.
       at Microsoft.Exchange.Clients.Common.Canary15.Init(Byte[] userContextIdBinary, Byte[] timeStampBinary, String logonUniqueKey, Byte[] hashBinary, String logData)
       at Microsoft.Exchange.Clients.Common.Canary15..ctor(String logonUniqueKey)
       at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpCookie(HttpCookie cookie, String logonUniqueKey, Canary15Profile profile)
       at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpContext(HttpContext httpContext, String logOnUniqueKey, Canary15Profile profile)
       at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.InternalOnPostAuthorizeRequest(Object sender)
       at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.OnPostAuthorizeRequest(Object sender, EventArgs e)
       at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
       at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&amp; completedSynchronously)

    </Data>
        <Data>https://localhost:444/owa/logoff.owa</Data>
        <Data>/owa/logoff.owa</Data>
        <Data>127.0.0.1</Data>
        <Data>CORJESU\SM_cab26786a5604c759</Data>
        <Data>True</Data>
        <Data>Kerberos</Data>
        <Data>NT AUTHORITY\SYSTEM</Data>
        <Data>12</Data>
        <Data>NT AUTHORITY\SYSTEM</Data>
        <Data>False</Data>
        <Data>   at Microsoft.Exchange.Clients.Common.Canary15.Init(Byte[] userContextIdBinary, Byte[] timeStampBinary, String logonUniqueKey, Byte[] hashBinary, String logData)
       at Microsoft.Exchange.Clients.Common.Canary15..ctor(String logonUniqueKey)
       at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpCookie(HttpCookie cookie, String logonUniqueKey, Canary15Profile profile)
       at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpContext(HttpContext httpContext, String logOnUniqueKey, Canary15Profile profile)
       at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.InternalOnPostAuthorizeRequest(Object sender)
       at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.OnPostAuthorizeRequest(Object sender, EventArgs e)
       at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
       at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&amp; completedSynchronously)
    </Data>
      </EventData>
    </Event>

    Friday, August 30, 2013 4:06 PM

All replies

  • Hi,

    From your description, OWA and ECP couldn’t be accessed.
    In this case, we can rebuild the OWA and ECP virtual directories firstly.

    http://technet.microsoft.com/en-us/library/ff629372(v=exchg.141).aspx

    If the issue still exists, we can collect the IIS log except the event warning log.

    Thanks,
    Angela Shi

     

    Monday, September 2, 2013 11:38 AM
  • I opened a case with Microsoft.  After 3 days and over 15 hours on the phone they were able to resolve the problem.  They had to use ADSI edit to remove the canary data for the domain.

    I tried rebuilding the virtual directories, building a new CAS server, a new mailbox server and a new server with both roles installed.  I created a new database and new users in that database and used the new CAS server but the problem continued which led us to believe it was something being obtained from Active Directory.  We finally figured out the problem was in the properties of an object in ADSI. 

    You have to open the ADSI editor on the primary domain controller (start-->administrative tools-->ADSI edit), go to CN=Services --> CN=Microsoft Exchange --> CN=<Your Site Name>  Right click CN=Client Access and click properties.  Scroll down to msExchCanaryData0.  You have to click edit and copy the data from Data0, Data1 and Data2 (you may have more or less) to a notepad file.  Then erase the data from those settings.  Now log onto the CAS server and open IIS management.  Go to application pools and  right click MSExchangeOWAAppPool and click Recycling.  Then restart all of the mailbox servers.  

    It's a great idea to take a system state backup before performing these steps as editing ADSI data is risky.  

    Tuesday, September 3, 2013 7:10 PM
  • Hi,

    Thanks for sharing the solution with us.

    Best regards,

    Angela Shi

    Thursday, September 5, 2013 1:41 AM
  • Hi Marshall,

    you said that the problem appears after installin Windows Updates. Do you know what updates ? Have you the KB number ?

    Thanks a lot !   

    Tuesday, December 24, 2013 9:28 AM
  • This action can help me

    Thank you very much Marshall Lucas


    reply from Social.technet

    Monday, March 3, 2014 11:24 AM
  • Thank you very much for sharing the solution Marshall Lucas

    Best regards

    Tuesday, April 22, 2014 6:41 AM
  • I cannot find "CN=Services" on my windows 2013 DC ADSI edit.

    any idea?

    thanks,

    Domenico

    Thursday, May 22, 2014 9:48 AM
  • Search in the Schema Partition of your AD.
    Thursday, May 22, 2014 10:29 AM
  • I also tried to open the configuration module of adsedit, but in the end I fixed my problem by reinstalling:

    Setup /Mode:upgrade /IAcceptExchangeServerLicenseTerms

    I even found my test Maiboxes databases back, in a mounted state.

    Domenico.

    Thursday, May 22, 2014 1:10 PM
  • just tried the upgrade as offered by ItalianDutch75 but it didn't work for me, I had to use ADSIEdit, bit of a worry while doing it but worth it in the end

    cheers

    Tom

    Wednesday, July 9, 2014 4:54 PM
  • Did you have to restart all mailbox or just the affected ones?

    I'm only having this problem with a single DAG.  I have another Exchange 2013 DAG behind the same CAS servers working fine, and then I have a 2007 environment consisting of 2 CAS servers and 5 2-node SCC mailbox servers.  I'd like not to have to bounce everything in the environment if possible.

    Thursday, July 10, 2014 3:09 PM
  • For some reason it works when I login to ECP link in this form https://servername/ecp?ExchClientVer=15

    Mohammed AbuDeeb

    Sunday, July 27, 2014 2:04 AM
  • For some reason it works when I login to ECP link in this form https://servername/ecp?ExchClientVer=15

    Mohammed AbuDeeb

    Yeap, your ECP link works great, for both netbios name as well as FQDN.

    Thank you.

    Sunday, August 24, 2014 2:53 PM
  • I do not see CN=Services under adsiedit.   Is it possible it is a few layers down under CN=RPCservices or CN=Default Domain Policy or something else such as OU=OURDOMAINNAME?

    Thanks - I missed the step where you right click connect to - default naming context

    • Edited by boe_d Friday, November 7, 2014 2:28 AM
    Friday, November 7, 2014 12:26 AM
  • Thanks for the tip; it worked for me. However every time that I want to login to ECP or OWA on the server, I have to choose recycle in IIS manager. Otherwise I get the error 500.

    Any suggestions?

    Monday, November 17, 2014 2:42 AM
  • Hi ItalianDutch75, Thanks for your reply, your suggest works fine for me, i was having the same problem and it is related access permission into IIS.

    Best Regards,

    Tuesday, December 16, 2014 12:25 PM
  • Thank you so much for this .. its really works for me and the issue resolved... i really appreciate it .. :)

    "Go to application pools and  right click MSExchangeOWAAppPool and click Recycling.  Then restart all of the mailbox servers."  

    Thursday, July 23, 2015 12:53 PM

  • You have to open the ADSI editor on the primary domain controller (start-->administrative tools-->ADSI edit), go to CN=Services --> CN=Microsoft Exchange --> CN=<Your Site Name>  Right click CN=Client Access and click properties.  Scroll down to msExchCanaryData0.  You have to click edit and copy the data from Data0, Data1 and Data2 (you may have more or less) to a notepad file.  Then erase the data from those settings.  Now log onto the CAS server and open IIS management.  Go to application pools and  right click MSExchangeOWAAppPool and click Recycling.  Then restart all of the mailbox servers.  

    It's a great idea to take a system state backup before performing these steps as editing ADSI data is risky.  

    Thanks Marshall Lucas..saved the day! :-)

    Just to add here, in order to access the "CN=Services" using ADSI Edit, one has to open "Configuration" naming context of your Primary domain controller.

    Thanks again!


    SSayeed


    • Edited by SSayeed Sunday, November 29, 2015 9:08 PM
    Sunday, November 29, 2015 9:06 PM
  • THANKS !!!

    After one day lost to find a solution it's works !


    SAMUEL LAMBERT

    Friday, November 18, 2016 4:16 PM
  • This did the trick. I'm seeing this now in my old threads. Sorry for the delay.
    Thursday, December 1, 2016 7:53 PM
  • Well, I'm not certain if this was what fixed it for me, as I also re-added our SSL certificate to the binding on the Exchange Backend website, but after I cleared out the data for those values you mentioned and rebooted the server I got my ECP and OWA back - thanks for sharing!
    Tuesday, January 17, 2017 9:01 PM
  • what i'll do im get stay's stuck on the 500 error and CN=Services that

    not in my adsi edt

    what now to do to fix this problem ?

    site name ecp  bla bla bla en than i'm going redirected to the same site but than with an owa extension ????


    • Edited by livecopy Saturday, March 11, 2017 8:08 PM
    Saturday, March 11, 2017 8:04 PM
  • Thanks, that worked for me.
    Friday, December 8, 2017 3:34 PM
  • Hello Marshall,

    Thanks for sharing this, you made my day and resolved the same issue.

    Pravin

    Saturday, March 14, 2020 6:20 AM
  • This was the solution regarding EPC on an Exchange 16 after installing KB4562561 and KB4561616 updates.
    Wednesday, July 1, 2020 4:18 PM