Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Friday, August 30, 2013 4:06 PM
Our environment consist of 3 client access servers with 8 mailbox servers. I recently installed windows updates on all of the servers. Now when a user tries to access OWA it fails and says "Something went wrong" when I try to access ECP I receive "500 unexpected error"
I have tried building a new CAS and mailbox servers with the default settings but it still fails. I did not install the latest Windows updates on the new servers. I tried creating new databases with new users and it also fails.
There are also these ASP.NET 4.0.30319.0 warnings showing in the application log:
Log Name: Application
Source: ASP.NET 4.0.30319.0
Date: 8/30/2013 11:02:13 AM
Event ID: 1309
Task Category: Web Event
Level: Warning
Keywords: Classic
User: N/A
Computer: FacultyEmail01.corjesu.org
Description:
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 8/30/2013 11:02:13 AM
Event time (UTC): 8/30/2013 4:02:13 PM
Event ID: 1088bfe111264e01b536f66f2591c15a
Event sequence: 48245
Event occurrence: 1597
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/2/ROOT/owa-1-130223042171473642
Trust level: Full
Application Virtual Path: /owa
Application Path: C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\owa\
Machine name: FACULTYEMAIL01
Process information:
Process ID: 13764
Process name: w3wp.exe
Account name: NT AUTHORITY\SYSTEM
Exception information:
Exception type: NullReferenceException
Exception message: Object reference not set to an instance of an object.
at Microsoft.Exchange.Clients.Common.Canary15.Init(Byte[] userContextIdBinary, Byte[] timeStampBinary, String logonUniqueKey, Byte[] hashBinary, String logData)
at Microsoft.Exchange.Clients.Common.Canary15..ctor(String logonUniqueKey)
at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpCookie(HttpCookie cookie, String logonUniqueKey, Canary15Profile profile)
at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpContext(HttpContext httpContext, String logOnUniqueKey, Canary15Profile profile)
at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.InternalOnPostAuthorizeRequest(Object sender)
at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.OnPostAuthorizeRequest(Object sender, EventArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Request information:
Request URL: https://localhost:444/owa/logoff.owa
Request path: /owa/logoff.owa
User host address: 127.0.0.1
User: CORJESU\SM_cab26786a5604c759
Is authenticated: True
Authentication Type: Kerberos
Thread account name: NT AUTHORITY\SYSTEM
Thread information:
Thread ID: 12
Thread account name: NT AUTHORITY\SYSTEM
Is impersonating: False
Stack trace: at Microsoft.Exchange.Clients.Common.Canary15.Init(Byte[] userContextIdBinary, Byte[] timeStampBinary, String logonUniqueKey, Byte[] hashBinary, String logData)
at Microsoft.Exchange.Clients.Common.Canary15..ctor(String logonUniqueKey)
at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpCookie(HttpCookie cookie, String logonUniqueKey, Canary15Profile profile)
at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpContext(HttpContext httpContext, String logOnUniqueKey, Canary15Profile profile)
at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.InternalOnPostAuthorizeRequest(Object sender)
at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.OnPostAuthorizeRequest(Object sender, EventArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Custom event details:
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ASP.NET 4.0.30319.0" />
<EventID Qualifiers="32768">1309</EventID>
<Level>3</Level>
<Task>3</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-08-30T16:02:13.000000000Z" />
<EventRecordID>721791</EventRecordID>
<Channel>Application</Channel>
<Computer>FacultyEmail01.corjesu.org</Computer>
<Security />
</System>
<EventData>
<Data>3005</Data>
<Data>An unhandled exception has occurred.</Data>
<Data>8/30/2013 11:02:13 AM</Data>
<Data>8/30/2013 4:02:13 PM</Data>
<Data>1088bfe111264e01b536f66f2591c15a</Data>
<Data>48245</Data>
<Data>1597</Data>
<Data>0</Data>
<Data>/LM/W3SVC/2/ROOT/owa-1-130223042171473642</Data>
<Data>Full</Data>
<Data>/owa</Data>
<Data>C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\owa\/Data>
<Data>FACULTYEMAIL01</Data>
<Data>
</Data>
<Data>13764</Data>
<Data>w3wp.exe</Data>
<Data>NT AUTHORITY\SYSTEM</Data>
<Data>NullReferenceException</Data>
<Data>Object reference not set to an instance of an object.
at Microsoft.Exchange.Clients.Common.Canary15.Init(Byte[] userContextIdBinary, Byte[] timeStampBinary, String logonUniqueKey, Byte[] hashBinary, String logData)
at Microsoft.Exchange.Clients.Common.Canary15..ctor(String logonUniqueKey)
at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpCookie(HttpCookie cookie, String logonUniqueKey, Canary15Profile profile)
at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpContext(HttpContext httpContext, String logOnUniqueKey, Canary15Profile profile)
at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.InternalOnPostAuthorizeRequest(Object sender)
at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.OnPostAuthorizeRequest(Object sender, EventArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
</Data>
<Data>https://localhost:444/owa/logoff.owa</Data>
<Data>/owa/logoff.owa</Data>
<Data>127.0.0.1</Data>
<Data>CORJESU\SM_cab26786a5604c759</Data>
<Data>True</Data>
<Data>Kerberos</Data>
<Data>NT AUTHORITY\SYSTEM</Data>
<Data>12</Data>
<Data>NT AUTHORITY\SYSTEM</Data>
<Data>False</Data>
<Data> at Microsoft.Exchange.Clients.Common.Canary15.Init(Byte[] userContextIdBinary, Byte[] timeStampBinary, String logonUniqueKey, Byte[] hashBinary, String logData)
at Microsoft.Exchange.Clients.Common.Canary15..ctor(String logonUniqueKey)
at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpCookie(HttpCookie cookie, String logonUniqueKey, Canary15Profile profile)
at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpContext(HttpContext httpContext, String logOnUniqueKey, Canary15Profile profile)
at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.InternalOnPostAuthorizeRequest(Object sender)
at Microsoft.Exchange.Clients.Owa2.Server.Core.OwaRequestHandler.OnPostAuthorizeRequest(Object sender, EventArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
</Data>
</EventData>
</Event>
All replies (25)
Monday, September 2, 2013 11:38 AM
Hi,
From your description, OWA and ECP couldn’t be accessed.
In this case, we can rebuild the OWA and ECP virtual directories firstly.
http://technet.microsoft.com/en-us/library/ff629372(v=exchg.141).aspx
If the issue still exists, we can collect the IIS log except the event warning log.
Thanks,
Angela Shi
Tuesday, September 3, 2013 7:10 PM | 16 votes
I opened a case with Microsoft. After 3 days and over 15 hours on the phone they were able to resolve the problem. They had to use ADSI edit to remove the canary data for the domain.
I tried rebuilding the virtual directories, building a new CAS server, a new mailbox server and a new server with both roles installed. I created a new database and new users in that database and used the new CAS server but the problem continued which led us to believe it was something being obtained from Active Directory. We finally figured out the problem was in the properties of an object in ADSI.
You have to open the ADSI editor on the primary domain controller (start-->administrative tools-->ADSI edit), go to CN=Services --> CN=Microsoft Exchange --> CN=<Your Site Name> Right click CN=Client Access and click properties. Scroll down to msExchCanaryData0. You have to click edit and copy the data from Data0, Data1 and Data2 (you may have more or less) to a notepad file. Then erase the data from those settings. Now log onto the CAS server and open IIS management. Go to application pools and right click MSExchangeOWAAppPool and click Recycling. Then restart all of the mailbox servers.
It's a great idea to take a system state backup before performing these steps as editing ADSI data is risky.
Thursday, September 5, 2013 1:41 AM
Hi,
Thanks for sharing the solution with us.
Best regards,
Angela Shi
Tuesday, December 24, 2013 9:28 AM
Hi Marshall,
you said that the problem appears after installin Windows Updates. Do you know what updates ? Have you the KB number ?
Thanks a lot !
Monday, March 3, 2014 11:24 AM
This action can help me
Thank you very much Marshall Lucas
reply from Social.technet
Tuesday, April 22, 2014 6:41 AM
Thank you very much for sharing the solution Marshall Lucas
Best regards
Thursday, May 22, 2014 9:48 AM
I cannot find "CN=Services" on my windows 2013 DC ADSI edit.
any idea?
thanks,
Domenico
Thursday, May 22, 2014 10:29 AM
Search in the Schema Partition of your AD.
Thursday, May 22, 2014 1:10 PM
I also tried to open the configuration module of adsedit, but in the end I fixed my problem by reinstalling:
Setup /Mode:upgrade /IAcceptExchangeServerLicenseTerms
I even found my test Maiboxes databases back, in a mounted state.
Domenico.
Wednesday, July 9, 2014 4:54 PM
just tried the upgrade as offered by ItalianDutch75 but it didn't work for me, I had to use ADSIEdit, bit of a worry while doing it but worth it in the end
cheers
Tom
Thursday, July 10, 2014 3:09 PM
Did you have to restart all mailbox or just the affected ones?
I'm only having this problem with a single DAG. I have another Exchange 2013 DAG behind the same CAS servers working fine, and then I have a 2007 environment consisting of 2 CAS servers and 5 2-node SCC mailbox servers. I'd like not to have to bounce everything in the environment if possible.
Sunday, July 27, 2014 2:04 AM | 2 votes
For some reason it works when I login to ECP link in this form https://servername/ecp?ExchClientVer=15
Mohammed AbuDeeb
Sunday, August 24, 2014 2:53 PM
For some reason it works when I login to ECP link in this form https://servername/ecp?ExchClientVer=15
Mohammed AbuDeeb
Yeap, your ECP link works great, for both netbios name as well as FQDN.
Thank you.
Friday, November 7, 2014 12:26 AM
I do not see CN=Services under adsiedit. Is it possible it is a few layers down under CN=RPCservices or CN=Default Domain Policy or something else such as OU=OURDOMAINNAME?
Thanks - I missed the step where you right click connect to - default naming context
Monday, November 17, 2014 2:42 AM
Thanks for the tip; it worked for me. However every time that I want to login to ECP or OWA on the server, I have to choose recycle in IIS manager. Otherwise I get the error 500.
Any suggestions?
Tuesday, December 16, 2014 12:25 PM
Hi ItalianDutch75, Thanks for your reply, your suggest works fine for me, i was having the same problem and it is related access permission into IIS.
Best Regards,
Thursday, July 23, 2015 12:53 PM
Thank you so much for this .. its really works for me and the issue resolved... i really appreciate it .. :)
"Go to application pools and right click MSExchangeOWAAppPool and click Recycling. Then restart all of the mailbox servers."
Sunday, November 29, 2015 9:06 PM
You have to open the ADSI editor on the primary domain controller (start-->administrative tools-->ADSI edit), go to CN=Services --> CN=Microsoft Exchange --> CN=<Your Site Name> Right click CN=Client Access and click properties. Scroll down to msExchCanaryData0. You have to click edit and copy the data from Data0, Data1 and Data2 (you may have more or less) to a notepad file. Then erase the data from those settings. Now log onto the CAS server and open IIS management. Go to application pools and right click MSExchangeOWAAppPool and click Recycling. Then restart all of the mailbox servers.
It's a great idea to take a system state backup before performing these steps as editing ADSI data is risky.
Thanks Marshall Lucas..saved the day! :-)
Just to add here, in order to access the "CN=Services" using ADSI Edit, one has to open "Configuration" naming context of your Primary domain controller.
Thanks again!
SSayeed
Friday, November 18, 2016 4:16 PM
THANKS !!!
After one day lost to find a solution it's works !
SAMUEL LAMBERT
Thursday, December 1, 2016 7:53 PM
This did the trick. I'm seeing this now in my old threads. Sorry for the delay.
Tuesday, January 17, 2017 9:01 PM
Well, I'm not certain if this was what fixed it for me, as I also re-added our SSL certificate to the binding on the Exchange Backend website, but after I cleared out the data for those values you mentioned and rebooted the server I got my ECP and OWA back - thanks for sharing!
Saturday, March 11, 2017 8:04 PM
what i'll do im get stay's stuck on the 500 error and CN=Services that
not in my adsi edt
what now to do to fix this problem ?
site name ecp bla bla bla en than i'm going redirected to the same site but than with an owa extension ????
Friday, December 8, 2017 3:34 PM
Thanks, that worked for me.
Saturday, March 14, 2020 6:20 AM
Hello Marshall,
Thanks for sharing this, you made my day and resolved the same issue.
Pravin
Wednesday, July 1, 2020 4:18 PM
This was the solution regarding EPC on an Exchange 16 after installing KB4562561 and KB4561616 updates.