HTTP/1.1 503 Service Unavailable Outlook Web Access

Posted on 2006-04-25
Last Modified: 2012-08-13
I have setup an Exchange cluster and am running OWA with SSL enabled.  Everything was running fine and I have set up almost 100 users on this new email system.

Whenever some users try to connect to OWA via https://server/exchange they are prompted for the certificate and then asked for their user name and password.  When the name and password are entered correctly they are forwarded to the HTTP/1.1 503 Service Unavailable page.  If they click refresh OWA comes up as it should.  

I've searched for solutions and I could only find one that says to uncheck "Enable anonymous access" for the ExchWeb in IIS.  This appears to have worked but then users would get to the OWA main screen and the email list would freeze on "Loading" or would finally error with

error line: 1038
invalid procedure call or argument

This was only in Internet Explorer, Firefox worked fine.

Please HELP, the boss is not happy :(

Question by:SimpsonIS
    LVL 12

    Expert Comment

    Please... Which version of Exchange Enterprise are you using?? Service pack levels/builds, other basic information?

    Are you using Form-based authentication for HTTPS, if Exchange 2003?

    << Everything was running fine >>
    Then what changed?

    Any changes to IIS websites or virtual directories?
    Any changes to Recipient Policies?
    LVL 3

    Expert Comment

    One thing to try on this is rebuilding the recipient update services.
    Go into system manager, then recipients, then recipient update services. Right click on eahc service and go t rebuild. You may have to wait some time, depending on the size of your list before it starts working.


    Author Comment

    Version = Exchange Enterprise2003 sp2 version:

    Form-based authentication = no

    I should take that back, I've never had the problem personally and never saw it on test machines.  The last change made to the system was enabling SSL and setting policies for mailbox size limits, those are the only changes before the problem was recognized.

    No changes to websites or virtual directories or recipient policies since initial set up.
    LVL 7

    Expert Comment

    Have a look at;[LN];823159

    LVL 12

    Accepted Solution

    If OWA is opened without using ssl, does the site work correctly? Might have to disable the 128-bit requirement temporarily.

    Does it make any difference when you authenticate to OWA with the UPN ( ?

    Here is an article on the settings for IIS Virtual directory security. It could be a good idea to run through this one and see if anything was inadvertently changed, or an important step was missed, and otherwise it's a very interesting read:

    If you need to revert back to the default Exchange Virtual directories and want to start over, follow this article:

    How to reset the default virtual directories that are required to provide Outlook Web Access, Exchange ActiveSync, and Outlook Mobile Access services in Exchange Server 2003

    Also, did you know:
    As a general rule, you should set the authentication methods through the Exchange System Manager whenever possible, and through the IIS Manager only as a last resort. [...] Before you start experimenting with OWA configuration options, it’s vital that you know the ins and outs of the DS2MB process. DS2MB stands for Directory Service to Metabase, a method by which Exchange configuration information in Active Directory is synchronized to the metabase. The function of the DS2MB synchronization process is to transfer configuration information from Active Directory to the local metabase. DS2MB is a one-way process, meaning that you always should make any changes to your OWA directories through the Exchange System Manager and not the IIS Manager. Any changes you make to the Exchange and Public virtual directories via the IIS Manager will be lost once the System Attendant service is restarted (such as after a reboot) or when the DS2MB process kicks in, which is normally every 15 minutes. The reason is that the DS2MB process always overwrites the settings in IIS Manager with the settings that exist in Exchange System Manager.

    Author Comment

    Thanks Rant32

    I followed your link to the microsoft support.  Which definatley helpe because the problem had worsened, the HTTP Virtual Server failed and would not come back online.  I went ahead though and uninstalled IIS, reinstalled IIS, did a reinstall of Exchange 2k3 and ran the upgrade to sp2 again.  All is working great now.  Following Microsoft's instructions may have been faster though.

    Very good point about setting the authentication in system manager.  I think that is what broke it in the first place.

    LVL 12

    Expert Comment

    Glad it worked out, have a good one. Thanks.

    Featured Post

    Do email signature updates give you a headache?

    Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

    Join & Write a Comment

    "Migrate" an SMTP relay receive connector to a new server using info from an old server.
    Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
    In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
    To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now