HTTP/1.1 503 Service Unavailable Outlook Web Access

I have setup an Exchange cluster and am running OWA with SSL enabled.  Everything was running fine and I have set up almost 100 users on this new email system.

Whenever some users try to connect to OWA via https://server/exchange they are prompted for the certificate and then asked for their user name and password.  When the name and password are entered correctly they are forwarded to the HTTP/1.1 503 Service Unavailable page.  If they click refresh OWA comes up as it should.  

I've searched for solutions and I could only find one that says to uncheck "Enable anonymous access" for the ExchWeb in IIS.  This appears to have worked but then users would get to the OWA main screen and the email list would freeze on "Loading" or would finally error with

error line: 1038
invalid procedure call or argument

This was only in Internet Explorer, Firefox worked fine.

Please HELP, the boss is not happy :(

SimpsonISAsked:
Who is Participating?
 
Rant32Commented:
If OWA is opened without using ssl, does the site work correctly? Might have to disable the 128-bit requirement temporarily.

Does it make any difference when you authenticate to OWA with the UPN (username@mydomain.ads) ?

Here is an article on the settings for IIS Virtual directory security. It could be a good idea to run through this one and see if anything was inadvertently changed, or an important step was missed, and otherwise it's a very interesting read:

http://www.msexchange.org/tutorials/Securing-Exchange-Server-2003-Outlook-Web-Access-Chapter5.html

If you need to revert back to the default Exchange Virtual directories and want to start over, follow this article:

How to reset the default virtual directories that are required to provide Outlook Web Access, Exchange ActiveSync, and Outlook Mobile Access services in Exchange Server 2003
http://support.microsoft.com/kb/883380/en-us

Also, did you know:
As a general rule, you should set the authentication methods through the Exchange System Manager whenever possible, and through the IIS Manager only as a last resort. [...] Before you start experimenting with OWA configuration options, it’s vital that you know the ins and outs of the DS2MB process. DS2MB stands for Directory Service to Metabase, a method by which Exchange configuration information in Active Directory is synchronized to the metabase. The function of the DS2MB synchronization process is to transfer configuration information from Active Directory to the local metabase. DS2MB is a one-way process, meaning that you always should make any changes to your OWA directories through the Exchange System Manager and not the IIS Manager. Any changes you make to the Exchange and Public virtual directories via the IIS Manager will be lost once the System Attendant service is restarted (such as after a reboot) or when the DS2MB process kicks in, which is normally every 15 minutes. The reason is that the DS2MB process always overwrites the settings in IIS Manager with the settings that exist in Exchange System Manager.
0
 
Rant32Commented:
Please... Which version of Exchange Enterprise are you using?? Service pack levels/builds, other basic information?

Are you using Form-based authentication for HTTPS, if Exchange 2003?

<< Everything was running fine >>
Then what changed?

Any changes to IIS websites or virtual directories?
Any changes to Recipient Policies?
0
 
sam_coganCommented:
One thing to try on this is rebuilding the recipient update services.
Go into system manager, then recipients, then recipient update services. Right click on eahc service and go t rebuild. You may have to wait some time, depending on the size of your list before it starts working.


Sam
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
SimpsonISAuthor Commented:
Version = Exchange Enterprise2003 sp2 version: 6.5.76.38.1

Form-based authentication = no

I should take that back, I've never had the problem personally and never saw it on test machines.  The last change made to the system was enabling SSL and setting policies for mailbox size limits, those are the only changes before the problem was recognized.

No changes to websites or virtual directories or recipient policies since initial set up.
0
 
vasanthgnbCommented:
Have a look at http://support.microsoft.com/default.aspx?scid=kb;[LN];823159

Regards,
Vasanth.
0
 
SimpsonISAuthor Commented:
Thanks Rant32

I followed your link to the microsoft support.  Which definatley helpe because the problem had worsened, the HTTP Virtual Server failed and would not come back online.  I went ahead though and uninstalled IIS, reinstalled IIS, did a reinstall of Exchange 2k3 and ran the upgrade to sp2 again.  All is working great now.  Following Microsoft's instructions may have been faster though.

Very good point about setting the authentication in system manager.  I think that is what broke it in the first place.

0
 
Rant32Commented:
Glad it worked out, have a good one. Thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.