Users get Error 500 when attemping to access OWA.

OWA has been working fine up till yesterday. No changes have been made to the network, servers or Exchange. For most of the time yesterday and today when users attempt to go to OWA (remote.domain.net/exchange) they recieve Error 500 Internal server error. i have had others outside the company attemt to go to the address which they were successful including myself. I attempted several times an hour all day to get the error but never did. The users never even see the login page. every so often 1 or 2 would be able to access OWA but when they would go back they would get the error. Again no changes have been made.
mgassettAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
mgassettConnect With a Mentor Author Commented:
in SBS the licensing Logging Service starts automatically. if you try to change the start up setting it automatically changes that as well. at this point I belive it is related to licensing so i will make the recommendation to purchase more licenses.

thanks for your help!
0
 
thor_08Commented:
Have you tried refreshing the rights of the Users PERSONAL OBJECT in "Mailbox Rights".  Locate the User by last name, under Mailbox rights in AD;  check the Change permission - UNCHECK Read & Full; Click Apply; then UNCHECK Change and RECHECK Read & Full; Click Apply.  This "refreshes" the Users personal object rights.  

If that doesn't work, try this.

Under the Users mailbox rights; see if the SELF object is listed; if not ADD the SELF account and CHECK Read & Full; Click Apply.
0
 
Jesse BSystem AdministratorCommented:
Turn off Friendly Error Messages in IE so you get more helpful information when the error happens.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LeeDerbyshireCommented:
As suggested, turn off 'Friendly HTTP Errors' in your IE options to get a better error description.  But, if nothing more is revealed, then it is likely to be something going wrong on the server that IIS is not aware of.  In that case, check the Event Log (Application) on the server.
0
 
mgassettAuthor Commented:
thor o8
i have not had a chance to try your suggestions yet. my only concern is that this is occuring before the users can even login to there mailbox so i dont think it is a permissions issue.

jpboyce
turning of Friendly Error Messages reduced the information on the error message.
0
 
LeeDerbyshireCommented:
Is there anything in the server's Event Log?  Specifically, the Application log?
0
 
mgassettAuthor Commented:
would not having enough licenses cause the problem? if so why would it only start now when we have been running on low CAL for a month or 2? i spoke to another professional who doesnt think this would be the issue.
below are the 2 unusual messages in the event log.

Date: 6/20/2008               Source:LicenseService
Time:                                Category: None
Type: None                      Event ID: 201
User: N/A
Computer: <server>
No license was available for user COMPASSPOINTEHO\jandreu using product FilePrint .  Use Licensing from the Administrative Tools folder to ensure that you have sufficient licenses.

Date: 6/20/2008               Source:Server ActiveSync
Time:                                Category: None
Type: Warning                 Event ID: 3033
User: COMPASSPOINTEHO\JFarmer
Computer: <server>
The average of the most recent [200] heartbeat intervals used by clients is less than or equal to [540].  Make sure that your firewall configuration is set to work correctly with Exchange ActiveSync and direct push technology. Specifically, make sure that your firewall is configured so that requests to Exchange ActiveSync do not expire before they have the opportunity to be processed.  For more information about how to configure firewall settings when using Exchange ActiveSync, see Microsoft Knowledge Base article 905013, "Enterprise Firewall Configuration for Exchange ActiveSync Direct
0
 
LeeDerbyshireCommented:
No, they don't appear to be related to the problem.  Try using OWA again, and see if an Event is logged.  If not, can you paste the full error message that you see in IE now that the Friendly HTTP Errors are no longer enabled.
0
 
mgassettAuthor Commented:
i restarted IIS but since then i have only been able to get a hold of a couple users who say it is working. if i find some one who is still having issues i will go from there.
0
 
mgassettAuthor Commented:
HTTP/1.1 500 Internal Server Error

or

You are not authorized to view this page
The Web server you are attempting to reach has a list of IP addresses that are not allowed to access the Web site, and the IP address of your browsing computer is on this list.
--------------------------------------------------------------------------------
Please try the following:

Contact the Web site administrator if you believe you should be able to view this directory or page.
HTTP Error 403.6 - Forbidden: IP address of the client has been rejected.
Internet Information Services (IIS)

--------------------------------------------------------------------------------
Technical Information (for support personnel)

Go to Microsoft Product Support Services and perform a title search for the words HTTP and 403.
Open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled About Security, Limiting Access by IP Address, IP Address Access Restrictions, and About Custom Error Messages.
0
 
LeeDerbyshireCommented:
The second error should be easy to fix.  The 403;6 indicates that the client's IP address is being blocked.  Is this Exchange 2000 or 2003?  If so, look at the properties of the Exchange Virtual Directory in IIS Manager, and look for the table of IP address restrictions.  If it's E2007, then look at the OWA VDir instead.
0
 
mgassettAuthor Commented:
ok. the first is still an issue.
0
 
LeeDerbyshireCommented:
Okay, so when you see a 500 - Internal Server Error message in your browser window, and there is no more explanatory text, that means that IIS itself does not know what's gone wrong, and there really should be something in your server Event Logs.  Can you see anything being logged at exactly the same time as you try to use OWA, and see the 500 error?
0
 
mgassettAuthor Commented:
the following are the only events that are relevant to exchange or IIS or users. there are 3 of them. the first seems to be the most relevant but it doesnt tell me much.

Date: 6/24/2008               Source:Server ActiveSync
Time:                                Category: None
Type: Error                      Event ID: 3005
User: COMPASSPOINTEHO\JFarmer
Computer: compass-sbs
Unexpected Exchange mailbox Server error: Server: [compass-sbs.CompassPointeHomes.local] User: [JFarmer@compasspointehomes.com] HTTP status code: [500]. Verify that the Exchange mailbox Server is working correctly.

Date: 6/24/2008               Source:LicenseService
Time:                                Category: None
Type: None                      Event ID: 201
User: N/A
Computer: <server>
No license was available for user COMPASSPOINTEHO\jandreu using product FilePrint .  Use Licensing from the Administrative Tools folder to ensure that you have sufficient licenses.

Date: 6/24/2008               Source:Server ActiveSync
Time:                                Category: None
Type: Warning                 Event ID: 3033
User: COMPASSPOINTEHO\JFarmer
Computer: compass-sbs
The average of the most recent [200] heartbeat intervals used by clients is less than or equal to [540].  Make sure that your firewall configuration is set to work correctly with Exchange ActiveSync and direct push technology. Specifically, make sure that your firewall is configured so that requests to Exchange ActiveSync do not expire before they have the opportunity to be processed.  For more information about how to configure firewall settings when using Exchange ActiveSync, see Microsoft Knowledge Base article 905013, "Enterprise Firewall Configuration for Exchange ActiveSync Direct
0
 
LeeDerbyshireCommented:
The first one is indicating that ActiveSync is encountering the same 500 error when it tries to access the Exchange VDir, but that is all.  It's hard to think of anything to suggest without a proper error message.  One thing you might try is to change the application pool (for IIS6) or the process isolation level (for IIS5).  Which version of Windows Server is it running on?
0
 
mgassettAuthor Commented:
2003 sbs

by change the app pool what do you mean
0
 
LeeDerbyshireCommented:
In IIS Manager, look at the properties of the Exchange Virtual Directory.  One of the properties will be Application Pool.  It is normally ExchangeApplicationPool, but try changing it to DefaultAppPool for a test.
0
 
mgassettAuthor Commented:
in IIS Manger the tree look s like this

IIS
   - server (local comp)
       - Application Pools
           + DefaultAppPool
           + ExchangeApplicationPool
           + ExchangeMobileBrowseApplicationPool
           + MSSharePointAppPool
           + StsAdminAppPool
       + web sites
       + web service extensions

so i am not sure exactly what you are suggesting i change. sorry, i ma fairly new to the IIS support
0
 
LeeDerbyshireCommented:
Expand the [+] next to Web Sites, instead of Application Pools, then expand the Default Web Site.  You should see Exchange listed.  Look at its properties, and you'll find Application Pool on the first tab that opens.
0
 
mgassettAuthor Commented:
IIS
   - server (local comp)
       + Application Pools
       - web sites
           + Default Web Site
           + IHMSWEB
           + Microsoft SharePoint Administration
           + SharePoint Central Administration
           + Companyweb
       + web service extensions
0
 
LeeDerbyshireCommented:
Okay, now click the [+] next to Default Web Site, and you should see Exchange listed.
0
 
mgassettAuthor Commented:
ok

virtual directory
   under application settings
    Application name is set to default app and is greyed out but has a create button
    Starting pointe:   <Default Web Site>
    Execute Permissions: none
    Application Pool: ExchangeApplicationPool  which is greyed out

configuration and upload buttons are greyed out  
0
 
mgassettAuthor Commented:
i changed it to dedault app pool. restarted IIS. then the website  has a pop up security box i put in my login then i get an unspecified error.
0
 
LeeDerbyshireCommented:
You could try deleting the Exchange VDir, and then re-creating it with this (I think method 3 is the easiest):
http://support.microsoft.com/kb/883380
0
 
mgassettAuthor Commented:
i just completed method 3 and will see what happens.
0
 
mgassettAuthor Commented:
now our OWA address does not work

The page cannot be found.

The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.

Please try blah blah blah

HTTP  Error 404 - File or directory not found
0
 
LeeDerbyshireCommented:
Has the Exchange VDir appeared in your IIS manager yet?  Under the Default Web Site?  If not, do you see any error messages in the Event related to MSExchangeMU (which is the MS Exchange Metabase Update process)?
0
 
mgassettAuthor Commented:
it was there just as it was before. i couldnt see any difference and no events from MSExchangeMU
0
 
mgassettAuthor Commented:
From: exchange server
event id: 1001

Bucket 397332663, bucket table 1, faulting application inetinfo.exe, version 6.0.3790.3959, stamp 45d69692, faulting module metadata.dll, version 6.0.3790.3959, stamp 45d70a61, debug? 0, fault address 0x00028af7.
0
 
LeeDerbyshireCommented:
When you made the change to the metabase.xml file, did you remember to select that 'Enable Direct Metabase Edit' checkbox in IIS Manager?
0
 
mgassettAuthor Commented:
yes

i may have been doing something wrong on my end i will check with users today hopefully we will be good.
0
 
LeeDerbyshireCommented:
Double-check the syntax in your XML file.  If it is badly formed (maybe there is a quotation character missing after you edited it), that might explain the metadata.dll error you are seeing.  Also check the NTFS permissions on it.  If you edited it off the server, maybe the permissions have changed, and the MU process no longer has permission to read it.
0
 
mgassettAuthor Commented:
ok so it turns out my information from the users was incorrect. the error comes after they login.
0
 
mgassettAuthor Commented:
and the following event is pretty consistant with the error

Date: 6/24/2008               Source:LicenseService
Time:                                Category: None
Type: None                      Event ID: 201
User: N/A
Computer: <server>
No license was available for user COMPASSPOINTEHO\jandreu using product FilePrint .  Use Licensing from the Administrative Tools folder to ensure that you have sufficient licenses.

0
 
LeeDerbyshireCommented:
It's not something I've heard of before.  I think most people disable the License Logging Service, anyway.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.