Solved

Users get Error 500 when attemping to access OWA.

Posted on 2008-06-19
35
1,209 Views
Last Modified: 2012-05-05
OWA has been working fine up till yesterday. No changes have been made to the network, servers or Exchange. For most of the time yesterday and today when users attempt to go to OWA (remote.domain.net/exchange) they recieve Error 500 Internal server error. i have had others outside the company attemt to go to the address which they were successful including myself. I attempted several times an hour all day to get the error but never did. The users never even see the login page. every so often 1 or 2 would be able to access OWA but when they would go back they would get the error. Again no changes have been made.
0
Comment
Question by:mgassett
  • 19
  • 14
  • +1
35 Comments
 
LVL 2

Expert Comment

by:thor_08
ID: 21827104
Have you tried refreshing the rights of the Users PERSONAL OBJECT in "Mailbox Rights".  Locate the User by last name, under Mailbox rights in AD;  check the Change permission - UNCHECK Read & Full; Click Apply; then UNCHECK Change and RECHECK Read & Full; Click Apply.  This "refreshes" the Users personal object rights.  

If that doesn't work, try this.

Under the Users mailbox rights; see if the SELF object is listed; if not ADD the SELF account and CHECK Read & Full; Click Apply.
0
 
LVL 6

Expert Comment

by:jpboyce
ID: 21827374
Turn off Friendly Error Messages in IE so you get more helpful information when the error happens.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21831447
As suggested, turn off 'Friendly HTTP Errors' in your IE options to get a better error description.  But, if nothing more is revealed, then it is likely to be something going wrong on the server that IIS is not aware of.  In that case, check the Event Log (Application) on the server.
0
 

Author Comment

by:mgassett
ID: 21831879
thor o8
i have not had a chance to try your suggestions yet. my only concern is that this is occuring before the users can even login to there mailbox so i dont think it is a permissions issue.

jpboyce
turning of Friendly Error Messages reduced the information on the error message.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21831911
Is there anything in the server's Event Log?  Specifically, the Application log?
0
 

Author Comment

by:mgassett
ID: 21831995
would not having enough licenses cause the problem? if so why would it only start now when we have been running on low CAL for a month or 2? i spoke to another professional who doesnt think this would be the issue.
below are the 2 unusual messages in the event log.

Date: 6/20/2008               Source:LicenseService
Time:                                Category: None
Type: None                      Event ID: 201
User: N/A
Computer: <server>
No license was available for user COMPASSPOINTEHO\jandreu using product FilePrint .  Use Licensing from the Administrative Tools folder to ensure that you have sufficient licenses.

Date: 6/20/2008               Source:Server ActiveSync
Time:                                Category: None
Type: Warning                 Event ID: 3033
User: COMPASSPOINTEHO\JFarmer
Computer: <server>
The average of the most recent [200] heartbeat intervals used by clients is less than or equal to [540].  Make sure that your firewall configuration is set to work correctly with Exchange ActiveSync and direct push technology. Specifically, make sure that your firewall is configured so that requests to Exchange ActiveSync do not expire before they have the opportunity to be processed.  For more information about how to configure firewall settings when using Exchange ActiveSync, see Microsoft Knowledge Base article 905013, "Enterprise Firewall Configuration for Exchange ActiveSync Direct
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21833687
No, they don't appear to be related to the problem.  Try using OWA again, and see if an Event is logged.  If not, can you paste the full error message that you see in IE now that the Friendly HTTP Errors are no longer enabled.
0
 

Author Comment

by:mgassett
ID: 21835057
i restarted IIS but since then i have only been able to get a hold of a couple users who say it is working. if i find some one who is still having issues i will go from there.
0
 

Author Comment

by:mgassett
ID: 21849698
HTTP/1.1 500 Internal Server Error

or

You are not authorized to view this page
The Web server you are attempting to reach has a list of IP addresses that are not allowed to access the Web site, and the IP address of your browsing computer is on this list.
--------------------------------------------------------------------------------
Please try the following:

Contact the Web site administrator if you believe you should be able to view this directory or page.
HTTP Error 403.6 - Forbidden: IP address of the client has been rejected.
Internet Information Services (IIS)

--------------------------------------------------------------------------------
Technical Information (for support personnel)

Go to Microsoft Product Support Services and perform a title search for the words HTTP and 403.
Open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled About Security, Limiting Access by IP Address, IP Address Access Restrictions, and About Custom Error Messages.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21854977
The second error should be easy to fix.  The 403;6 indicates that the client's IP address is being blocked.  Is this Exchange 2000 or 2003?  If so, look at the properties of the Exchange Virtual Directory in IIS Manager, and look for the table of IP address restrictions.  If it's E2007, then look at the OWA VDir instead.
0
 

Author Comment

by:mgassett
ID: 21859702
ok. the first is still an issue.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21861330
Okay, so when you see a 500 - Internal Server Error message in your browser window, and there is no more explanatory text, that means that IIS itself does not know what's gone wrong, and there really should be something in your server Event Logs.  Can you see anything being logged at exactly the same time as you try to use OWA, and see the 500 error?
0
 

Author Comment

by:mgassett
ID: 21866115
the following are the only events that are relevant to exchange or IIS or users. there are 3 of them. the first seems to be the most relevant but it doesnt tell me much.

Date: 6/24/2008               Source:Server ActiveSync
Time:                                Category: None
Type: Error                      Event ID: 3005
User: COMPASSPOINTEHO\JFarmer
Computer: compass-sbs
Unexpected Exchange mailbox Server error: Server: [compass-sbs.CompassPointeHomes.local] User: [JFarmer@compasspointehomes.com] HTTP status code: [500]. Verify that the Exchange mailbox Server is working correctly.

Date: 6/24/2008               Source:LicenseService
Time:                                Category: None
Type: None                      Event ID: 201
User: N/A
Computer: <server>
No license was available for user COMPASSPOINTEHO\jandreu using product FilePrint .  Use Licensing from the Administrative Tools folder to ensure that you have sufficient licenses.

Date: 6/24/2008               Source:Server ActiveSync
Time:                                Category: None
Type: Warning                 Event ID: 3033
User: COMPASSPOINTEHO\JFarmer
Computer: compass-sbs
The average of the most recent [200] heartbeat intervals used by clients is less than or equal to [540].  Make sure that your firewall configuration is set to work correctly with Exchange ActiveSync and direct push technology. Specifically, make sure that your firewall is configured so that requests to Exchange ActiveSync do not expire before they have the opportunity to be processed.  For more information about how to configure firewall settings when using Exchange ActiveSync, see Microsoft Knowledge Base article 905013, "Enterprise Firewall Configuration for Exchange ActiveSync Direct
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21866378
The first one is indicating that ActiveSync is encountering the same 500 error when it tries to access the Exchange VDir, but that is all.  It's hard to think of anything to suggest without a proper error message.  One thing you might try is to change the application pool (for IIS6) or the process isolation level (for IIS5).  Which version of Windows Server is it running on?
0
 

Author Comment

by:mgassett
ID: 21866597
2003 sbs

by change the app pool what do you mean
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21866621
In IIS Manager, look at the properties of the Exchange Virtual Directory.  One of the properties will be Application Pool.  It is normally ExchangeApplicationPool, but try changing it to DefaultAppPool for a test.
0
 

Author Comment

by:mgassett
ID: 21866819
in IIS Manger the tree look s like this

IIS
   - server (local comp)
       - Application Pools
           + DefaultAppPool
           + ExchangeApplicationPool
           + ExchangeMobileBrowseApplicationPool
           + MSSharePointAppPool
           + StsAdminAppPool
       + web sites
       + web service extensions

so i am not sure exactly what you are suggesting i change. sorry, i ma fairly new to the IIS support
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21866894
Expand the [+] next to Web Sites, instead of Application Pools, then expand the Default Web Site.  You should see Exchange listed.  Look at its properties, and you'll find Application Pool on the first tab that opens.
0
 

Author Comment

by:mgassett
ID: 21867005
IIS
   - server (local comp)
       + Application Pools
       - web sites
           + Default Web Site
           + IHMSWEB
           + Microsoft SharePoint Administration
           + SharePoint Central Administration
           + Companyweb
       + web service extensions
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21867059
Okay, now click the [+] next to Default Web Site, and you should see Exchange listed.
0
 

Author Comment

by:mgassett
ID: 21867261
ok

virtual directory
   under application settings
    Application name is set to default app and is greyed out but has a create button
    Starting pointe:   <Default Web Site>
    Execute Permissions: none
    Application Pool: ExchangeApplicationPool  which is greyed out

configuration and upload buttons are greyed out  
0
 

Author Comment

by:mgassett
ID: 21867570
i changed it to dedault app pool. restarted IIS. then the website  has a pop up security box i put in my login then i get an unspecified error.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21868607
You could try deleting the Exchange VDir, and then re-creating it with this (I think method 3 is the easiest):
http://support.microsoft.com/kb/883380
0
 

Author Comment

by:mgassett
ID: 21869491
i just completed method 3 and will see what happens.
0
 

Author Comment

by:mgassett
ID: 21870002
now our OWA address does not work

The page cannot be found.

The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.

Please try blah blah blah

HTTP  Error 404 - File or directory not found
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21870357
Has the Exchange VDir appeared in your IIS manager yet?  Under the Default Web Site?  If not, do you see any error messages in the Event related to MSExchangeMU (which is the MS Exchange Metabase Update process)?
0
 

Author Comment

by:mgassett
ID: 21870803
it was there just as it was before. i couldnt see any difference and no events from MSExchangeMU
0
 

Author Comment

by:mgassett
ID: 21870864
From: exchange server
event id: 1001

Bucket 397332663, bucket table 1, faulting application inetinfo.exe, version 6.0.3790.3959, stamp 45d69692, faulting module metadata.dll, version 6.0.3790.3959, stamp 45d70a61, debug? 0, fault address 0x00028af7.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21874005
When you made the change to the metabase.xml file, did you remember to select that 'Enable Direct Metabase Edit' checkbox in IIS Manager?
0
 

Author Comment

by:mgassett
ID: 21874408
yes

i may have been doing something wrong on my end i will check with users today hopefully we will be good.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21874533
Double-check the syntax in your XML file.  If it is badly formed (maybe there is a quotation character missing after you edited it), that might explain the metadata.dll error you are seeing.  Also check the NTFS permissions on it.  If you edited it off the server, maybe the permissions have changed, and the MU process no longer has permission to read it.
0
 

Author Comment

by:mgassett
ID: 21878779
ok so it turns out my information from the users was incorrect. the error comes after they login.
0
 

Author Comment

by:mgassett
ID: 21878811
and the following event is pretty consistant with the error

Date: 6/24/2008               Source:LicenseService
Time:                                Category: None
Type: None                      Event ID: 201
User: N/A
Computer: <server>
No license was available for user COMPASSPOINTEHO\jandreu using product FilePrint .  Use Licensing from the Administrative Tools folder to ensure that you have sufficient licenses.

0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 21882905
It's not something I've heard of before.  I think most people disable the License Logging Service, anyway.
0
 

Accepted Solution

by:
mgassett earned 0 total points
ID: 21926831
in SBS the licensing Logging Service starts automatically. if you try to change the start up setting it automatically changes that as well. at this point I belive it is related to licensing so i will make the recommendation to purchase more licenses.

thanks for your help!
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now