Solved

Users cannot login to OWA - error HTTP 500 - The local Security Authority cannot be contacted

Posted on 2009-03-29
5
743 Views
Last Modified: 2012-08-13
I am implementing EBS in the existing Windows 2003 SP2 environment. At this point, there are new Windows 2008 servers, both domain controllers, both DNS servers, and 2 old domain controllers, one of them is a DNS server, another one is an Exchange server.
This setup was working for a while until I rebooted one 2003 and one 2008 server. After that, all users lost ability to log on to their computers. In addition, one one could open OWA and, I believe, Outlook (definitely, not from remote computers). With OWA, they receive: "HTTP 500 - The local Security Authority cannot be contacted". The only exception was from servers while logged in as domain admin.
I found  a way to '"fix" it but it lasts for a very short time if users close Outlook or OWA. What I did was I went to the Account tab in ADUC and gave them access to all computers listed there.
It does the trick but only for a while.

No new group policies were introduced, unless they came with EBS and 2008 Server.

Thank in advance for your help.


0
Comment
Question by:pfarber22
  • 3
  • 2
5 Comments
 
LVL 6

Expert Comment

by:WizardWill
ID: 24014814
0
 
LVL 1

Author Comment

by:pfarber22
ID: 24015645
Yes, I have. Almost identical situation.
The person asking the question resolved it: "i have checked this all out and it it turns out to be that due to the fact that i had restricted users to their own pc - this in turn basically locked them out of OWA if they used another PC.

I have removed their PC assignments within active directory and its fixed the problem"

How did he "remove their PC assignments within active directory", I don't know but, in my case, I don't know of any restrictions implemented via GP or otherwise. In addition, my users could not access OWA from any computer except servers.
My 'fix' by granting users access to servers manually does not last long.
0
 
LVL 6

Expert Comment

by:WizardWill
ID: 24015677
Can you make sure that the netlogon service on all the dc's are started and set the startup type to automatic... If the service is not running start it .. right click and than start ...
0
 
LVL 1

Author Comment

by:pfarber22
ID: 24019010
Of course, it is running. I could always connect from any server other than DC. It is started and set to autmatic on all DC.
0
 
LVL 1

Accepted Solution

by:
pfarber22 earned 0 total points
ID: 24032943
The reason for this behavior was found by EBS support. Once passed 30 days after installation, EBS licenses needed to be properly registered. Since it was not done, people were shut down from their computers (and Outlook). Additional grace period was given to complete the installation and configuration.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This video discusses moving either the default database or any database to a new volume.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question