Solved

Users cannot login to OWA - error HTTP 500 - The local Security Authority cannot be contacted

Posted on 2009-03-29
5
748 Views
Last Modified: 2012-08-13
I am implementing EBS in the existing Windows 2003 SP2 environment. At this point, there are new Windows 2008 servers, both domain controllers, both DNS servers, and 2 old domain controllers, one of them is a DNS server, another one is an Exchange server.
This setup was working for a while until I rebooted one 2003 and one 2008 server. After that, all users lost ability to log on to their computers. In addition, one one could open OWA and, I believe, Outlook (definitely, not from remote computers). With OWA, they receive: "HTTP 500 - The local Security Authority cannot be contacted". The only exception was from servers while logged in as domain admin.
I found  a way to '"fix" it but it lasts for a very short time if users close Outlook or OWA. What I did was I went to the Account tab in ADUC and gave them access to all computers listed there.
It does the trick but only for a while.

No new group policies were introduced, unless they came with EBS and 2008 Server.

Thank in advance for your help.


0
Comment
Question by:pfarber22
  • 3
  • 2
5 Comments
 
LVL 6

Expert Comment

by:WizardWill
ID: 24014814
0
 
LVL 1

Author Comment

by:pfarber22
ID: 24015645
Yes, I have. Almost identical situation.
The person asking the question resolved it: "i have checked this all out and it it turns out to be that due to the fact that i had restricted users to their own pc - this in turn basically locked them out of OWA if they used another PC.

I have removed their PC assignments within active directory and its fixed the problem"

How did he "remove their PC assignments within active directory", I don't know but, in my case, I don't know of any restrictions implemented via GP or otherwise. In addition, my users could not access OWA from any computer except servers.
My 'fix' by granting users access to servers manually does not last long.
0
 
LVL 6

Expert Comment

by:WizardWill
ID: 24015677
Can you make sure that the netlogon service on all the dc's are started and set the startup type to automatic... If the service is not running start it .. right click and than start ...
0
 
LVL 1

Author Comment

by:pfarber22
ID: 24019010
Of course, it is running. I could always connect from any server other than DC. It is started and set to autmatic on all DC.
0
 
LVL 1

Accepted Solution

by:
pfarber22 earned 0 total points
ID: 24032943
The reason for this behavior was found by EBS support. Once passed 30 days after installation, EBS licenses needed to be properly registered. Since it was not done, people were shut down from their computers (and Outlook). Additional grace period was given to complete the installation and configuration.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
how to add IIS SMTP to handle application/Scanner relays into office 365.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question