Access to webmail 500 error

Hi,
Got a user who cannot access their webmail. After you log on the user gets the 500 internal server error. OWA works for all other accounts on this exchange server and you can access the account from outlook.
We are using Exchange 2003 / Outlook 2003. Any help would be great thanks.
RichardSmeeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Britt ThompsonSr. Systems EngineerCommented:
Have you gone into Active Directory and adjusted what computers the user is allowed to log on to? If you've modified that setting within their account you have to add the Exchange Server to that list:

AD Users and computer >> Properties of the user >> Account  >> LogOnTo
0
Britt ThompsonSr. Systems EngineerCommented:
Also, for the user to be able to log into OWA his account must have the address associated with the default recipient policy within his email address list: IE @domain.local must be in the users list of addresses as username@domain.local
0
RichardSmeeAuthor Commented:
Hi renazonse, thanks for the responses. The user can log onto all computers. I'm afraid I didn't understand your second point, could you elaborate please, thanks.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

SubsunCommented:
Is the user able to access direct server link http://exchangeserver/exchange
Did you try to access OWA with any other PC or browser?
Disable Show Friendly HTTP error messages in IE and let us know the actual error message.
0
Britt ThompsonSr. Systems EngineerCommented:
Ok....in your recipient policy there's addresses IE:

@domain.local
@domain.com ....

The default address in your recipient policy has to be in that user's list of email addresses. If there's no address in there for the local domain it will not allow the user to log into OWA. If the user doesn't have username@domain.local in the list of addresses under their "Email Addresses" tab in AD you need to add it before they can log in.
0
RichardSmeeAuthor Commented:
SubSun, Hi. The user can access the mailbox using http://washington/exchange (washington post - sorry). However they generally access internally using https://webmail (we have a front end exchange server). All the other users are still able to access using https://webmail. Thanks
0
SubsunCommented:
Can you paste the actual error message or screenshot by Disabling Show Friendly HTTP error messages in IE?
0
RichardSmeeAuthor Commented:
The Show Friendly HTTP error messages is not ticked. After login you get the two frames and in each frame the message is HTTP/1.1 500 Internal Server error
0
SubsunCommented:
And is there any recent change or any email address conflict for this account?
On user account properties > account tab > click on log on to and check if all computers are selected and in exchange features tab just disable and enable the outlook web access.
0
RichardSmeeAuthor Commented:
Subsun hi. Yep that all looks OK. Strangely now it now won't even allow you to log into OWA using front end server although you still can by http://servername/exchange. Also the default receipient policy looks ok too.
0
Britt ThompsonSr. Systems EngineerCommented:
Does the user have all of the email addresses listed in the default recipient policy under the email addresses tab in their account?
0
RichardSmeeAuthor Commented:
Renazonse: Yes everything looks fine there
0
Britt ThompsonSr. Systems EngineerCommented:
Have you recently reset this user's password? If so, it could be some sort of cached login.
0
RichardSmeeAuthor Commented:
unfortunately not he's had the same password for ages. I have also tried it on my machine and the exchange server
0
RichardSmeeAuthor Commented:
New information : apparently it has NEVER worked for this user!!!???! but he didn't complain because he can use outlook. I hope that helps, thanks.
0
SubsunCommented:
How many frond end servers you have?
0
SubsunCommented:
Can you try to move user to another mailbox store and try OWA logging again.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Britt ThompsonSr. Systems EngineerCommented:
When only one user is unable to use OWA, it usually means that they don't have an email address in the same domain as everyone else.  This might seem strange, but each OWA directory only accesses one SMTP domain.

I know it's repetitive but maybe there's a typo in the user's address or something?

Is it possible that this user is a member of a specific group or the user itself has an deny permission somewhere?
0
Britt ThompsonSr. Systems EngineerCommented:
Also, check the address after the user attempts to login...does it redirect it to an incorrect address?
0
RichardSmeeAuthor Commented:
I was wondering that. Will try and u know, thanks. BTW just the 1 FE.
0
SaakarSenior Technical ConsultantCommented:
Interesting Case I should say, this could also happen if the user has a identical SID with another user, in the AD.
Check for some events as follows: -
Event Type: Error
Event Source: MSExchangeIS
Event Category: General
Event ID: 9528
User: N/A
Computer: <Exchange Server Name>
Description:
The SID S-1-5-21-823518204-1606980848-682003330-1969 was found on 2 users in the
DS, so the store cannot map this SID to a unique user.
The users involved are:
/DC=com/DC=contoso/OU=Accounts/OU=users/CN=test,
/DC=com/DC=contoso/OU=Accounts/OU=users/CN=test1,
Please use the Exchange Active Directory Cleanup utility to merge the duplicate
objects together.
For more information, click http://www.microsoft.com/contentredirect.asp 
<http://www.microsoft.com/contentredirect.asp> .
Also check with ADUsers&Computers and remove the check from the Associated with External Account attribute.
See if this helps!!
0
RichardSmeeAuthor Commented:
I moved the user to another mailbox store (well another exchange server - coz we've only got 1 store per sever) and it worked. It would of been nice to know exactly why there was a problem in the first place but I guess solving the problem is the main thing. Thanks to everyone who contributed.
0
SubsunCommented:
Happy to know that it is resolved. Move mailbox will recreate the folders and tables required for the mailbox also reset the self permissions on the mailbox and this might have resolved your issue.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.