BMPX
asked on
Cannot login to OWA (Outlook Web Access)
Hi Guys,
We have 1 user who cannot seem to login to OWA. I have tried ticking allow inheritable permissions in the security tab in AD and this was already ticked. I checked in exchange 07 to see if OWA was enabled and it is. We have migrated from Exchange 03 to 07 earlier this year and everything went ok. The user was able to use her webmail fine but it just stopped working all of a sudden. I checked to see that she is not part of the admins group as this overides the permissions. I also checked her AD settings and security settings against my AD account and they are Identical and yet I can still access OWA fine. she gets the following error message:
Request
Url: https://mail.domain.com/lang.owa
User host address: 0.0.0.0
Exception
Exception type: Microsoft.Exchange.Data.St orage.Stor agePermane ntExceptio n
Exception message: There was a problem accessing Active Directory.
Call stack
Microsoft.Exchange.Data.St orage.Exch angePrinci pal.Save()
Microsoft.Exchange.Clients .Owa.Core. RequestDis patcher.Di spatchLang uagePostLo cally(OwaC ontext owaContext, OwaIdentity logonIdentity, CultureInfo culture, String timeZoneKeyName, Boolean isOptimized)
Microsoft.Exchange.Clients .Owa.Core. RequestDis patcher.Di spatchLang uagePostRe quest(OwaC ontext owaContext)
Microsoft.Exchange.Clients .Owa.Core. RequestDis patcher.Pr epareReque stWithoutS ession(Owa Context owaContext, UserContextCookie userContextCookie)
Microsoft.Exchange.Clients .Owa.Core. RequestDis patcher.In ternalDisp atchReques t(OwaConte xt owaContext)
Microsoft.Exchange.Clients .Owa.Core. RequestDis patcher.Di spatchRequ est(OwaCon text owaContext)
System.Web.HttpApplication .SyncEvent ExecutionS tep.System .Web.HttpA pplication .IExecutio nStep.Exec ute()
System.Web.HttpApplication .ExecuteSt ep(IExecut ionStep step, Boolean& completedSynchronously)
Inner Exception
Exception type: Microsoft.Exchange.Data.Di rectory.AD OperationE xception
Exception message: Active Directory operation failed on servername.childname.root. domain.com . This error is not retriable. Additional information: The name reference is invalid. This may be caused by replication latency between Active Directory domain controllers. Active directory response: 000020B5: AtrErr: DSID-03152392, #1: 0: 000020B5: DSID-03152392, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 200ee (publicDelegates)
Call stack
Microsoft.Exchange.Data.Di rectory.AD Session.An alyzeDirec toryError( PooledLdap Connection connection, DirectoryRequest request, DirectoryException de, Int32 totalRetries, Int32 retriesOnServer)
Microsoft.Exchange.Data.Di rectory.AD Session.Ex ecuteModif icationReq uest(ADRaw Entry entry, DirectoryRequest request, ADObjectId originalId)
Microsoft.Exchange.Data.Di rectory.AD Session.Sa ve(ADObjec t instanceToSave, IEnumerable`1 properties)
Microsoft.Exchange.Data.St orage.Exch angePrinci pal.Save()
Inner Exception
Exception type: System.DirectoryServices.P rotocols.D irectoryOp erationExc eption
Exception message: A value in the request is invalid.
Call stack
System.DirectoryServices.P rotocols.L dapConnect ion.Constr uctRespons e(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
System.DirectoryServices.P rotocols.L dapConnect ion.SendRe quest(Dire ctoryReque st request, TimeSpan requestTimeout)
Microsoft.Exchange.Data.Di rectory.Po oledLdapCo nnection.S endRequest (Directory Request request, LdapOperation ldapOperation)
Microsoft.Exchange.Data.Di rectory.AD Session.Ex ecuteModif icationReq uest(ADRaw Entry entry, DirectoryRequest request, ADObjectId originalId)
I have been through countless forums and websites to find an answer. Some people have the same issue and havent found a resolution.
Any help would be appreciated guys thanks.
We have 1 user who cannot seem to login to OWA. I have tried ticking allow inheritable permissions in the security tab in AD and this was already ticked. I checked in exchange 07 to see if OWA was enabled and it is. We have migrated from Exchange 03 to 07 earlier this year and everything went ok. The user was able to use her webmail fine but it just stopped working all of a sudden. I checked to see that she is not part of the admins group as this overides the permissions. I also checked her AD settings and security settings against my AD account and they are Identical and yet I can still access OWA fine. she gets the following error message:
Request
Url: https://mail.domain.com/lang.owa
User host address: 0.0.0.0
Exception
Exception type: Microsoft.Exchange.Data.St
Exception message: There was a problem accessing Active Directory.
Call stack
Microsoft.Exchange.Data.St
Microsoft.Exchange.Clients
Microsoft.Exchange.Clients
Microsoft.Exchange.Clients
Microsoft.Exchange.Clients
Microsoft.Exchange.Clients
System.Web.HttpApplication
System.Web.HttpApplication
Inner Exception
Exception type: Microsoft.Exchange.Data.Di
Exception message: Active Directory operation failed on servername.childname.root.
Call stack
Microsoft.Exchange.Data.Di
Microsoft.Exchange.Data.Di
Microsoft.Exchange.Data.Di
Microsoft.Exchange.Data.St
Inner Exception
Exception type: System.DirectoryServices.P
Exception message: A value in the request is invalid.
Call stack
System.DirectoryServices.P
System.DirectoryServices.P
Microsoft.Exchange.Data.Di
Microsoft.Exchange.Data.Di
I have been through countless forums and websites to find an answer. Some people have the same issue and havent found a resolution.
Any help would be appreciated guys thanks.
SEE THIS :
http://support.microsoft.com/kb/941146
Refer IIS logs on CAS server for the Problem user.
Start > Run > Logfiles > W3svc1
Take LDP dump of a User whose OWA is working with the Problem users.
http://support.microsoft.com/kb/224543
By comparing both User dumps you can find the difference.
http://support.microsoft.com/kb/941146
Refer IIS logs on CAS server for the Problem user.
Start > Run > Logfiles > W3svc1
Take LDP dump of a User whose OWA is working with the Problem users.
http://support.microsoft.com/kb/224543
By comparing both User dumps you can find the difference.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Check this..
http://support.microsoft.com/kb/941146
Still not working then..
Try moving the user to another mailbox store and see if it helps..