Solved

OWA access issue after installing Exchange 2007 SP3

Posted on 2011-02-28
15
1,952 Views
Last Modified: 2012-05-11
Hey everyone,

I recently installed Exchange 2007 SP3 along with rollup 2. Everything seems to be working fine expect for OWA and only when logged in with view-only admins with full permissions to all mailboxes - for example, the besadmin account. When trying to access any mailbox within any of the stores in the origination, I get the following error (entire error below). The key seems to be:

Inner Exception
Exception type: Microsoft.Mapi.MapiExceptionLogonFailed
Exception message: MapiExceptionLogonFailed: Unable to make connection to the server.

Not sure why login is failing or why the server would state it’s unable to make connection to the server (all servers are on the same box and MAPI clients are connecting fine as far as I can tell). As long as I login as domainuser\self, I don’t have any problems. I need to be able to login frequently to accounts with the besadmin but am more concerned this problem will advance into some strange permission issue. Entire error here and thanks in advanced:


Request
Url: https://xxx.xxx.com:443/owa/default.aspx
User host address: xxx.xxx.xxx.xxx

Exception
Exception type: Microsoft.Exchange.Data.Storage.ConnectionFailedTransientException
Exception message: Cannot open mailbox /o=xxx/ou=xxx/cn=Recipients/cn=besadmin.

Call stack

Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Data.Storage.MailboxSession.Initialize(LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags)
Microsoft.Exchange.Data.Storage.MailboxSession.CreateMailboxSession(LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Data.Storage.MailboxSession.Open(ExchangePrincipal mailboxOwner, WindowsPrincipal authenticatedUser, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Clients.Owa.Core.OwaWindowsIdentity.CreateMailboxSession(ExchangePrincipal exchangePrincipal, CultureInfo cultureInfo)
Microsoft.Exchange.Clients.Owa.Core.UserOptions.LoadSharedCalendarTimezoneSetting(TimezoneSetting& setting)
Microsoft.Exchange.Clients.Owa.Core.UserOptions.Load(IList`1 properties)
Microsoft.Exchange.Clients.Owa.Core.UserOptions.LoadAll()
Microsoft.Exchange.Clients.Owa.Core.UserContext.Load(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.CreateUserContext(OwaContext owaContext, UserContextKey userContextKey, UserContext& userContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Inner Exception
Exception type: Microsoft.Mapi.MapiExceptionLogonFailed
Exception message: MapiExceptionLogonFailed: Unable to make connection to the server. (hr=0x80040111, ec=-2147221231) Diagnostic context: ...... Lid: 16280 dwParam: 0x6BA Msg: EEInfo: ComputerName: n/a Lid: 8600 dwParam: 0x6BA Msg: EEInfo: ProcessID: 956 Lid: 12696 dwParam: 0x6BA Msg: EEInfo: Generation Time: 2011-03-01 01:08:40:372 Lid: 10648 dwParam: 0x6BA Msg: EEInfo: Generating component: 2 Lid: 14744 dwParam: 0x6BA Msg: EEInfo: Status: 1722 Lid: 9624 dwParam: 0x6BA Msg: EEInfo: Detection location: 390 Lid: 13720 dwParam: 0x6BA Msg: EEInfo: Flags: 0 Lid: 11672 dwParam: 0x6BA Msg: EEInfo: NumberOfParameters: 2 Lid: 8856 dwParam: 0x6BA Msg: EEInfo: prm[0]: Unicode string: xxx.xxx.INC Lid: 8856 dwParam: 0x6BA Msg: EEInfo: prm[1]: Unicode string:xxx Lid: 23065 EcDoConnectEx called [length=67] Lid: 17913 EcDoConnectEx returned [ec=0x80040111][length=56][latency=0] Lid: 19778 Lid: 27970 StoreEc: 0x80040111 Lid: 17730 Lid: 25922 StoreEc: 0x80040111

Call stack

Microsoft.Mapi.MapiExceptionHelper.ThrowIfError(String message, Int32 hresult, Int32 ec, DiagnosticContext diagCtx)
Microsoft.Mapi.ExRpcConnection.Create(ConnectionCache connectionCache, ExRpcConnectionCreateFlag createFlags, ConnectFlag connectFlags, String serverDn, String userDn, String user, String domain, String password, String httpProxyServerName, Int32 ulConMod, Int32 lcidString, Int32 lcidSort, Int32 cpid, Int32 cReconnectIntervalInMins, Int32 cbRpcBufferSize, Int32 cbAuxBufferSize)
Microsoft.Mapi.ConnectionCache.OpenMapiStore(String mailboxDn, Guid mailboxGuid, Guid mdbGuid, ClientIdentityInfo clientIdentity, String userDnAs, OpenStoreFlag openStoreFlags, CultureInfo cultureInfo, String applicationId)
Microsoft.Mapi.ConnectionCache.OpenMailbox(String mailboxDn, Guid mailboxGuid, Guid mdbGuid, WindowsIdentity windowsIdentityAs, String userDnAs, OpenStoreFlag openStoreFlags, CultureInfo cultureInfo, String applicationId)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
0
Comment
Question by:Smoothie247
  • 7
  • 6
  • 2
15 Comments
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35004363
Can you try re-assigning the permissions to that user? Looks like the permissions may have become corrupt during SP3 install.
0
 

Author Comment

by:Smoothie247
ID: 35004365
I've already tried that to no avail.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35004404
and this is happening for more than one user? Or is it just BES?
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 11

Expert Comment

by:MichaelVH
ID: 35004417
it somehow seems that the besadmin mailbox might have become corrupt.

Can you confirm that you can either log in into the besadmins mailbox with outlook or not?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35004436
What version of BES is in use? SP3 requires 5.0.2
0
 

Author Comment

by:Smoothie247
ID: 35004446
besadmin mailbox is on an Exchange 2003 SP3 server, so I seriously doubt the mailbox would be corrupted. This feels like permissions issues and was working just fine until SP3 install. I already upgrade to BES version 5.0.2 MR3 before the Exchange 2007 SP3 install. Thanks guys.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35004448
OK, if it's on a 2003 server do you have a seperate CAS server?
Are all the mailboxes you are having problems with on the 2003 server?

When do you plan to move them?
0
 
LVL 11

Accepted Solution

by:
MichaelVH earned 250 total points
ID: 35004458
Smoothie,

what you can do is the following:

1. Run ExBPA to reveal possible issues
2. You can try moving the users from DB and if necessary move it back.
3. Please make sure that all the rights for the user-object are correct (checking security through ADUC)

Are you seeing events in the eventlog for this issue?

Michael
0
 

Author Comment

by:Smoothie247
ID: 35014571
So I dont think the besadmin or the Exchange 2003 server is the problem - I just realized that any user (besides the owner) that had permissions before the SP3 install now gets the same error when trying to access via OWA. Very strange. I dont see anything out of the ordinary via ExBPA. I will try the mailbox move but I'm not sure the problem is truly permissions, as I can open any of these mailbox w/o any issues via MAPI and the besadmin...
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35014834
Can you check the inherited permissions, it shouldn't make a difference but you never know.  See here:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861-Activesync-Working-But-Only-For-Some-Users-On-Exchange-2007-2010.html
0
 

Author Comment

by:Smoothie247
ID: 35018748
Inherited permissions are already enabled and working ifne. Any other thoughts? :) Banging my head on this one...
0
 
LVL 74

Assisted Solution

by:Glen Knight
Glen Knight earned 250 total points
ID: 35018769
Did you try the mailbox move?
0
 

Author Comment

by:Smoothie247
ID: 35047207
I figured out what was up. Strangely, I had to move the besamdin mailbox from the Exchange 2003 server to Exchange 2007 server. For whatever reason, the service pack install didn’t like trying to authenticate via OWA. Good ol' MSFT strikes again... ;) Thanks for help.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35047217
Isn't that what I suggested?
0
 

Author Comment

by:Smoothie247
ID: 35047234
I suppose you did but we were talking about moving mailbox besides the besadmin.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ESX 6.0 Best Practices for datastore size 5 81
Exchange 2013 Update 4 29
Exchange - Retention Policy 4 34
Powershell Script Help, Office 365 Exchange migration 10 41
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question