Solved

OWA access issue after installing Exchange 2007 SP3

Posted on 2011-02-28
15
1,947 Views
Last Modified: 2012-05-11
Hey everyone,

I recently installed Exchange 2007 SP3 along with rollup 2. Everything seems to be working fine expect for OWA and only when logged in with view-only admins with full permissions to all mailboxes - for example, the besadmin account. When trying to access any mailbox within any of the stores in the origination, I get the following error (entire error below). The key seems to be:

Inner Exception
Exception type: Microsoft.Mapi.MapiExceptionLogonFailed
Exception message: MapiExceptionLogonFailed: Unable to make connection to the server.

Not sure why login is failing or why the server would state it’s unable to make connection to the server (all servers are on the same box and MAPI clients are connecting fine as far as I can tell). As long as I login as domainuser\self, I don’t have any problems. I need to be able to login frequently to accounts with the besadmin but am more concerned this problem will advance into some strange permission issue. Entire error here and thanks in advanced:


Request
Url: https://xxx.xxx.com:443/owa/default.aspx
User host address: xxx.xxx.xxx.xxx

Exception
Exception type: Microsoft.Exchange.Data.Storage.ConnectionFailedTransientException
Exception message: Cannot open mailbox /o=xxx/ou=xxx/cn=Recipients/cn=besadmin.

Call stack

Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Data.Storage.MailboxSession.Initialize(LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags)
Microsoft.Exchange.Data.Storage.MailboxSession.CreateMailboxSession(LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Data.Storage.MailboxSession.Open(ExchangePrincipal mailboxOwner, WindowsPrincipal authenticatedUser, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Clients.Owa.Core.OwaWindowsIdentity.CreateMailboxSession(ExchangePrincipal exchangePrincipal, CultureInfo cultureInfo)
Microsoft.Exchange.Clients.Owa.Core.UserOptions.LoadSharedCalendarTimezoneSetting(TimezoneSetting& setting)
Microsoft.Exchange.Clients.Owa.Core.UserOptions.Load(IList`1 properties)
Microsoft.Exchange.Clients.Owa.Core.UserOptions.LoadAll()
Microsoft.Exchange.Clients.Owa.Core.UserContext.Load(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.CreateUserContext(OwaContext owaContext, UserContextKey userContextKey, UserContext& userContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Inner Exception
Exception type: Microsoft.Mapi.MapiExceptionLogonFailed
Exception message: MapiExceptionLogonFailed: Unable to make connection to the server. (hr=0x80040111, ec=-2147221231) Diagnostic context: ...... Lid: 16280 dwParam: 0x6BA Msg: EEInfo: ComputerName: n/a Lid: 8600 dwParam: 0x6BA Msg: EEInfo: ProcessID: 956 Lid: 12696 dwParam: 0x6BA Msg: EEInfo: Generation Time: 2011-03-01 01:08:40:372 Lid: 10648 dwParam: 0x6BA Msg: EEInfo: Generating component: 2 Lid: 14744 dwParam: 0x6BA Msg: EEInfo: Status: 1722 Lid: 9624 dwParam: 0x6BA Msg: EEInfo: Detection location: 390 Lid: 13720 dwParam: 0x6BA Msg: EEInfo: Flags: 0 Lid: 11672 dwParam: 0x6BA Msg: EEInfo: NumberOfParameters: 2 Lid: 8856 dwParam: 0x6BA Msg: EEInfo: prm[0]: Unicode string: xxx.xxx.INC Lid: 8856 dwParam: 0x6BA Msg: EEInfo: prm[1]: Unicode string:xxx Lid: 23065 EcDoConnectEx called [length=67] Lid: 17913 EcDoConnectEx returned [ec=0x80040111][length=56][latency=0] Lid: 19778 Lid: 27970 StoreEc: 0x80040111 Lid: 17730 Lid: 25922 StoreEc: 0x80040111

Call stack

Microsoft.Mapi.MapiExceptionHelper.ThrowIfError(String message, Int32 hresult, Int32 ec, DiagnosticContext diagCtx)
Microsoft.Mapi.ExRpcConnection.Create(ConnectionCache connectionCache, ExRpcConnectionCreateFlag createFlags, ConnectFlag connectFlags, String serverDn, String userDn, String user, String domain, String password, String httpProxyServerName, Int32 ulConMod, Int32 lcidString, Int32 lcidSort, Int32 cpid, Int32 cReconnectIntervalInMins, Int32 cbRpcBufferSize, Int32 cbAuxBufferSize)
Microsoft.Mapi.ConnectionCache.OpenMapiStore(String mailboxDn, Guid mailboxGuid, Guid mdbGuid, ClientIdentityInfo clientIdentity, String userDnAs, OpenStoreFlag openStoreFlags, CultureInfo cultureInfo, String applicationId)
Microsoft.Mapi.ConnectionCache.OpenMailbox(String mailboxDn, Guid mailboxGuid, Guid mdbGuid, WindowsIdentity windowsIdentityAs, String userDnAs, OpenStoreFlag openStoreFlags, CultureInfo cultureInfo, String applicationId)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
0
Comment
Question by:Smoothie247
  • 7
  • 6
  • 2
15 Comments
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35004363
Can you try re-assigning the permissions to that user? Looks like the permissions may have become corrupt during SP3 install.
0
 

Author Comment

by:Smoothie247
ID: 35004365
I've already tried that to no avail.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35004404
and this is happening for more than one user? Or is it just BES?
0
 
LVL 11

Expert Comment

by:MichaelVH
ID: 35004417
it somehow seems that the besadmin mailbox might have become corrupt.

Can you confirm that you can either log in into the besadmins mailbox with outlook or not?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35004436
What version of BES is in use? SP3 requires 5.0.2
0
 

Author Comment

by:Smoothie247
ID: 35004446
besadmin mailbox is on an Exchange 2003 SP3 server, so I seriously doubt the mailbox would be corrupted. This feels like permissions issues and was working just fine until SP3 install. I already upgrade to BES version 5.0.2 MR3 before the Exchange 2007 SP3 install. Thanks guys.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35004448
OK, if it's on a 2003 server do you have a seperate CAS server?
Are all the mailboxes you are having problems with on the 2003 server?

When do you plan to move them?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 11

Accepted Solution

by:
MichaelVH earned 250 total points
ID: 35004458
Smoothie,

what you can do is the following:

1. Run ExBPA to reveal possible issues
2. You can try moving the users from DB and if necessary move it back.
3. Please make sure that all the rights for the user-object are correct (checking security through ADUC)

Are you seeing events in the eventlog for this issue?

Michael
0
 

Author Comment

by:Smoothie247
ID: 35014571
So I dont think the besadmin or the Exchange 2003 server is the problem - I just realized that any user (besides the owner) that had permissions before the SP3 install now gets the same error when trying to access via OWA. Very strange. I dont see anything out of the ordinary via ExBPA. I will try the mailbox move but I'm not sure the problem is truly permissions, as I can open any of these mailbox w/o any issues via MAPI and the besadmin...
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35014834
Can you check the inherited permissions, it shouldn't make a difference but you never know.  See here:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861-Activesync-Working-But-Only-For-Some-Users-On-Exchange-2007-2010.html
0
 

Author Comment

by:Smoothie247
ID: 35018748
Inherited permissions are already enabled and working ifne. Any other thoughts? :) Banging my head on this one...
0
 
LVL 74

Assisted Solution

by:Glen Knight
Glen Knight earned 250 total points
ID: 35018769
Did you try the mailbox move?
0
 

Author Comment

by:Smoothie247
ID: 35047207
I figured out what was up. Strangely, I had to move the besamdin mailbox from the Exchange 2003 server to Exchange 2007 server. For whatever reason, the service pack install didn’t like trying to authenticate via OWA. Good ol' MSFT strikes again... ;) Thanks for help.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35047217
Isn't that what I suggested?
0
 

Author Comment

by:Smoothie247
ID: 35047234
I suppose you did but we were talking about moving mailbox besides the besadmin.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now