• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1962
  • Last Modified:

OWA access issue after installing Exchange 2007 SP3

Hey everyone,

I recently installed Exchange 2007 SP3 along with rollup 2. Everything seems to be working fine expect for OWA and only when logged in with view-only admins with full permissions to all mailboxes - for example, the besadmin account. When trying to access any mailbox within any of the stores in the origination, I get the following error (entire error below). The key seems to be:

Inner Exception
Exception type: Microsoft.Mapi.MapiExceptionLogonFailed
Exception message: MapiExceptionLogonFailed: Unable to make connection to the server.

Not sure why login is failing or why the server would state it’s unable to make connection to the server (all servers are on the same box and MAPI clients are connecting fine as far as I can tell). As long as I login as domainuser\self, I don’t have any problems. I need to be able to login frequently to accounts with the besadmin but am more concerned this problem will advance into some strange permission issue. Entire error here and thanks in advanced:


Request
Url: https://xxx.xxx.com:443/owa/default.aspx
User host address: xxx.xxx.xxx.xxx

Exception
Exception type: Microsoft.Exchange.Data.Storage.ConnectionFailedTransientException
Exception message: Cannot open mailbox /o=xxx/ou=xxx/cn=Recipients/cn=besadmin.

Call stack

Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Data.Storage.MailboxSession.Initialize(LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags)
Microsoft.Exchange.Data.Storage.MailboxSession.CreateMailboxSession(LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Data.Storage.MailboxSession.Open(ExchangePrincipal mailboxOwner, WindowsPrincipal authenticatedUser, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Clients.Owa.Core.OwaWindowsIdentity.CreateMailboxSession(ExchangePrincipal exchangePrincipal, CultureInfo cultureInfo)
Microsoft.Exchange.Clients.Owa.Core.UserOptions.LoadSharedCalendarTimezoneSetting(TimezoneSetting& setting)
Microsoft.Exchange.Clients.Owa.Core.UserOptions.Load(IList`1 properties)
Microsoft.Exchange.Clients.Owa.Core.UserOptions.LoadAll()
Microsoft.Exchange.Clients.Owa.Core.UserContext.Load(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.CreateUserContext(OwaContext owaContext, UserContextKey userContextKey, UserContext& userContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Inner Exception
Exception type: Microsoft.Mapi.MapiExceptionLogonFailed
Exception message: MapiExceptionLogonFailed: Unable to make connection to the server. (hr=0x80040111, ec=-2147221231) Diagnostic context: ...... Lid: 16280 dwParam: 0x6BA Msg: EEInfo: ComputerName: n/a Lid: 8600 dwParam: 0x6BA Msg: EEInfo: ProcessID: 956 Lid: 12696 dwParam: 0x6BA Msg: EEInfo: Generation Time: 2011-03-01 01:08:40:372 Lid: 10648 dwParam: 0x6BA Msg: EEInfo: Generating component: 2 Lid: 14744 dwParam: 0x6BA Msg: EEInfo: Status: 1722 Lid: 9624 dwParam: 0x6BA Msg: EEInfo: Detection location: 390 Lid: 13720 dwParam: 0x6BA Msg: EEInfo: Flags: 0 Lid: 11672 dwParam: 0x6BA Msg: EEInfo: NumberOfParameters: 2 Lid: 8856 dwParam: 0x6BA Msg: EEInfo: prm[0]: Unicode string: xxx.xxx.INC Lid: 8856 dwParam: 0x6BA Msg: EEInfo: prm[1]: Unicode string:xxx Lid: 23065 EcDoConnectEx called [length=67] Lid: 17913 EcDoConnectEx returned [ec=0x80040111][length=56][latency=0] Lid: 19778 Lid: 27970 StoreEc: 0x80040111 Lid: 17730 Lid: 25922 StoreEc: 0x80040111

Call stack

Microsoft.Mapi.MapiExceptionHelper.ThrowIfError(String message, Int32 hresult, Int32 ec, DiagnosticContext diagCtx)
Microsoft.Mapi.ExRpcConnection.Create(ConnectionCache connectionCache, ExRpcConnectionCreateFlag createFlags, ConnectFlag connectFlags, String serverDn, String userDn, String user, String domain, String password, String httpProxyServerName, Int32 ulConMod, Int32 lcidString, Int32 lcidSort, Int32 cpid, Int32 cReconnectIntervalInMins, Int32 cbRpcBufferSize, Int32 cbAuxBufferSize)
Microsoft.Mapi.ConnectionCache.OpenMapiStore(String mailboxDn, Guid mailboxGuid, Guid mdbGuid, ClientIdentityInfo clientIdentity, String userDnAs, OpenStoreFlag openStoreFlags, CultureInfo cultureInfo, String applicationId)
Microsoft.Mapi.ConnectionCache.OpenMailbox(String mailboxDn, Guid mailboxGuid, Guid mdbGuid, WindowsIdentity windowsIdentityAs, String userDnAs, OpenStoreFlag openStoreFlags, CultureInfo cultureInfo, String applicationId)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
0
Smoothie247
Asked:
Smoothie247
  • 7
  • 6
  • 2
2 Solutions
 
Glen KnightCommented:
Can you try re-assigning the permissions to that user? Looks like the permissions may have become corrupt during SP3 install.
0
 
Smoothie247Author Commented:
I've already tried that to no avail.
0
 
Glen KnightCommented:
and this is happening for more than one user? Or is it just BES?
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
MichaelVHCommented:
it somehow seems that the besadmin mailbox might have become corrupt.

Can you confirm that you can either log in into the besadmins mailbox with outlook or not?
0
 
Glen KnightCommented:
What version of BES is in use? SP3 requires 5.0.2
0
 
Smoothie247Author Commented:
besadmin mailbox is on an Exchange 2003 SP3 server, so I seriously doubt the mailbox would be corrupted. This feels like permissions issues and was working just fine until SP3 install. I already upgrade to BES version 5.0.2 MR3 before the Exchange 2007 SP3 install. Thanks guys.
0
 
Glen KnightCommented:
OK, if it's on a 2003 server do you have a seperate CAS server?
Are all the mailboxes you are having problems with on the 2003 server?

When do you plan to move them?
0
 
MichaelVHCommented:
Smoothie,

what you can do is the following:

1. Run ExBPA to reveal possible issues
2. You can try moving the users from DB and if necessary move it back.
3. Please make sure that all the rights for the user-object are correct (checking security through ADUC)

Are you seeing events in the eventlog for this issue?

Michael
0
 
Smoothie247Author Commented:
So I dont think the besadmin or the Exchange 2003 server is the problem - I just realized that any user (besides the owner) that had permissions before the SP3 install now gets the same error when trying to access via OWA. Very strange. I dont see anything out of the ordinary via ExBPA. I will try the mailbox move but I'm not sure the problem is truly permissions, as I can open any of these mailbox w/o any issues via MAPI and the besadmin...
0
 
Glen KnightCommented:
Can you check the inherited permissions, it shouldn't make a difference but you never know.  See here:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861-Activesync-Working-But-Only-For-Some-Users-On-Exchange-2007-2010.html
0
 
Smoothie247Author Commented:
Inherited permissions are already enabled and working ifne. Any other thoughts? :) Banging my head on this one...
0
 
Glen KnightCommented:
Did you try the mailbox move?
0
 
Smoothie247Author Commented:
I figured out what was up. Strangely, I had to move the besamdin mailbox from the Exchange 2003 server to Exchange 2007 server. For whatever reason, the service pack install didn’t like trying to authenticate via OWA. Good ol' MSFT strikes again... ;) Thanks for help.
0
 
Glen KnightCommented:
Isn't that what I suggested?
0
 
Smoothie247Author Commented:
I suppose you did but we were talking about moving mailbox besides the besadmin.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 7
  • 6
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now