Solved

Exchange 2010: EMC problem because of Powershell issues on IIS?

Posted on 2011-03-15
22
3,457 Views
Last Modified: 2012-08-13
Hi,

I've wanted to open the Exchange Management Console like always but I got an error message now (picture 1).

picture 1
And when trying to access the modules section in the Powershell virtual directory on IIS I get an error message too (picture 2).

picture 2
My users can still send and receive e-mails but I can't create new users, for example. I need to resolve this!?

I've also found the following in the Event Viewer: "The setting ExternalProxy in the Web.Config file was not valid. The previous value was null and has been changed to ."

And also this: "The Application Host Helper Service has detected that administration.config file doesn't contain valid configuration. Config history backup feature has been disabled. It will be re-enabled automatically once the configuration file is fixed."

Any help is greatly appreciated! :)

Jerome  
0
Comment
Question by:Xeronimo
  • 12
  • 9
22 Comments
 
LVL 14

Assisted Solution

by:Shabarinath Ramadasan
Shabarinath Ramadasan earned 166 total points
ID: 35137315
0
 

Author Comment

by:Xeronimo
ID: 35137334
Shaba,

Thank you but I'm logged onto the Exchange server via RDP as the domain admin. This always had worked before.

So I get the above errors even as an admin ...

Jerome
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 35138530
I would first try removing and re-creating the PS vdir by using the Remove-PowerShellVirtualDirectory and then New-PowerShellVirtualDirectory .  Unfortunately, if things are too bad, it won't actually let you do that.

There are also several articles for this sort of thing.  Here is a good place to start:
http://blogs.technet.com/b/exchange/archive/2010/02/04/3409289.aspx
0
 

Author Comment

by:Xeronimo
ID: 35138622
Lee:

Thanks, I'll try that.

I've checked out that page before (and their updated version: http://blogs.technet.com/b/exchange/archive/2010/12/07/3411644.aspx).

They mention a tool (EMTshooter) but the download link does not work anymore??

Jerome
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 35138773
Ah, well.  In the last few forum topics where I suggested using this, it was no help, anyway.  I think MS have messed up by making the entire Exchange management function dependent upon a rather finnicky IIS configuration.  See if you can recreate the PS VDir for now.
0
 

Author Comment

by:Xeronimo
ID: 35138858
Lee,

I've tried that command but got an error message ...

 picture 3
0
 

Author Comment

by:Xeronimo
ID: 35139049
There's obviously something wrong with the IIS part of things I would say! I've gotten more than 5000 events from the task category 'WebHost' in the last half hour!

Mostly this one:

WebHost failed to process a request.
 Sender Information: System.ServiceModel.ServiceHostingEnvironment+HostingManager/42931033
 Exception: System.ServiceModel.ServiceActivationException: The service '/EWS/Exchange.asmx' cannot be activated due to an exception during compilation.  The exception message is: This collection already contains an address with scheme http.  There can be at most one address per scheme in this collection.
Parameter name: item. ---> System.ArgumentException: This collection already contains an address with scheme http.  There can be at most one address per scheme in this collection.
Parameter name: item
   at System.ServiceModel.UriSchemeKeyedCollection.InsertItem(Int32 index, Uri item)
   at System.Collections.Generic.SynchronizedCollection`1.Add(T item)
   at System.ServiceModel.UriSchemeKeyedCollection..ctor(Uri[] addresses)
   at System.ServiceModel.ServiceHost..ctor(Type serviceType, Uri[] baseAddresses)
   at System.ServiceModel.Activation.ServiceHostFactory.CreateServiceHost(Type serviceType, Uri[] baseAddresses)
   at System.ServiceModel.Activation.ServiceHostFactory.CreateServiceHost(String constructorString, Uri[] baseAddresses)
   at System.ServiceModel.ServiceHostingEnvironment.HostingManager.CreateService(String normalizedVirtualPath)
   at System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(String normalizedVirtualPath)
   at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
   --- End of inner exception stack trace ---
   at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
   at System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String relativeVirtualPath)
 Process Name: w3wp
 Process ID: 4480
0
 

Author Comment

by:Xeronimo
ID: 35139089
OWA still seems to work too though!
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 35139196
It would probably be a good time to use Remove-EWSVirtualDirectory, too, but as you discovered, PowerShell (which has failed load the Exchange extensions) won't let you do anything like that.

It might help to look at the problem illustrated in your picture22.png above.  I have pasted below the relevant section of my web.config (starting at line 7), so that you can compare it with yours.  You will find several web.config files on the server.  Make sure you look at the one mentioned in the error dialog box.

    <system.management.wsmanagement.config>
      <PluginModules>
        <OperationsPlugins>
          <Plugin Name="PowerShellplugin" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text">
            <Resources>
              <Resource ResourceUri="http://schemas.microsoft.com/powershell/Microsoft.Exchange" SupportsOptions="true">
                <Capability Type="Shell" />
              </Resource>
            </Resources>
            <InitializationParameters>
              <Param Name="PSVersion" Value="2.0" />
              <Param Name="ApplicationBase" Value="%ExchangeInstallPath%Bin" />
              <Param Name="AssemblyName" Value="Microsoft.Exchange.Configuration.ObjectModel.dll" />
              <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.Exchange.Configuration.Authorization.ExchangeAuthorizationPlugin" />
              <Param Name="PSMaximumReceivedObjectSizeMB" Value="75" />
              <Param Name="PSMaximumReceivedDataSizePerCommandMB" Value="500" />
            </InitializationParameters>
          </Plugin>                  
        </OperationsPlugins>
        <AuthorizationPlugin Name="Microsoft.Exchange.AuthorizationPlugin" Filename="%ExchangeInstallPath%Bin\Microsoft.Exchange.AuthorizationPlugin.dll" SDKVersion="1" SupportsQuota="true" />
      </PluginModules>
      <OperationsConfiguration MaxOperationTimeoutSeconds="900" MaxShellIdleTimeoutMinutes="15"/>
    </system.management.wsmanagement.config>
0
 

Author Comment

by:Xeronimo
ID: 35139425
Lee,

The error in picture22.png has been solved in the mean time, I think by removing and reinstalling the

So that's not a problem anymore! Oh, wait, I'm just remembering ... the error message itself in the console has slightly changed too:

 picture 2
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 35139464
Can you find that 403 in your IIS log file?
0
Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

 
LVL 31

Accepted Solution

by:
LeeDerbyshire earned 334 total points
ID: 35141823
MS are apparently working on the EMTShooter download problem.  But they sent me a copy, so if you email me, I'll forward it to you.
0
 

Author Comment

by:Xeronimo
ID: 35142493
Lee:

Hi, how do I sent you a private mail then here?

Thanks!
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 35143239
I have a web site that is linked from my profile - the address is there.  It's not good to put your email address in forums, because there are so many bots out there looking for them, but I hope this will be enough :-
email (a t) leederbyshire (d o t) com
0
 

Author Comment

by:Xeronimo
ID: 35145040
Lee:

Thanks, I'm sorry! I could have looked at your website! I've sent you an e-mail right now.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 35145661
No problem - I just sent you a copy.  Let me know if you don't get it.
0
 

Author Comment

by:Xeronimo
ID: 35145986
Lee:

Ok, so I've now run the tool and it tells me that the problem could be that SSL is required by the PowerShell vdir and I should disable that. Trying to figure out how to disable it now ...
0
 

Author Comment

by:Xeronimo
ID: 35146033
I've just noticed something else ...

The time saved in the log file is one hour earlier than it should be! Yet the server itself displays the correct time ... could that be part of the problem!?
0
 

Author Comment

by:Xeronimo
ID: 35146068
I've also found this in the log file:

2011-03-16 09:26:53 ::1 POST /PowerShell PSVersion=2.0 80 - ::1 Microsoft+WinRM+Client 403 4 5 0

Isn't ::1 IPv6? Shouldn't the connection be made using IPv4?
0
 
LVL 31

Assisted Solution

by:LeeDerbyshire
LeeDerbyshire earned 334 total points
ID: 35146070
Yes.  A few posts ago, I was hoping that you could find the 403 entry in your IIS log file.  There are 20 different types of 403 response (all meaning that something was forbidden), but the recorded subcode (I think it would be 403 4) would indicate if SSL required was the problem.  Anyway, it's easy enough to check in IIS.  If SSL is required on the powershell vdir, turn it off.

The recorded times in the log file are in GMT by default.
0
 

Author Comment

by:Xeronimo
ID: 35146125
Woohoo! It is working again!!!

It seems like, at least in the end, the main culprit was the PowerShell virtual directory since it required an SSL connection. I've disabled SSL on the vdir and now I can connect again.

The EMTshooter definitely helped in this case though since it suggested an SSL problem!

Thanks again, Lee :)
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 35146170
Excellent - I'm glad it's fixed.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
how to add IIS SMTP to handle application/Scanner relays into office 365.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now