Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Exchange 2013 ECP .Net error

Posted on 2012-12-27
7
Medium Priority
?
6,810 Views
Last Modified: 2013-08-01
Hi I just installed exchange 2013 on a domain controller in a test environment. OWA works, but if I try to access https://servername/ecp I get the following error:

Server Error in '/ecp' Application.
--------------------------------------------------------------------------------

NegotiateSecurityContext failed with LogonDenied
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Web.HttpException: NegotiateSecurityContext failed with LogonDenied

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.  

Stack Trace:


[HttpException (0x80004005): NegotiateSecurityContext failed with LogonDenied]
   Microsoft.Exchange.HttpProxy.ProxyRequestHandler.EndProcessRequest(IAsyncResult result) +604
   System.Web.CallHandlerExecutionStep.OnAsyncHandlerCompletion(IAsyncResult ar) +210
 
the following is logged in the eventlog:

Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 12/27/2012 11:27:39 PM
Event time (UTC): 12/28/2012 4:27:39 AM
Event ID: a77ad86febc042a78a5f903b83aa0642
Event sequence: 176
Event occurrence: 14
Event detail code: 0
 
Application information:
    Application domain: /LM/W3SVC/1/ROOT/ecp-5-130011412568254657
    Trust level: Full
    Application Virtual Path: /ecp
    Application Path: C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\ecp\
    Machine name: ALPHA2
 
Process information:
    Process ID: 17860
    Process name: w3wp.exe
    Account name: NT AUTHORITY\SYSTEM
 
Exception information:
    Exception type: HttpException
    Exception message: NegotiateSecurityContext failed with LogonDenied
   at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.EndProcessRequest(IAsyncResult result)
   at System.Web.HttpApplication.CallHandlerExecutionStep.OnAsyncHandlerCompletion(IAsyncResult ar)

 
 
Request information:
    Request URL: https://alpha2:443/ecp/ 
    Request path: /ecp/
    User host address: fe80::e103:3fb3:bff:d233C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\ecp\
    User: CRYPTZ\SM_235cdaff9cfb4207a
    Is authenticated: True
    Authentication Type: Basic
    Thread account name: NT AUTHORITY\SYSTEM
 
Thread information:
    Thread ID: 58
    Thread account name: NT AUTHORITY\SYSTEM
    Is impersonating: False
    Stack trace:    at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.EndProcessRequest(IAsyncResult result)
   at System.Web.HttpApplication.CallHandlerExecutionStep.OnAsyncHandlerCompletion(IAsyncResult ar)
 
 
Custom event details:


I am unable to find anything about:NegotiateSecurityContext

any help woud be appreciated.
0
Comment
Question by:Baran711
  • 4
  • 2
7 Comments
 
LVL 13

Expert Comment

by:Yagya Shree
ID: 38726530
Hi,

This is solved by installing “Windows Identity Foundation 3.5” on Windows Server 2012.
This can be found in Windows Features installation or easy install with Powershell: “Install-WindowsFeature”.

Please refer below post:
http://gjohansson.com/blog/2012/07/31/server-error-in-ecp-application-exchange-2013/
0
 

Author Comment

by:Baran711
ID: 38726784
yagyashree,

i verified i already have windows identity foundation 3.5 installed. also the error in the link you provided is not the same error i am receiving
0
 

Author Comment

by:Baran711
ID: 38730244
I just wanted to add the following. if I try to directly access the back end ecp directory I get the error below. I have another test server in a different domain and I can access the back end ecp directly. maybe this error + the error above for the front end ecp directory will help us narrow this down:

Current user: 'Administrator'
Request for URL 'https://alpha2.cryptz.com:444/ecp/default.aspx' failed with the following error:
System.NotSupportedException: GetSecurityIdentifier does not support Microsoft.Exchange.Management.ControlPanel.StandardSession
   at Microsoft.Exchange.Security.Authentication.IIdentityExtensions.GetSecurityIdentifier(IIdentity identity)
   at Microsoft.Exchange.Management.ControlPanel.EcpIdentity..ctor(IIdentity logonUserIdentity, String cacheKeySuffix)
   at Microsoft.Exchange.Management.ControlPanel.RbacSettings..ctor(HttpContext context)
   at Microsoft.Exchange.Management.ControlPanel.AuthenticationSettings..ctor(HttpContext context)
   at Microsoft.Exchange.Management.ControlPanel.RbacModule.Application_PostAuthenticateRequest(Object sender, EventArgs e)
   at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
   at Microsoft.Exchange.Security.Authentication.IIdentityExtensions.GetSecurityIdentifier(IIdentity identity)
   at Microsoft.Exchange.Management.ControlPanel.EcpIdentity..ctor(IIdentity logonUserIdentity, String cacheKeySuffix)
   at Microsoft.Exchange.Management.ControlPanel.RbacSettings..ctor(HttpContext context)
   at Microsoft.Exchange.Management.ControlPanel.AuthenticationSettings..ctor(HttpContext context)
   at Microsoft.Exchange.Management.ControlPanel.RbacModule.Application_PostAuthenticateRequest(Object sender, EventArgs e)
   at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 13

Expert Comment

by:Yagya Shree
ID: 38771427
Did you manage to get an answer for your query?
0
 

Accepted Solution

by:
Baran711 earned 0 total points
ID: 38772058
I resolved the issue myself. there was a conflicting .net application running in iis. it has set the modules runallmanagedmodulesforallrequests= true
0
 

Author Closing Comment

by:Baran711
ID: 38792309
I was able to determine the cause of the problem
0
 

Expert Comment

by:Lighthouse_IS
ID: 39375372
What did you do to resolve it?
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question