Solved

Cannot Access Exchange Control Panel ‘ECP’ in Exchange Server 2013

Posted on 2014-04-09
4
8,763 Views
2 Endorsements
Last Modified: 2014-04-15
I was working with the authentications methods for OWA and frankly, I must have messed something up.

Now, when trying to access the ECP, after providing your username and password, it takes you to the OWA page and it gives you a blank “HTTP 400 Error” page.

I understand an administrator can use the Exchange Management Shell to reconfigure the authentications on the virtual directories, but my online research turns up contradictory shell commands. I request help to properly format the shell commands to correct authentications on the virtual directories for the ECP and OWA.

FWIW; One Exchange 2013 server holds all roles, the server name is "mail" & the internal name is mail.wti.local
2
Comment
Question by:GPCDIADMIN
  • 3
4 Comments
 
LVL 6

Expert Comment

by:arroryn
Comment Utility
Try working through this link - I initially thought it was permissions, and this seems to match your symptoms like-for-like

http://lyncdude.com/2013/02/07/cannot-access-exchange-contorl-panel-ecp-in-exchange-server-2013/

(le copy le paste from source)

Solution:

make sure that the authentication methods used by OWA and ECP are matching this is done by running the following

> Get-owavirtualdirectory | fl

make sure that you using “Form based Authentication” and “Basic Authentication”

3

do the same with ECP using the following command line

> Get-ECPVirtualDirectory | fl

4

If not then you just need to reconfigure the Authentications on both Virtual Directories, DONNOT use IIS use Exchange Management Shell.

For owa use the following

>Set-owavirtualdirectory -identity “owa <Default Web site>” -FormAuthentication:$true

use the same also for ECP

>Set-ecpvirtualdirectory -identity “ecp <Default Web site>” -FormAuthentication:$true

then restart your iis services using the following

>iisreset

once finished try to access your ECP page again and it should work now

if it didn’t make sure to run the same command lines but using “owa <Exchange Back End>” to make sure that both Default web site and Exchange back end website authentication methods are matching.

Cheers
0
 

Author Comment

by:GPCDIADMIN
Comment Utility
The commands published at http://lyncdude.com  do not work for me. They appear to be incomplete or something is not correct for my application.

This is a production server. Please, to earn your 500 points, I ask that you respect my server integrity and provide me with complete and (correct for this instance) instructions.  Here is some more information to assist.


> Get-owavirtualdirectory | fl
Name                                                : owa (Default Web Site)
InternalAuthenticationMethods                       : {Basic, Fba, Ntlm, WindowsIntegrated}
MetabasePath                                        : IIS://EMAIL.WTI.LOCAL/W3SVC/1/ROOT/owa
BasicAuthentication                                 : True
WindowsAuthentication                               : True
DigestAuthentication                                : False
FormsAuthentication                                 : True
LiveIdAuthentication                                : False

> Get-ECPVirtualDirectory | fl
Name                            : ecp (Default Web Site)
InternalAuthenticationMethods   : {Basic, Fba}
MetabasePath                    : IIS://MAIL.WTI.LOCAL/W3SVC/1/ROOT/ecp
BasicAuthentication             : True
WindowsAuthentication           : False
DigestAuthentication            : False
FormsAuthentication             : True
0
 

Accepted Solution

by:
GPCDIADMIN earned 0 total points
Comment Utility
I found after much searching that the reason the lyncdude fix was not working, was that certain needed command arguments were not present in lyncdude's information.

With the more complete information below, I could readily deduce what elements were missing in my commands to successfully execute them.

set-Owavirtualdirectory -identity "E15MBX\owa (Exchange Back End)" -WindowsAuthentication $True -Basicauthentication $false -Formsauthentication $false

Run the following command on both the Client Access and Mailbox servers to restart Internet Information Services (IIS):

iisreset (only)  (iisreset /noforce would lockup the WWW publishing service every time)

For the "ECP" virtual directory

Type the following commands, and then press Enter after each line:

Add-PSSnapin *exchange*

Set-EcpVirtualDirectory -Identity "E15MBX\ecp (Exchange Back End)" -WindowsAuthentication $true -FormsAuthentication $false

Run the following command on both the Client Access and Mailbox servers to restart Internet Information Services (IIS):

iisreset (only)  (iisreset /noforce would lockup the WWW publishing service every time)
0
 

Author Closing Comment

by:GPCDIADMIN
Comment Utility
I had actually had found lyncdude's page prior to posting this question in experts-exchange. I posted a question here because I needed more comprehensive assistance with the command arguments.

With the more complete information, I could readily deduce what elements were missing in my commands to successfully execute them. That is why my solution worked.
0

Featured Post

Why do Marketing keep bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
how to add IIS SMTP to handle application/Scanner relays into office 365.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now