Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Cannot Access Exchange Control Panel ‘ECP’ in Exchange Server 2013

Posted on 2014-04-09
2 Endorsements
Last Modified: 2014-04-15
I was working with the authentications methods for OWA and frankly, I must have messed something up.

Now, when trying to access the ECP, after providing your username and password, it takes you to the OWA page and it gives you a blank “HTTP 400 Error” page.

I understand an administrator can use the Exchange Management Shell to reconfigure the authentications on the virtual directories, but my online research turns up contradictory shell commands. I request help to properly format the shell commands to correct authentications on the virtual directories for the ECP and OWA.

FWIW; One Exchange 2013 server holds all roles, the server name is "mail" & the internal name is mail.wti.local
Question by:GPCDIADMIN
  • 3

Expert Comment

ID: 39990104
Try working through this link - I initially thought it was permissions, and this seems to match your symptoms like-for-like


(le copy le paste from source)


make sure that the authentication methods used by OWA and ECP are matching this is done by running the following

> Get-owavirtualdirectory | fl

make sure that you using “Form based Authentication” and “Basic Authentication”


do the same with ECP using the following command line

> Get-ECPVirtualDirectory | fl


If not then you just need to reconfigure the Authentications on both Virtual Directories, DONNOT use IIS use Exchange Management Shell.

For owa use the following

>Set-owavirtualdirectory -identity “owa <Default Web site>” -FormAuthentication:$true

use the same also for ECP

>Set-ecpvirtualdirectory -identity “ecp <Default Web site>” -FormAuthentication:$true

then restart your iis services using the following


once finished try to access your ECP page again and it should work now

if it didn’t make sure to run the same command lines but using “owa <Exchange Back End>” to make sure that both Default web site and Exchange back end website authentication methods are matching.


Author Comment

ID: 39990175
The commands published at http://lyncdude.com  do not work for me. They appear to be incomplete or something is not correct for my application.

This is a production server. Please, to earn your 500 points, I ask that you respect my server integrity and provide me with complete and (correct for this instance) instructions.  Here is some more information to assist.

> Get-owavirtualdirectory | fl
Name                                                : owa (Default Web Site)
InternalAuthenticationMethods                       : {Basic, Fba, Ntlm, WindowsIntegrated}
MetabasePath                                        : IIS://EMAIL.WTI.LOCAL/W3SVC/1/ROOT/owa
BasicAuthentication                                 : True
WindowsAuthentication                               : True
DigestAuthentication                                : False
FormsAuthentication                                 : True
LiveIdAuthentication                                : False

> Get-ECPVirtualDirectory | fl
Name                            : ecp (Default Web Site)
InternalAuthenticationMethods   : {Basic, Fba}
MetabasePath                    : IIS://MAIL.WTI.LOCAL/W3SVC/1/ROOT/ecp
BasicAuthentication             : True
WindowsAuthentication           : False
DigestAuthentication            : False
FormsAuthentication             : True

Accepted Solution

GPCDIADMIN earned 0 total points
ID: 39992223
I found after much searching that the reason the lyncdude fix was not working, was that certain needed command arguments were not present in lyncdude's information.

With the more complete information below, I could readily deduce what elements were missing in my commands to successfully execute them.

set-Owavirtualdirectory -identity "E15MBX\owa (Exchange Back End)" -WindowsAuthentication $True -Basicauthentication $false -Formsauthentication $false

Run the following command on both the Client Access and Mailbox servers to restart Internet Information Services (IIS):

iisreset (only)  (iisreset /noforce would lockup the WWW publishing service every time)

For the "ECP" virtual directory

Type the following commands, and then press Enter after each line:

Add-PSSnapin *exchange*

Set-EcpVirtualDirectory -Identity "E15MBX\ecp (Exchange Back End)" -WindowsAuthentication $true -FormsAuthentication $false

Run the following command on both the Client Access and Mailbox servers to restart Internet Information Services (IIS):

iisreset (only)  (iisreset /noforce would lockup the WWW publishing service every time)

Author Closing Comment

ID: 40001144
I had actually had found lyncdude's page prior to posting this question in experts-exchange. I posted a question here because I needed more comprehensive assistance with the command arguments.

With the more complete information, I could readily deduce what elements were missing in my commands to successfully execute them. That is why my solution worked.

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question