Имеется AD с сервером Exchange 2010, установили новый сервер, поставили Exchange 2016.
При установке никаких ошибок нет.
Сейчас при открытии консоли ecp на новом сервере выдает ошибку 500.
На старом сервере всё открывается без проблем.
Подскажите в чем проблема, в какую сторону смотреть?
Логи UpdateCas
[21:46:52] ***********************************************
[21:46:52] * UpdateCas.ps1: 24.09.2021 21:46:52
[21:47:03] Warning: Mailbox role is not installed on server MX1
[21:47:03] Updating OWA/ECP on server MX1
[21:47:03] Finding ClientAccess role install path on the filesystem
[21:47:03] FixUnversionedFolderAfterUpgrade: No srcVersions 15.1.2242.*
[21:47:03] Adding owin:AutomaticAppStartup appSetting with value true
[21:47:03] Updating owa handlers
[21:47:03] Adding Microsoft.Owin binding redirect
[21:47:03] Adding Microsoft.Owin.Security binding redirect
[21:47:03] Trying to add clients common module to Web.config file
[21:47:03] Adding clients common module to Web.config file
[21:47:04] Updating OWA to version 15.1.2242.4
[21:47:04] Copying files from ‘C:Program FilesMicrosoftExchange ServerV15ClientAccessowaCurrent’ to ‘C:Program FilesMicrosoftExchange ServerV15ClientAccessowa15.1.2242.4’
[21:47:07] Update OWA done.
[21:47:07] Updating OWA to version 15.1.2242.4
[21:47:07] Copying files from ‘C:Program FilesMicrosoftExchange ServerV15ClientAccessowaCurrent2version’ to ‘C:Program FilesMicrosoftExchange ServerV15ClientAccessowaprem15.1.2242.4’
[21:57:16] Update OWA done.
[21:57:17] Updating ECP to version 15.1.2242.4
[21:57:17] Copying files from ‘C:Program FilesMicrosoftExchange ServerV15ClientAccessecpCurrent’ to ‘C:Program FilesMicrosoftExchange ServerV15ClientAccessecp15.1.2242.4’
[21:57:22] Update ECP done.
Логи файла установки
[09.24.2021 19:49:04.0245] [2] Ending processing Set-ServerComponentState
[09.24.2021 19:49:04.0245] [2] Beginning processing Write-ExchangeSetupLog
[09.24.2021 19:49:04.0245] [2] Install is complete. RecoveryActionsEnabled has been set to Active.
[09.24.2021 19:49:04.0245] [2] Ending processing Write-ExchangeSetupLog
[09.24.2021 19:49:04.0245] [2] Параметры сеанса Active Directory для ‘Set-ServerComponentState’: Просмотреть весь лес: ‘True’, Контроллер домена конфигурации: «TOR.WEW.local», Предпочтительный глобальный каталог: «TOR.WEW.local»,
Предпочтительные контроллеры домена: «{ TOR.WEW.local }»
[09.24.2021 19:49:04.0245] [2] User specified parameters: -Component:’ServerWideOffline’ -Requester:’Functional’ -State:’Active’ -DomainController:$null -Identity:’MX1′
[09.24.2021 19:49:04.0245] [2] Beginning processing Set-ServerComponentState
[09.24.2021 19:49:04.0276] [2] Calling ADSession.GetSharedConfigDC()
Hostname of DC: TOR.WEW.local
Created a session to a DC with affinity: TOR.WEW.local
[09.24.2021 19:49:04.0385] [2] Machine:MX1 and Process:ExSetup is executing the request
Parameters — LocalOnly:[False], RemoteOnly:[False], Target:[mx1.WEW.local], Component:[ServerWideOffline], Requester:[Functional], State:[Active], DomainController:[TOR.WEW.local]
Before:[1:RecoveryActionsEnabled:Functional:1:637681097441668677,1:Monitoring:Functional:1:637681097433074280]
After:[1:RecoveryActionsEnabled:Functional:1:637681097441668677,1:Monitoring:Functional:1:637681097433074280,1:ServerWideOffline:Functional:1:637681097443231310]
Save Completed for Server Object mx1.WEW.local
[09.24.2021 19:49:04.0385] [2] Ending processing Set-ServerComponentState
[09.24.2021 19:49:04.0401] [2] Beginning processing Write-ExchangeSetupLog
[09.24.2021 19:49:04.0401] [2] Install is complete. Server state has been set to Active.
[09.24.2021 19:49:04.0401] [2] Ending processing Write-ExchangeSetupLog
[09.24.2021 19:49:04.0401] [1] Finished executing component tasks.
[09.24.2021 19:49:04.0401] [1] Ending processing Start-PostSetup
[09.24.2021 19:49:04.0416] [0] Операция по установке Exchange Server выполнена успешно.
[09.24.2021 19:49:04.0416] [0] CurrentResult console.ProcessRunInternal:205: 0
[09.24.2021 19:49:04.0416] [0] Для применения изменений параметров операционной системы, внесенных программой установки, требуется перезагрузка. Перезагрузите сервер перед помещением его в рабочую среду.
[09.24.2021 19:49:04.0432] [0] CurrentResult launcherbase.maincore:90: 0
[09.24.2021 19:49:04.0432] [0] CurrentResult console.startmain:52: 0
[09.24.2021 19:49:04.0432] [0] CurrentResult SetupLauncherHelper.loadassembly:452: 0
[09.24.2021 19:49:04.0432] [0] CurrentResult main.run:235: 0
[09.24.2021 19:49:04.0432] [0] CurrentResult setupbase.maincore:396: 0
[09.24.2021 19:49:04.0432] [0] End of Setup
[09.24.2021 19:49:04.0432] [0] **********************************************
After logging into Exchange 2016’s ECP you receive an HTTP Error 500 (same goes with OWA):
Searching the internet ends up with several possible solutions to this issue, ranging from missing System Attendant Mailboxes, to bogus ADSI settings regarding the Exchange CAS Service. I tried several of them to no prevail.
And it doesn’t matter whether you enter DOMAINAdministrator or administrator@domain.local for your username. In most cases the simplest solution is to execute UpdateCas.ps1 PowerShell script located in the C:Program FilesMicrosoftExchange ServerV15Bin folder, followed by an IISReset:
Once there was a case where UpdateCas.ps1 didn’t work, which left me with executing the following PowerShell cmdlets, in subsequent order:
Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -FormsAuthentication $False -BasicAuthentication $True Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -FormsAuthentication $True -BasicAuthentication $True Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -FormsAuthentication $false -BasicAuthentication $true Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -FormsAuthentication $true -BasicAuthentication $true iisreset
Again, one Exchange 2016 Server in particular was immune against all those tricks and needed the following adjustments:
Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -FormsAuthentication $false -BasicAuthentication $true -WindowsAuthentication $true Get-OWAVirtualDirectory | Set-OWAVirtualDirectory -FormsAuthentication $false -BasicAuthentication $true -WindowsAuthentication $true iisreset Recycle MSExchangeECPAppPool Recycle MSExchangeOWAAppPool
Keep in mind that Authentication Settings for both Virtual Directories ECP and OWA must be identical:
After that I was able to successfully log into ECP and OWA again.
Update 2016-12-15
On another occassion it turned out that the Mailbox Database the user tried to access via OWA was actually unmounted. The Event Log showed a lot of Event IDs 1023, Event Source: MSExchange ActiveSync, with the following Event Message:
Exchange ActiveSync tried to access a mailbox on Mailbox server “yourserver.domain.local”. It could not access the mailbox because the Mailbox server is offline.
After mounting the corresponding Mailbox Database everything worked as expected. By coincidence the Administrator’s Mailbox was hosted on the exact same Mailbox Database, thus rendering the Administrator account unable to log into ECP and OWA, neither, resulting in http error 500.
Further reading:
- HTTP 500 Internal Server Error when logging into Exchange 2013 Exchange Control Panel (ECP)
- Exchange 2013 Troubleshooting: Error 500 when login ECP and OWA
- Exchange 2013 unable to login to OWA/ECP
- KB2871485 – The FBA page is displayed when a user accesses OWA or ECP to log on to Exchange Server 2013
Summary:
HTTP ERROR 500 in Exchange is displayed when the server rejects the request to establish a connection with the Exchange Server. The error prevents Exchange administrators and users from accessing the Exchange Admin Center and managing the Exchange Server. In this blog, we have discussed reasons and solutions to fix the HTTP ERROR 500 in Exchange and get access to the EAC/ECP.
Contents
- Reason for HTTP ERROR 500 in Exchange ECP/EAC
- Solutions to Fix HTTP ERROR 500 in Exchange Server
- Conclusion
Exchange Management Console (EMC) and Exchange Control Panel (ECP) were two different interfaces used in Exchange 2010 and earlier versions to manage the Exchange Servers. With Exchange 2013, Exchange Administrative Center (EAC) — a web-based management console optimized for on-premises, hybrid, and online Exchange Server deployments—replaced EMC and ECP.
And since EAC is web-based, you need to use a web browser and require the OWA/ECP virtual directory URL to access the management console. By default, you can access the ECP/EAC console using the following URLs,
Internal URL— https://<CASServerName>/ecp
It allows users to access the EAC within the organization’s firewall.
External URL— https://mail.abc.com/ecp
It provides access to users from outside of your organization’s firewall.
Administrators and users with permission can access the EAC/ECP panel by signing in using valid credentials.
However, many users have reported an HTTP ERROR 500 after they sign in to EAC/ECP.
Reason for HTTP ERROR 500 in Exchange ECP/EAC
The HTTP ERROR 500 is usually reported after upgrading or updating the Exchange Server without an elevated command prompt.
However, it may also occur due to many other reasons, such as,
- Exchange Services stopped or not working
- Damaged OWA virtual directories
- Damaged Exchange Server
- Improper configuration
- Low Resource allocation
- Corrupt or incomplete .NET framework installation
Solutions to Fix HTTP ERROR 500 in Exchange Server
Follow these solutions in the given sequence to troubleshoot and fix the HTTP 500 error in Exchange Server EAC/ECP after login.
Solution 1: Use a Different Browser
Sometimes browser cache and cookies can cause issues while accessing the Exchange Admin Center. You can reset either the web browser or use a different browser to fix the error and access the EAC/ECP.
If you still encounter the HTTP ERROR 500, proceed to the next solution.
Solution 2: Install Pending Server Updates
On your Windows Server, open the Windows Updates section and install any pending updates as they may stop certain Exchange Services resulting in HTTP ERROR 500 after EAC login.
After the update, restart the server and then try to log in to the EAC. You may disable automatic Windows Updates to prevent HTTP ERROR 500. However, it is highly recommended to install the updates to stay protected.
If there are no pending updates but the error persists, follow the next solution.
Solution 3: Reinstall Updates
If the HTTP ERROR 500 occurred after installing the Exchange Server security updates, reinstall those using the elevated command prompt. The steps are as follows,
- Open Command Prompt as administrator
- Navigate to the location where Security updates are downloaded (.msp files) using ‘cd’ command. For instance,
cd “C:UsersUserNameDownloadsUpdates”
- Then execute the following command in the Command Prompt window,
.UpdateName.msp
- Follow the update wizard and complete the installation process.
- Restart the server and check if you can now access the EAC/ECP.
Solution 4: Check Resource Allocation
Some users have reported that the HTTP ERROR 500 occurred simply because their Exchange VM doesn’t allocate enough CPU cores. To fix this, shut down the server VM and review the allocated resources.
Add or allocate more CPU cores and RAM, if available. Restart the server and check if EAC is accessible.
Similarly, for physical servers, upgrading the hardware may fix the error. However, we recommend you follow all the troubleshooting solutions discussed in this blog before upgrading the hardware to resolve the HTTP 500 error.
Solution 5: Update Server Configurations
Improper or outdated server configuration after the server upgrade or update can also render EAC or ECP inaccessible, causing HTTP ERROR 500 after login.
In such a case, you can run UpdateConfigFiles.ps1 and UpdateCAS.ps1 PowerShell scripts located in the Exchange Server ‘Bin’ directory (C:Program FilesMicrosoftExchange ServerV15Bin) to resolve the error.
To execute these PowerShell scripts, follow these steps,
- Open PowerShell as administrator and use the ‘cd’ command to navigate the Exchange ‘Bin’ directory. For instance,
cd “C:Program FilesMicrosoftExchange ServerV15Bin.”
Then execute the following commands to run the PowerShell scripts to fix the configuration issues.
.UpdateConfigFiles.ps1
.UpdateCAS.ps1
This may take a while to finish. Once done, restart the server and check if the HTTP 500 error is resolved and ECP/EAC is accessible.
Solution 6: Recreate Virtual Directories
As a last resort, you can remove the existing OWA and ECP virtual directories and create new ones to fix the HTTP 500 error in Exchange. The steps are as follows,
- Open Exchange Management Shell (EMS) as administrator and run the following commands to remove the current OWA and ECP virtual directory
Remove-OwaVirtualDirectory –Identity “ExchangeServerNameowa (Default Web Site)”
- Press ‘a’ or ‘y’ and then press the ‘Enter’ key.
- Now execute the following command in the same EMS window to rebuild OWA virtual directory,
New-OwaVirtualDirectory –WebsiteName “Default Web Site”
The commands are case-sensitive.
This will rebuild the virtual directories and possibly fix the issue. It will also change the way you log in. Instead of the login page, you will see the following pop-up for login.
Enter username and password to log into ECP/EAC web console.
Solution 7: Repair Exchange Server
If none of the solutions worked for you, try repairing your Exchange Server. For this, you need to mount the same Cumulative Update ISO as installed on the server. Then use the following command in EMS to repair the server.
Setup /Mode:upgrade /IAcceptExchangeServerLicenseTerms
Use ‘/IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF’ if your server is running on September 2021 or later Cumulative Update.
After the repair, restart the server and check if the HTTP ERROR 500 is resolved.
You may also set up a new Exchange Server if server repair fails and move your mailboxes and mail items from the old server to the new server. For this, you can use an EDB converter tool, such as Stellar Converter for EDB. The software can extract mailbox data from your faulty Exchange server with an online or offline database and export them to PST. You may also export the mailboxes from offline EDB to your new Exchange Server database to PST. The software auto-maps the source mailboxes with destination mailboxes and exports up to four mailboxes simultaneously to the target server database in a few simple steps.
Conclusion
HTTP ERROR 500 is common, especially after improper server update installation. However, it may also occur due to several other reasons, as discussed in this blog. We also discussed all possible solutions to resolve the HTTP ERROR 500 in Exchange Server 2013 and later versions. However, if the error isn’t resolved, it’s recommended to set up a new server and move your data from the faulty server to a new server using an EDB converter tool, such as Stellar Converter for EDB. The software helps you extract and move mailbox data from offline or online databases hosted on your faulty server and exports them to PST, Office 365 tenant, or Live Exchange Server. It automates the entire mailbox data migration process, saving tons of time required to manually export and import mailboxes via EMS or EAC. Moreover, the cmdlets do not work if the database is offline.
About The Author
Ravi Singh
Ravi Singh is a Senior Writer at Stellar®. He is an expert Tech Explainer, IoT enthusiast, and a passionate nerd with over 7 years of experience in technical writing. He writes about Microsoft Exchange, Microsoft 365, Email Migration, Linux, Windows, Mac, DIY Tech, and Smart Home. Ravi spends most of his weekends working with IoT (DIY Smart Home) devices and playing Overwatch. He is also a solo traveler who loves hiking and exploring new trails.
Ravi Singh
Ravi Singh is a Senior Writer at Stellar®. He is an expert Tech Explainer, IoT enthusiast, and a passionate nerd with over 7 years of experience in technical writing. He writes about Microsoft Exchange, Microsoft 365, Email Migration, Linux, Windows, Mac, DIY Tech, and Smart Home. Ravi spends most of his weekends working with IoT (DIY Smart Home) devices and playing Overwatch. He is also a solo traveler who loves hiking and exploring new trails.