Exchange 500 непредвиденная ошибка

Exchange Management Console (EMC) and Exchange Control Panel (ECP) were two different interfaces used in Exchange 2010 and earlier versions to manage the Exchange Servers. With Exchange 2013, Exchange Administrative Center (EAC) — a web-based management console optimized for on-premises, hybrid, and online Exchange Server deployments—replaced EMC and ECP.

And since EAC is web-based, you need to use a web browser and require the OWA/ECP virtual directory URL to access the management console. By default, you can access the ECP/EAC console using the following URLs,

Internal URL— https://<CASServerName>/ecp

It allows users to access the EAC within the organization’s firewall.

External URL— https://mail.abc.com/ecp

It provides access to users from outside of your organization’s firewall.

Administrators and users with permission can access the EAC/ECP panel by signing in using valid credentials.

However, many users have reported an HTTP ERROR 500 after they sign in to EAC/ECP.

Reason for HTTP ERROR 500 in Exchange ECP/EAC

The HTTP ERROR 500 is usually reported after upgrading or updating the Exchange Server without an elevated command prompt.

However, it may also occur due to many other reasons, such as,

• Exchange Services stopped or not working
• Damaged OWA virtual directories
• Damaged Exchange Server
• Improper configuration
• Low Resource allocation
• Corrupt or incomplete .NET framework installation

Solutions to Fix HTTP ERROR 500 in Exchange Server

Follow these solutions in the given sequence to troubleshoot and fix the HTTP 500 error in Exchange Server EAC/ECP after login.

Solution 1: Use a Different Browser

Sometimes browser cache and cookies can cause issues while accessing the Exchange Admin Center. You can reset either the web browser or use a different browser to fix the error and access the EAC/ECP.

If you still encounter the HTTP ERROR 500, proceed to the next solution.

Solution 2: Install Pending Server Updates

On your Windows Server, open the Windows Updates section and install any pending updates as they may stop certain Exchange Services resulting in HTTP ERROR 500 after EAC login.

After the update, restart the server and then try to log in to the EAC. You may disable automatic Windows Updates to prevent HTTP ERROR 500. However, it is highly recommended to install the updates to stay protected.

If there are no pending updates but the error persists, follow the next solution.

Solution 3: Reinstall Updates

If the HTTP ERROR 500 occurred after installing the Exchange Server security updates, reinstall those using the elevated command prompt. The steps are as follows,

• Open Command Prompt as administrator
• Navigate to the location where Security updates are downloaded (.msp files) using ‘cd’ command. For instance,

cd “C:UsersUserNameDownloadsUpdates”

• Then execute the following command in the Command Prompt window,

.UpdateName.msp

• Follow the update wizard and complete the installation process.
• Restart the server and check if you can now access the EAC/ECP.

Solution 4: Check Resource Allocation

Some users have reported that the HTTP ERROR 500 occurred simply because their Exchange VM doesn’t allocate enough CPU cores. To fix this, shut down the server VM and review the allocated resources.

Add or allocate more CPU cores and RAM, if available. Restart the server and check if EAC is accessible.

Similarly, for physical servers, upgrading the hardware may fix the error. However, we recommend you follow all the troubleshooting solutions discussed in this blog before upgrading the hardware to resolve the HTTP 500 error.

Solution 5: Update Server Configurations

Improper or outdated server configuration after the server upgrade or update can also render EAC or ECP inaccessible, causing HTTP ERROR 500 after login.

In such a case, you can run UpdateConfigFiles.ps1 and UpdateCAS.ps1 PowerShell scripts located in the Exchange Server ‘Bin’ directory (C:Program FilesMicrosoftExchange ServerV15Bin) to resolve the error.

To execute these PowerShell scripts, follow these steps,

• Open PowerShell as administrator and use the ‘cd’ command to navigate the Exchange ‘Bin’ directory. For instance,

cd “C:Program FilesMicrosoftExchange ServerV15Bin.”

Then execute the following commands to run the PowerShell scripts to fix the configuration issues.

.UpdateConfigFiles.ps1

.UpdateCAS.ps1

This may take a while to finish. Once done, restart the server and check if the HTTP 500 error is resolved and ECP/EAC is accessible.

Solution 6: Recreate Virtual Directories

As a last resort, you can remove the existing OWA and ECP virtual directories and create new ones to fix the HTTP 500 error in Exchange. The steps are as follows,

• Open Exchange Management Shell (EMS) as administrator and run the following commands to remove the current OWA and ECP virtual directory

Remove-OwaVirtualDirectory –Identity “ExchangeServerNameowa (Default Web Site)”

• Press ‘a’ or ‘y’ and then press the ‘Enter’ key.

• Now execute the following command in the same EMS window to rebuild OWA virtual directory,

New-OwaVirtualDirectory –WebsiteName “Default Web Site”

The commands are case-sensitive.

This will rebuild the virtual directories and possibly fix the issue. It will also change the way you log in. Instead of the login page, you will see the following pop-up for login.

Enter username and password to log into ECP/EAC web console.

Solution 7: Repair Exchange Server

If none of the solutions worked for you, try repairing your Exchange Server. For this, you need to mount the same Cumulative Update ISO as installed on the server. Then use the following command in EMS to repair the server.

Setup /Mode:upgrade /IAcceptExchangeServerLicenseTerms

Use ‘/IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF’ if your server is running on September 2021 or later Cumulative Update.

After the repair, restart the server and check if the HTTP ERROR 500 is resolved.

You may also set up a new Exchange Server if server repair fails and move your mailboxes and mail items from the old server to the new server. For this, you can use an EDB converter tool, such as Stellar Converter for EDB. The software can extract mailbox data from your faulty Exchange server with an online or offline database and export them to PST. You may also export the mailboxes from offline EDB to your new Exchange Server database to PST. The software auto-maps the source mailboxes with destination mailboxes and exports up to four mailboxes simultaneously to the target server database in a few simple steps.

Conclusion

HTTP ERROR 500 is common, especially after improper server update installation. However, it may also occur due to several other reasons, as discussed in this blog. We also discussed all possible solutions to resolve the HTTP ERROR 500 in Exchange Server 2013 and later versions. However, if the error isn’t resolved, it’s recommended to set up a new server and move your data from the faulty server to a new server using an EDB converter tool, such as Stellar Converter for EDB. The software helps you extract and move mailbox data from offline or online databases hosted on your faulty server and exports them to PST, Office 365 tenant, or Live Exchange Server. It automates the entire mailbox data migration process, saving tons of time required to manually export and import mailboxes via EMS or EAC. Moreover, the cmdlets do not work if the database is offline.

Query: “Are you getting http 500 internal server error in Microsoft Exchange 2016, 2013 and 2010 ECP/OWA after login? Don’t worry, Read this blog and get the best solution for Exchange server error 500.”

Most of the time it seems that whenever you login to your Exchange Admin centre (EAC) a common Exchange server http 500 error occurs. The main source of this problem is caused due to improper configuration of the device. The Error indicates that the device tried to establish a connection with the server, but the request was rejected with an error message by the Exchange server itself. Let’s see the solution of Exchange Server 500 error.

Method 1: Step by Step Solution for HTTP 500 Error in Exchange Server 2016

Step 1: Go to Search bar and type «Exchange Managmenent Shell».

Step 2: A new window will appear named as: Administrator: Exchange Managmenent Shell.

Step 3: It will start connecting to your local EAC ip.

Step 4: After connecting, type Remove-OwaVirtualDirectory ‘win2owa

Step 5: Message will appear “Are you sure you want to perform this action? Outlook Web App virtual directory “win2owa ” is being removed.

Step 6: Type y.

Step 7: Type New-OwaVirtualDirectory – Website Name ‘Default Web site’.

Step 8: Restart your Computer.

Step 9: Now re-login. Exchange Server http 500 Error will be fixed.

Method 2: How to Fix 500 internal server error in Microsoft Exchange

1. Create a separate virtual directory which doesn’t require SSL or any other authentication method to establish a connection with the server. In this way you could temporarily connect with the server but that might serve as a potential threat due to lack of authentication.

2. Alternatively you can enable the settings on the root Exchange directory for the front end server using Microsoft utility “Metaedit.exe”.

3. To determine the Maximum token size allotted to the user, use Microsoft provided tool : Tokensz.exe : By default the maximum token size- 8,000 bytes were allotted for the legacy versions; but for the later versions , token size was increased upto 12,000 bytes.

4. Insufficient permissions problem might be raised due to broken Access Control List inheritance in the Active Directory. To resolve this follow these steps:

• Launch Active Directory Users and Computers.
• Locate View >> Advanced Features.
• Select the mailbox and right click to explore the properties.
• Navigate to Security >> Advanced.
• Ensure that “Include inheritable permissions from this object’s parent» is selected.

5. Alternatively you can re-add the existing users and new users to the Exchange. For that you need to access Active Directory Service Information:

• Open adsi edit.
• Locate the user in your existing domain.
• Expand the user details and remove the object “CN=ExchangeActiveSyncDevices”.

Tools that could be beneficial: http://test exchange connectivity.com helps to test the connectivity between the exchange server and the device.

Exchange Remote Content Analyzer: Helps to determine the connectivity issues between the exchange server and the deployments easily.

Causes of Exchange Server HTTP 500 Error

Now let’s examine the root cause for http 500 internal server error in Exchange here:

For the legacy Exchange server versions such as Exchange 2016, 2013, 2010, 2007,etc. the 500 internal server error is caused due to the following circumstances:

The Server uses SSL or Secure Sockets Layer protocol or form based authentication.

1. Virtual Directory of the Exchange Server has disabled Windows Authentication: The Active Sync Service uses the virtual directory to access the Outlook Web Access Templates and the WebDav on the Exchange Server. Hence, If the Virtual Directory is not enabled then Active Sync returns error.

2. Members existing in too many groups might face the error as the tokens generated might be larger than the maximum size allotted to them.

3. For Exchange 2010 and later versions, the user account might not have sufficient Permissions to access the mailbox in the Active Directory.

Conclusion

In the above content, I have discussed the best solution to resolve Exchange admin center http 500 internal server error quickly. Using step by step Exchange Management Shell method easily fix Exchange server error 500 without getting any hurdle.

After logging into Exchange 2016’s ECP you receive an HTTP Error 500 (same goes with OWA):

Searching the internet ends up with several possible solutions to this issue, ranging from missing System Attendant Mailboxes, to bogus ADSI settings regarding the Exchange CAS Service. I tried several of them to no prevail.

And it doesn’t matter whether you enter DOMAINAdministrator or administrator@domain.local for your username. In most cases the simplest solution is to execute UpdateCas.ps1 PowerShell script located in the C:Program FilesMicrosoftExchange ServerV15Bin folder, followed by an IISReset:

Once there was a case where UpdateCas.ps1 didn’t work, which left me with executing the following PowerShell cmdlets, in subsequent order:

Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -FormsAuthentication $False -BasicAuthentication $True
Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -FormsAuthentication $True -BasicAuthentication $True
Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -FormsAuthentication $false -BasicAuthentication $true
Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -FormsAuthentication $true -BasicAuthentication $true
iisreset

Again, one Exchange 2016 Server in particular was immune against all those tricks and needed the following adjustments:

Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -FormsAuthentication $false -BasicAuthentication $true -WindowsAuthentication $true
Get-OWAVirtualDirectory | Set-OWAVirtualDirectory -FormsAuthentication $false -BasicAuthentication $true -WindowsAuthentication $true
iisreset
Recycle MSExchangeECPAppPool
Recycle MSExchangeOWAAppPool

Keep in mind that Authentication Settings for both Virtual Directories ECP and OWA must be identical:

After that I was able to successfully log into ECP and OWA again.

Update 2016-12-15

On another occassion it turned out that the Mailbox Database the user tried to access via OWA was actually unmounted. The Event Log showed a lot of Event IDs 1023, Event Source: MSExchange ActiveSync, with the following Event Message:

Exchange ActiveSync tried to access a mailbox on Mailbox server “yourserver.domain.local”. It could not access the mailbox because the Mailbox server is offline.

After mounting the corresponding Mailbox Database everything worked as expected. By coincidence the Administrator’s Mailbox was hosted on the exact same Mailbox Database, thus rendering the Administrator account unable to log into ECP and OWA, neither, resulting in http error 500.

Further reading:

• HTTP 500 Internal Server Error when logging into Exchange 2013 Exchange Control Panel (ECP)
• Exchange 2013 Troubleshooting: Error 500 when login ECP and OWA
• Exchange 2013 unable to login to OWA/ECP
• KB2871485 – The FBA page is displayed when a user accesses OWA or ECP to log on to Exchange Server 2013

после обновление CU на Exchange 2013 перестали подключаться Outlook 2016
клиенты Outlook 2010, 2013 работают, OWA работает, новые 2016 — нет — постоянно запрашивает пароль (внутри сети и снаружи)
https://testconnectivity.microsoft.com сообщает:

дальше на сервере:

накатил CU 15 — не помогло … накатил CU 17 — не помогло.

все URL в виртуальных каталогах внешнего адреса mail.domain.ru , в DNS идет ссылка на внутренний сервер
mail.domain.ru 192.168.0.12
autodiscover.domain.ru 12.168.0.12
kvmail.mydomain.local 192.168.0.12

сертификат куплен, в нем прописан mail.domain.ru, сертификат весит на службах IIS, SMTP

пересоздавал все виртуальные каталоги (https://technet.microsoft.com/ru-ru/library/dd2981…
делал наследование на пользователей домена (расширенные компоненты)
в IIS на каталоги дал права на папку C:inetpubwwwroot «прошедшим проверку» на чтение и выполнение

при открытии https://192.168.0.12/Autodiscover/Autodiscover.xml (извне тоже самое) запрашивает пароль, после ввода показывает:

переставлял IIS — не помогло.
перелопатил кучи форумов, не могу найти решение. подскажите может идеи?