3. Troubleshooting Outlook Web App, ECP, PowerShell, and More
Sometimes users and administrators see a blank page or an error when
they try to log on to Outlook Web App or ECP. This problem and other
connection issues, such as those related to OAB, Autodiscover, and
PowerShell, can occur because of a wide variety of configuration
issues, including:
-
Invalid or missing TCP/IP settings
-
Corrupted or improperly configured virtual directories
-
Missing, expired, invalid, or improperly configured SSL certificates
Typically, the next logical step is to validate the TCP/IP settings
of the front-end and back-end servers. Not only do front-end and
back-end servers need to communicate with each other, they also need to
communicate with domain controllers.
If Exchange Server can’t communicate properly with a domain
controller, you may see an error similar to the following when you open
Exchange Admin Center or Exchange Management Shell:
The LDAP server is unavailable.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.
Exception Details: System.DirectoryServices.Protocols.LdapException: The
LDAP server is unavailable.
Source Error:
An unhandled exception was generated during the execution of the current
web request. Information regarding the origin and location of the exception
can be identified using the exception stack trace below.
Stack Trace:
[LdapException: The LDAP server is unavailable.]
System.DirectoryServices.Protocols.LdapConnection.Connect() +160015
System.DirectoryServices.Protocols.LdapConnection.BindHelper
(NetworkCredential newCredential, Boolean needSetCredential) +264
Microsoft.Exchange.Data.Directory.PooledLdapConnection.BindWithRetry
(Int32 maxRetries) +702
Resolve the problem by doing the following:
Users or administrators may see a blank page when they try to log on
to Outlook Web App or ECP as a result of a configuration or certificate
problem. If you’ve determined that required services are running and
that the TCP/IP settings are correct, next try to isolate and identify
the specific issue.
Try to log on to Outlook Web App or ECP in a browser. Sometimes when
you log on to Outlook Web App or ECP, you’ll see a runtime error that
indicates an improperly configured virtual directory or an application
error due to misconfiguration in IIS (see Figure 1). Other times, the browser window may simply be empty or blank as mentioned previously.
For deeper
troubleshooting, log on to the Client Access server where the problem
is occurring and open Exchange Management Shell. Next, try to log on to
the Mailbox server hosting the mailbox for the users or administrators
experiencing the problem and open Exchange Management Shell. If there’s
a problem with SSL certificates rather than virtual directory
configuration, you’ll see an error similar to the following:
New-PSSession : [mailserver17] Connecting to remote server mailserver17
failed with the following error message : The server certificate on the
destination computer (mailserver17:443) has the following errors:
The SSL certificate is signed by an unknown certificate authority. For more
information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:12
+ $Session = New-PSSession -ConfigurationName Microsoft.Exchange
-ConnectionUri ht …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError
(System.Manageme….RemoteRunspace:RemoteRunspace) [New-PSSession],
PSRemotingTransportException
+ FullyQualifiedErrorId : 12175,PSSessionOpenFailed
If there’s a problem with virtual directory configuration, you may see another type of error, such as:
New-PSSession : [mailserver17.pocket-consultant.com] Processing data from
remote server mailserver17.pocket-consultant.com failed with the following
error message: The WinRM Shell client cannot process the request. The shell
handle passed to the WSMan Shell function is not valid. The shell handle is
valid only when WSManCreateShell function completes successfully. Change
the request including a valid shell handle and try again. For more
information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName
Microsoft.Excha … + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError:
(System.Manageme….RemoteRunspace:RemoteRunspace) [New-PSSession],
PSRemotingTransportException
+ FullyQualifiedErrorId : -2144108212,PSSessionOpenFailed
To help diagnose the problem, you can test services using
Test-OutlookWebServices. By default, Test-OutlookWebServices verifies
the Availability service, Outlook Anywhere, Offline Address Book, and
Unified Messaging. You can test Outlook Web App, ECP, and PowerShell
using Test-OwaConnectivity, Test-EcpConnectivity, and
Test-PowerShellConnectivity respectively.
