Field Notes: Exchange 2010 Coexistence and URL Redirection Mayhem

During a recent deployment of Exchange 2010 I ran into a rather challenging issue. This deployment involved maintaining a solid coexistence with a legacy Exchange 2003 deployment. After updating DNS records to route traffic to the Exchange 2010 CAS server(s) and configuring URL redirection using the method described in the MS TechNet article Simplifying the Outlook Web App URL (modified date: 2010-04-19) connections to the <CASArrayURL>\Exchange were receiving an IIS error (see Symptoms).

The project required that we maintain this URL functionality because users were both familiar with this URL and many had shortcuts that referenced this location.

Scenario

When Accessing the /Exchange URL on Exchange 2010 SP1 the following Error is received:

Server Error in ‘/’ Application.

Configuration Error

Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.

Parser Error Message: It is an error to use a section registered as allowDefinition=’MachineToApplication’ beyond application level.  This error can be caused by a virtual directory not being configured as an application in IIS.

Source Error:

Line 35: <system.web>
Line 36: <httpRuntime maxRequestLength=”35000″ />
Line 37: <authentication mode=”Windows” />
Line 38: <sessionState mode=”Off” />
Line 39:

Source File: C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\owa\web.config Line: 37

To update the web.config as indicated in the above error:
Edit the %ExchangeInstallPath%\ClientAccess\Owa\web.config file, change:

<customErrors mode=”On” defaultRedirect=”auth/error.aspx” />

to:

<customErrors mode=”Off” />

After updating the web.config as described the below error is received:

Server Error in ‘/’ Application.

Runtime Error

Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a “web.config” configuration file located in the root directory of the current web application. This <customErrors> tag should then have its “mode” attribute set to “Off”.

<!– Web.Config Configuration File –>

<configuration>
<system.web>
<customErrors mode=”Off”/>
</system.web>
</configuration>

Notes: The current error page you are seeing can be replaced by a custom error page by modifying the “defaultRedirect” attribute of the application’s <customErrors> configuration tag to point to a custom error page URL.

<!– Web.Config Configuration File –>

<configuration>
<system.web>
<customErrors mode=”RemoteOnly” defaultRedirect=”mycustompage.htm”/>
</system.web>
</configuration>

In addition, for each connection attempt the following event is logged in the Application Event Log:

Event Log


Log Name: Application
Source: ASP.NET 2.0.50727.0
Date: 3/15/2011 1:37:38 PM
Event ID: 1310
Task Category: Web Event
Level: Warning
Keywords: Classic
User: N/A
Computer: host.domain.net
Description:
Event code: 3008
Event message: A configuration error has occurred.
Event time: 3/15/2011 1:37:38 PM
Event time (UTC): 3/15/2011 5:37:38 PM
Event ID: 8788d2f05c104b92958817281171d657
Event sequence: 2
Event occurrence: 1
Event detail code: 0

Application information:
Application domain: /LM/W3SVC/1/ROOT-1-129446842584586770
Trust level: Full
Application Virtual Path: /
Application Path: C:\inetpub\wwwroot\
Machine name: Host

Process information:
Process ID: 7516
Process name: w3wp.exe
Account name: IIS APPPOOL\DefaultAppPool

Exception information:
Exception type: ConfigurationErrorsException
Exception message: It is an error to use a section registered as allowDefinition=’MachineToApplication’ beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS. (C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\owa\web.config line 37)

Request information:
Request URL: http://host.domain.net/exchange/default.aspx
Request path: /exchange/default.aspx
User host address: 10.10.149.152
User:
Is authenticated: False
Authentication Type:
Thread account name: IIS APPPOOL\DefaultAppPool

 

Thread information:
Thread ID: 1
Thread account name: IIS APPPOOL\DefaultAppPool
Is impersonating: False
Stack trace: at System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean ignoreLocal)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
at System.Web.Configuration.RuntimeConfig.GetSectionObject(String sectionName)
at System.Web.Configuration.RuntimeConfig.GetSection(String sectionName, Type type, ResultsIndex index)
at System.Web.Configuration.RuntimeConfig.get_Identity()
at System.Web.HttpContext.SetImpersonationEnabled()
at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)

Cause

HTTP redirect for Exchange Virtual Directories should be configured in the applicationHosts.config file in the %systemroot%\system32\inetserv directory. This is indication that there is specific httpredirect configuration in the web.config file located in the %ExchangeInstallPath%\ClientAccess\owa directory.

This can easily be caused by using the IIS (version 7; IIS 6.0 not tested) to configure redirection. For example, by default the “Default Web Site” does not include any redirection. When you do configure redirection on the “Default Web Site” you must remove the http redirect setting on all other Exchange Virtual directories, except the /Exchange, /ExchWeb, & /Public virtual directories. The TechNet article, Simplifying the Outlook Web App URL (http://technet.microsoft.com/en-us/library/aa998359.aspx ), details this approach in detail.

The problem can occur when disabling the http redirect on the /owa virtual directory using the IIS management console. This causes an update to the web.config file in the %ExchangeInstallPath%\ClientAccess\owa directory. This web.config file supercedes applicationhost.config file when browsing to the /owa, /Exchange, /ExchWeb, & /Public virtual directories because the /Exchange, /ExchWeb, & /Public are also physically referencing the same directory as /owa.

The result is the need to configure all http redirection in the applicationHost.config file.

Solution

Before proceeding with this fix, verify that the applicationhost.config and web.config files have the symptoms previously described.

Manual Approach

Removed <httpredirect> section from web.config file in the <ExchangeInstallDir>/clientaccess/owa directory.
Manually edited the applicationhost.config file setting the /owa directory httpredirect to $false.

You can alternatively run the following commands to perform the same configuration:

C:\Windows\System32\inetsrv\appcmd.exe clear config "Default Web Site/OWA" /section:httpRedirect

C:\Windows\System32\inetsrv\appcmd.exe set config "Default Web Site/OWA" /section:httpRedirect /enabled:false /commit:apphost
Comments

I spoke with Microsoft during the resolution of this issue. They indicated that the TechNet article Simplifying the Outlook Web App URL (modified date: 2010-04-19) was misleading and in some cases inaccurate. Both Microsoft and myself were able to recreate this issue in our testing labs using the methods described in this TechNet article. Microsoft indicated that they would be reviewing the TechNet article and updating accordingly in the future to avoid this issue.

In a previous blog post I shared a script that can assist with setting the URL redirection for /OWA (and a lot of other cool stuff). I have updated that script to perform the correct configuration of ISS URL redirection to prevent this issue.

I reference the following resources during the troubleshooting and resolution of this issue:
http://blogs.technet.com/b/exchange/archive/2010/02/10/3409322.aspx
http://forums.iis.net/p/1165810/1937150.aspx
http://technet.microsoft.com/en-us/library/aa998359.aspx
http://briandesmond.com/blog/redirecting-owa-urls-in-exchange-2010/

Posted in Exchange 2010, IIS

11 comments on “Field Notes: Exchange 2010 Coexistence and URL Redirection Mayhem

  • Ok, so I have tried every solution out there to get this resolved. I am migrating an Exchange 2003 server to Exchange 2010. Unfortunately they are going to have to co-exist for a little while as there are a few hundred mailboxes with over 1.8 TB of mail that will need to move.

    The only thing that isn’t working is HTTP redirects in IIS. I can’t redirect any virtual directory. I am receiving the exact same errors that you received. I have tried everything…manually editing the applicationHost.config, using PowerShell, using commandline / appcmd…I’ve made sure everything is perfect and I still cannot get any redirects to work.

    If I browse to https://mail.myserver.com/owa it works perfectly, but something clearly broke redirects. This is a clean install with nothing else installed. It is my last piece before I can begin moving mailboxes! Please help! :)

    System Config:
    Windows Server 2008 R2 Standard SP1
    Microsoft Exchange 2010 (V14.0 Build 639.21)
    Microsoft IIS 7

    • Hi Tim,

      Have you removed section from web.config file in the /clientaccess/owa directory? I mention this in the blog post in the “Manual Approach” section.

      Another option you might want to try is to remove the virtual directory all together and recreate that from scratch. Then configure the redirection again without using the IIS console. There are a few TechNet articles on how to recreate the virtual directories.

      Good luck!

  • Just a thought, but wouldn’t it make more sense to disable http redirects BEFORE applying a redirection on the Default Web Site? Or wouldn’t that work? Seems like it’d solve a lot of issues that IIS 7+ causes, not that redirects are propogated to all child items. Someone wasn’t thinking when they got rid of the prompt that used to be in IIS 6…

    • Hi MJLongman,

      Your comment is something I have not considered. I’m thinking that it wouldn’t matter. I do miss the prompt that was available in IIS6. I should mention that if you configure the redirect (enabled or disabled) in the IIS7 GUI then Exchange is affected by this scenario. Only when you disable redirection in the applicationhosts.config does Exchange function correctly. When you configure in the GUI it sets this in the web.config file in each virtual directory. I don’t think disabling redirection on the sub vir dirs first would avoid the scenario. I have not tested this configuration, rather I rely on manually (or scripting) setting the redirection in the applicationhosts.config file.

      If you are able to get different results please post back.

      Regards,

      Robert

  • Update..

    This was caused by R2 SP1 updates along with .net.

    I had to re-register .net 4. by issuing the following command aspnet_regiis.exe -i -enable

    As soon as I did this, the OWA redirect started working again.

  • Robert,

    I came across your blog while troubleshooting the Server Error in ‘/’ Applicatio in OWA 2010 with redirection which just started appearing tonight after a round of updates and a reboot. Removing updates did not resolve the issue. I was going to try to use your script and wanted some verification of the syntax. We require SSL and wish all requests to http://webmail.ourcompany.com to be redirected to https://webmail.ourcompany.com/owa What would be the proper syntax for your script?

    I confirmed that https://webmail.ourcompany.com/owa works correctly and that the original redirects that were put in are still in place in IIS.

    Thanks

  • I have a similar problem with 2 fresh installations of SBS 2011 – I get the same application error and error in the application log as you show in this post when I browse to /exchange or /exchweb

    I tried your two commands and and issued an iisreset /restart with no luck.

    Any ideas?

    • Albee,

      I have not used Exchange 2010 on SBS 2011. I would imagine the IIS configuration would be done in the same manner. If the commands are not working, manually check the contents of the web.config file located in the /OWA directory; check for httpredirect setting. Remember, the web.config file will override the settings in the applicationhost.config file, which causes the issue. So if the httpredirect parameter exists (true or false) it is causing the issue.

      Regards,

      Bob

Leave a Reply