Exchange Server 2013 or Exchange Server 2016 redirects to Exchange 2010 for OWA, Outlook on the web, and ECP
Original KB number: 2931385
Symptoms
When you try to connect to the Microsoft Exchange Server 2016 Outlook on the web, Exchange Server 2013 Outlook Web App (OWA), or Admin Center (EAC) page, you're redirected to Exchange Server 2010 OWA or Exchange Control Panel (ECP). This issue occurs under the following circumstances:
- Exchange Server 2013 or Exchange Server 2016 is installed into an existing Exchange Server 2010 organization.
- You recently accessed Outlook Web App or Exchange Control Panel when your mailbox was on Exchange Server 2010.
- You move your mailbox from Exchange Server 2010 to Exchange Server 2013 or Exchange Server 2016.
Cause
There are three scenarios in which this unexpected behavior can occur when you try to connect to Outlook on the web, OWA, or EAC:
Scenario 1: The Exchange Server client access service contacts a domain controller that doesn't have the latest user object attributes after the mailbox is moved.
Scenario 2: The Exchange Server client access service is using cached information for the mailbox location.
Scenario 3: Permission Inheritance is blocked on the user object.
Resolution
The resolution for this issue corresponds to the scenario listed above in the "Cause" section:
Solution 1: Verify that Active Directory replication is completed by checking the user object's homeMDB attribute. This value should contain the DN value of the Exchange Server 2013 or Exchange Server 2016 mailbox database
Solution 2: On Exchange Server 2013 or Exchange Server 2016, wait 30 minutes for the cache to clear or restart the MSExchangeOWAAppPool. Refer to the following screenshot in Exchange Server 2013
Note
The client is also provided a cookie from the Exchange 2013 Client Access Server with the location of the backend server. This cookie is valid for 10 minutes. Restarting the MSExchangeOWAAppPool may not resolve the issue if you try to connect within 10 minutes of the mailbox move. In this scenario, you must remove cookies from your browser. To remove the cookies in Microsoft Internet Explorer, follow these steps:
- Go to Internet Explorer, open Internet Options.
- On General tab, click Delete.
- Select the Cookies and website data option, and then click Delete.
Solution 3: Re-enable permissions inheritance for the user object who has problem when access OWA or ECP
- Start ADSI Edit by clicking Start, click Run, type adsiedit.msc, and then click OK.
- Locate the user object in question, right-click the object, and then click Properties.
- On the Security tab, click Advanced.
- Click Allow inheritable permissions from the parent to propagate to this object and all child objects to re-enable permissions inheritance.
- Click OK two times to apply the change.
- Wait for Active Directory replication to propagate the changes, or force Active Directory replication if it's necessary.
If the Allow inheritable permissions option is re-disabled automatically within 60 minutes, check whether the user account is in the AD protected group such as the AdminSDHolder. If yes, remove the account from the AD protected group.
Workaround
To work around this issue, you can access the EAC by adding the Exchange version to the URL. For example, to access the EAC whose virtual directory is hosted on the Exchange Server 2013 Client Access server, use the URL: https:///ecp?ExchClientVer=15.
If you want to access the Exchange 2010 ECP and your mailbox resides on an Exchange 2013 Mailbox server, use the URL: https:///ecp?ExchClientVer=14.
For more information about Exchange Admin Center, see Exchange Admin Center in Exchange 2013.