My problem is that I met, in just finished the second Exchange2016 ready to do the DAG, found that the second 2016 of the Ecp/owa can normally open the login interface, but belong to the user account and password, verification failure, the page can not jump, and then error.
650) this.width=650; "height=" title= "clip_image001" style= "border:0px" alt= "clip_image001" src= "http:// S3.51cto.com/wyfs02/m00/7c/b4/wkiol1bwlyhqlhjdaabz9hgdspy141.jpg "border=" 0 "/>
Tried to rebuild the virtual directory, modified all and the virtual directory and IIS related to everything configuration, everything configuration, everything configuration! There was no reason to find out at the end.
The final decision is to start with the log.
First to reproduce the problem, and then immediately check the log, we can see
650) this.width=650; "height=" 313 "title=" image "style=" border:0px; "alt=" image "src=" http://s3.51cto.com/wyfs02/M01 /7c/b6/wkiom1bwlqujcvazaakmns5fkw0846.png "border=" 0 "/>
650) this.width=650; "height=" title= "image" style= "border:0px;" alt= "image" src= "http://s3.51cto.com/wyfs02/M01 /7c/b4/wkiol1bwlywbxydyaaj454skhvw789.png "border=" 0 "/>
From these errors, see should be some of the permissions dropped, turned over the wall to check the foreigner's article, found that you can use a command to add this permission.
Get-clientaccessserver | Add-adpermission-accessrights extendedright-extendedrights "Ms-exch-epi-token-serialization", " Ms-exch-epi-impersonation "-user (Exchange Server name)
650) this.width=650; "height=" 168 "title=" image "style=" border:0px; "alt=" image "src=" http://s3.51cto.com/wyfs02/M02 /7c/b6/wkiom1bwlq7zzknfaaeewmcisjy364.png "border=" 0 "/>
Problem solving, I am ready to study the content and scope of these two permissions, update later!
This article is from the "June Ma Run Space" blog, be sure to keep this source http://horse87.blog.51cto.com/2633686/1746771
exchange2013/2016 Ecp/owa cannot be authenticated by user eventid3002/3005