This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 31%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERB%3C/text%3E%3C/svg%3E)
Hi all,
I have an Exchange 2013 Deployment of 5 Servers - all the same CU and versions. We've recently migrated everything to Exchange Online, and need to keep only one of the Exchange Servers on Premise for Hybrid Management, and a CRM system & MFD Relaying for scan to email.
Servers are:
EXCHMBX01, and EXCHMBX02 (just Mailbox Databases, in a DAG)
EXCHCAS01 and EXCHCAS03 (CAS role only)
EXCHMGMT01 - all roles + Hybrid Server
We had 2 Kemp Loadmasters doing LB for the Exchange Web Services and SMTP, which are now shutdown, so we dont need to worry about those.
The issue I have is when I shutdown EXCHMBX01 & 02, and EXCHCAS01 & 03 - none of the Exchange Web Services (OWA, ECP, EWS) etc work anymore -all go into an HTTP 503 State when just EXCHMGMT01 is running, I can manage everything from the Exchange Shell, and get an authentication page from the Web Apps (but when logging in the 503 error occurs).
Everything works when all the Servers are running, so far we've changed the URLs for all the services from mail.domain.org to smtp.dom.org (as we've had to change the firewall NATs etc and the domain), renewed all the Back End Self Signed Certs, and rebound them in IIS, and reset all the ECP Sites (plus completely recreated them).
The account I use to log in has had its mailbox migrated to Exchange Online - but has all the correct Exchange On Premise roles in AD.
Any advice is much appreciated - as we cant continue running all the servers due to the astronomical hosting costs, and planned to move everything over to just the Hybrid Server and decomm the old Mailboxes and CAS. No matter what I try nothing seems to help!
@Rob Begg
Any update about this "OWA/ECP access" question? Please 'Accept as answer' if above answers helped, so that it can help others in the community looking for help on similar topics.
What is set for the following on EXCHMGMT01?
Get-ClientAccessServer -Identity EXCHMGMT01 |FL AutodiscoverServiceInternalUri
Get-WebServicesVirtualDirectory -Server EXCHMGMT01 |FL internalurl, externalurl
Get-EcpVirtualDirectory -Server EXCHMGMT01 |FL internalurl, externalurl
Get-OABVirtualDirectory-Server EXCHMGMT01 |FL internalurl, externalurl
Get-ActiveSyncVirtualDirectory -Server EXCHMGMT01 |FL internalurl, externalurl
Get-OutlookAnywhere -Server EXCHMGMT01 |FL internalurl, externalurl
and is there a valid, trusted cert applied to that server with a matching subject name and accessible in DNS?
Before shutdown EXCHMBX01, EXCHMBX02, I would suggest you remove them from DAG first, because the lose of DAG member may cause services down.
Except for EXCHMGMT01, modify all other Exchange server external URL to Null and internal URL as FQDN. Then run IISReset on each server to make modify become effect.
After migration mailbox to Exchange online, you need to login OWA with Exchange online OWA URL. So, I would suggest you create a new mailbox which hosted on EXCHMGMT01 database, then use this new mailbox to test OWA.
I would suggest you keep a dedicated administrator account for Exchange on-premise, you could assign below permission to above new created mailbox to promote it as an Exchange admin account, then you could use it to check the Exchange on-premises ECP:
