Some users cannot access Exchange Server 2007 Outlook Web Access after you create new mailboxes or migrate existing mailboxes

Some users cannot access Exchange Server 2007 Outlook Web Access after you create new mailboxes or migrate existing mailboxes

Article ID : 949527
Last Review : March 25, 2008
Revision : 1.0


After you create new mailboxes in a Microsoft Exchange Server 2007 environment or you migrate mailboxes from Exchange Server 2003 to Exchange 2007, some users cannot access Exchange 2007 Outlook Web Access (OWA).

When this issue occurs, these users can enter their credentials on the Forms Based Authentication (FBA) page. On the language page, these users can select their language and their time zone. However, after these users click OK, the following error message appears:

A problem occurred while trying to use your mailbox. Please contact technical support for your organization.

Url: https://<cas_server>:443/owa/lang.owa
User host address: <IP address>

Exception type: Microsoft.Exchange.Data.Storage.StoragePermanentException
Exception message: There was a problem accessing Active Directory.

Call stack
Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save() Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostLocally(OwaContext owaContext, OwaIdentity logonIdentity, CultureInfo culture, String timeZoneKeyName, Boolean isOptimized) Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostRequest(OwaContext owaContext) Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie) Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext) Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext) System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Back to the top


This problem occurs because the discretionary access control list (DACL) inheritance is disabled on the user account in Active Directory. The Exchange Servers group must have permissions to write the msExchUserCulture attribute on the user when the language has been specified in OWA.

Back to the top


To resolve this problem, follow these steps:

1. Open Active Directory Users and Computers.
2. Click View, and then click Advanced Features.

Note To make the Security tab available at both the user level and the organizational unit level, you must enable the Advanced Features option in Active Directory Users and Computers. This option is available under the View menu.

3. Open the properties for both the user level and the organizational unit level that the users are located in, and then locate the Security tab.
4. Click Advanced.
5. Make sure that the following check box is selected:

Allow inheritable permissions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined here.
6. Force Active Directory replication.

Back to the top


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the Applies to section.

Back to the top

• Microsoft Exchange Server 2007 Standard Edition
• Microsoft Exchange Server 2007 Enterprise Edition
• Microsoft Exchange Server 2007 Service Pack 1

Back to the top

kbtshoot kbexpertiseinter kbprb KB949527

Back to the top


Microsoft Knowledge Base Article

This article contents is Microsoft Copyrighted material.
Microsoft Corporation. All rights reserved. Terms of Use | Trademarks

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

AddThis Social Bookmark Button

Leave a Reply

To prove that you're not a bot, enter this code
Anti-Spam Image