This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(169.60000000000002, 54%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECS%3C/text%3E%3C/svg%3E)
Both internal and external urls are configured. Access to ECP fails intermittentntly. When it fails it fails access to ECP from for VIP on netscaler and Individual Server hostname / IP. Followinge is the error.
I had a look at Program Files\Microsoft\Exchange Server\V15\Logging\HttpProxy\Ecp and i noticed BeginRequest=2021-08-10T04:00:53.708Z;CorrelationID=<empty>;NoCookies=302 - GET/E14AuthPost;EndRequest=2021-08-10T04:00:53.708Z; under genericinfo column
Event iD 4
Current user: 'Contoso\L1.User'
Request for URL 'https://exc03.contoso.local:444/ecp/default.aspx(https://outlook.contoso.com.au/ecp/)' failed with the following error:
System.Configuration.ConfigurationErrorsException: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS. (E:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\ecp\unifiedmessaging\web.config line 198)
at System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean ignoreLocal)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
at System.Web.Configuration.RuntimeConfig.GetSectionObject(String sectionName)
at System.Web.Configuration.RuntimeConfig.GetSection(String sectionName, Type type, ResultsIndex index)
at System.Web.Configuration.RuntimeConfig.get_Authorization()
at System.Web.Security.UrlAuthorizationModule.IsUserAllowedToPath(HttpContext context, VirtualPath virtualPath)
at System.Web.StaticSiteMapProvider.GetChildNodes(SiteMapNode node)
at System.Web.XmlSiteMapProvider.GetChildNodes(SiteMapNode node)
at Microsoft.Exchange.Management.ControlPanel._Default.CreateDataContract(SiteMapNode sNode)
at Microsoft.Exchange.Management.ControlPanel._Default.CreateDataContract(SiteMapNode sNode)
at Microsoft.Exchange.Management.ControlPanel._Default.CreateNavTree()
at Microsoft.Exchange.Management.ControlPanel._Default.OnLoad(EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
at System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean ignoreLocal)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
at System.Web.Configuration.RuntimeConfig.GetSectionObject(String sectionName)
at System.Web.Configuration.RuntimeConfig.GetSection(String sectionName, Type type, ResultsIndex index)
at System.Web.Configuration.RuntimeConfig.get_Authorization()
at System.Web.Security.UrlAuthorizationModule.IsUserAllowedToPath(HttpContext context, VirtualPath virtualPath)
at System.Web.StaticSiteMapProvider.GetChildNodes(SiteMapNode node)
at System.Web.XmlSiteMapProvider.GetChildNodes(SiteMapNode node)
at Microsoft.Exchange.Management.ControlPanel._Default.CreateDataContract(SiteMapNode sNode)
at Microsoft.Exchange.Management.ControlPanel._Default.CreateDataContract(SiteMapNode sNode)
at Microsoft.Exchange.Management.ControlPanel._Default.CreateNavTree()
at Microsoft.Exchange.Management.ControlPanel._Default.OnLoad(EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Flight info: Features:[[Global.DistributedKeyManagement, False],[Global.GlobalCriminalCompliance, False],[Global.MultiTenancy, False],[Global.WindowsLiveID, False],[Eac.AllowMailboxArchiveOnlyMigration, True],[Eac.AllowRemoteOnboardingMovesOnly, False],[Eac.BulkPermissionAddRemove, True],[Eac.CmdletLogging, True],[Eac.CrossPremiseMigration, False],[Eac.DevicePolicyMgmtUI, False],[Eac.DiscoveryDocIdHint, False],[Eac.DiscoveryPFSearch, False],[Eac.DiscoverySearchStats, False],[Eac.DlpFingerprint, False],[Eac.EACClientAccessRulesEnabled, False],[Eac.GeminiShell, False],[Eac.ManageMailboxAuditing, False],[Eac.ModernGroups, False],[Eac.Office365DIcon, False],[Eac.OrgIdADSeverSettings, False],[Eac.RemoteDomain, False],[Eac.UCCAuditReports, False],[Eac.UCCPermissions, False],[Eac.UnifiedAuditPolicy, False],[Eac.UnifiedComplianceCenter, False],[Eac.UnifiedPolicy, False],[Eac.UnlistedServices, False],], Flights:[], Constraints:[[MACHINE, EXC03-G-SWARH],[MODE, ENTERPRISE],[PROCESS, W3WP],], IsGlobalSnapshot: True
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYS%3C/text%3E%3C/svg%3E)
Access to ECP fails intermittentntly. When it fails it fails access to ECP from for VIP on netscaler and Individual Server hostname / IP. Followinge is the error.
Considering that it's a randomly occurred issue, it might be kind of difficult to narrow down and locate the root cause. Given current situation, could you help collect the information below so that we can see if more clues can be found for further troubleshoot:
Besides, I tried searching on the error message("It is an error to use a section registered as allowDefinition='MachineToApplication'....) you shared above and noticed this thread which included the part of error in the discussion:
As mentioned in the post above, the error appeared after the HttpProxy folder for ecp was copied into c:\inetpub\wwwroot. So I'd suggest having a check to see if any changes were made into the folders involved in your environment as well.
Furthermore, if there are any third-party applications, especially things like anti-virus software running in your Exchange organization, you can try temporarily disabling them to help narrow down the issue.
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
I am writing to see how everything is going on with this thread. If you have any questions or need further help on this issue, please feel free to post back.
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thanks Yukisun.
This is how the web.config looks at C:\inetpub\wwwroot on the exchange servers. This is the exchange installation path E:\Program Files\Microsoft\Exchange Server\V15.
There is no ECP folders in C:\inetpub\wwwroot. Following are the only files under C:\inetpub\wwwroot
aspnet_client
bkg-gry.jpg
iis-8.png
iisstart.htm
msweb-brand.png
web.config
web.config.bak
ws8-brand.png
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<location inheritInChildApplications="false">
<system.webServer>
<modules>
<add name="HostHeaderValidationModule" type="Microsoft.Exchange.HttpUtilities.HostHeaderValidationModule, Microsoft.Exchange.HttpUtilities, Version=15.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<add name="OwaJavascriptRedirectModule" type="Microsoft.Exchange.HttpRedirect.OwaJavascriptRedirectModule, Microsoft.Exchange.HttpRedirectModules, Version=15.0.0.0,Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</modules>
</system.webServer>
<system.web>
<machineKey validationKey="AutoGenerate,IsolateApps" />
<compilation defaultLanguage="c#" debug="false">
<assemblies>
<add assembly="Microsoft.Exchange.HttpRedirectModules, Version=15.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</assemblies>
</compilation>
</system.web>
</location>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<linkedConfiguration href="file://E:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\SharedWebConfig.config"/>
</assemblyBinding>
</configuration>
This is the error each time there is an error
500
Unexpected error :(
An error occured and your request couldn't be completed. Please try again.
OWA is not affected only ECP.
Cylance protect is our Anti-Virus and we have excluded all files and folders as per MS best practice.
I tried compare the files under your C:\inetpub\wwwroot with my lab and it doesn't seem to have any issue. The web.config file looks fine as well. And as per the error 500 when the issue occurs, that is just a general error message. So it seems that we are stuck here.
Noticed that the path below was mentioned in the iis log you shared earlier:
E:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\ecp\unifiedmessaging\web.config line 198
Would you mind sharing some context of the line mentioned above after removing private information and let's see if more information can be found?
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.