Hi Pros,
This is an interesting one. I can no longer log in to the ECP on my on-prem servers using my account that has a cloud mailbox.
We have on-prem AD synched to Azure and our staff have cloud mailboxes. We have hybrid Exchange as we still maintain a lot of shared mailboxes on-prem, and our mail routes through ourt on-prem servers to use some signature software. So I log in to Office 365 using my on-prem acocunt and access resources as required. I also have an admin account that I use to administer servers etc. This account has an on-prem mailbox.
Late last week I was changing settings on our on-prem public facing servers to disable TLS 1.0 and 1.1, as well as trying to hide some server headers (as a result of a recent audit that recommended tightening security) and since then, I am unable to log in to the ECP using my account that has a cloud mailbox. I get the "This page isn't working right now - server.domain.com.au can't currently handle this request - http error 503" page, after I enter my credentials and clisk "Sign in". So I get the login page fine, but it goes no further. If I login using my admin account it logs in fine and I can work in the ECP. The only difference that I can think of is it has an on-prem mailbox (and is in the domain admins group of course, but my personal account is in the Exchange admin groups so it is the one I normally used for ECP, so not a permissions thing) where my personal acocunt has a cloud mailbox, but still exists in the on-prem Exchange as an "Office 365" user. I have rolled back all the changes that I had made last week and restarted servers but no joy.
I'd possibly leave it as is because there is no impact yet for end users, but one of the other engineer's admin acocunt has a cloud mailbox, so he isn't able to access the ECP and it impacts his ability to administer the system.
The only thing I have noticed is in the HTTPERR logs, there are lines like the below when I try and login...
2021-08-25 01:36:55 127.0.0.1 16989 127.0.0.1 443 HTTP/1.1 GET /ecp/ - - 1 Request_Cancelled MSExchangeECPAppPool
followed by this, which is my PC connected to the server (my PC is 10.0.50.33)...
2021-08-25 01:37:00 10.0.50.33 61869 172.16.84.158 443 - - - - - - Timer_ConnectionIdle -
Any ideas?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 86%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECF%3C/text%3E%3C/svg%3E)
