Exchange 2016 Fresh Install HTTP ERROR 500

Question

After doing a new install of Exchange 2016 on Windows Server 2016 I go to https://ex1/ecp, attempt to log in and get:

This page isn’t working ex1 is currently unable to handle this request.
HTTP ERROR 500

I have removed and create a new OwaVirtualDirectory, I have checked to make sure the groups that EX1 is a part of is not a part of Domain Admins, Schema Admins, Enterprise Admins, Organization Admins.

Running Get-OwaVirtualDirectory | FL Identity,auth,URL returns:

Identity                      : EX1\owa (Default Web Site)
ClientAuthCleanupLevel        : High
InternalAuthenticationMethods : {Basic, Fba}
BasicAuthentication           : True
WindowsAuthentication         : False
DigestAuthentication          : False
FormsAuthentication           : True
LiveIdAuthentication          : False
AdfsAuthentication            : False
OAuthAuthentication           : False
ExternalAuthenticationMethods : {Fba}
Url                           : {}
InternalSPMySiteHostURL       :
ExternalSPMySiteHostURL       :
SetPhotoURL                   :
Exchange2003Url               :
FailbackUrl                   :
InternalUrl                   :
ExternalUrl                   :

I can see that no internal or external URLs are showing which I think may be related to the problem, but don't know what to do for sure.

The only oddities in the install were:

1. During the first install there were errors that I had to fix (Windows Updates), after updates and reboot I attempted to reinstall through the GUI but it erred thinking it was already installed and I had to reinstall using cmd.
2. I manually added the domain administrator account (as well as my other admin account) to schema admins and enterprise admin groups for the install.
3. I unfortunately don't remember the error, but during install through cmd, there was some message that popped up saying that something in IIS wasn't setup, like a * http redirect I think? I don't know and I've since rebooted so can't scroll back to see it again. I feel like this is causing the issue.

EDIT:

I have now also tried running UpdateCas.ps1 with no success as well as the following:

Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -FormsAuthentication $False -BasicAuthentication $True
Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -FormsAuthentication $True -BasicAuthentication $True
Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -FormsAuthentication $false -BasicAuthentication $true
Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -FormsAuthentication $true -BasicAuthentication $true
iisreset

As well as:

Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -FormsAuthentication $false -BasicAuthentication $true -WindowsAuthentication $true
Get-OWAVirtualDirectory | Set-OWAVirtualDirectory -FormsAuthentication $false -BasicAuthentication $true -WindowsAuthentication $true
iisreset
Recycle MSExchangeECPAppPool
Recycle MSExchangeOWAAppPool

Event Viewer shows Event ID 1023:

Exchange ActiveSync tried to access a mailbox on Mailbox server "EX1.mydomain". It could not access the mailbox because the Mailbox server is offline.

I feel that this must be the answer, I haven't had a chance to configure any mailbox datastores so the administrator would be in the default one. I cannot however locate how to find and mount this. Any ideas?

Answer 1

Figured it out. It was the mailbox datastore dismounted. Didn't know the name of the datastore so ran:

Get-MailboxDatabase -Server SERVERNAME | Mount-Database

I can access ECP now from the machine, although I now get 403 error when attempting to access the page from another PC on the network, but that's a separate issue.

Answer 2

I had a similar problem with exchange and I was able to fix it by following the directions here: https://support.microsoft.com/en-us/help/2779694/unable-to-open-owa-ecp-or-ems-after-a-self-signed-certificate-is-remov