Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

How to Resolve “Server Error in ‘/OMA’ Application” in Exchange 2003 on a Domain Controller

I recently needed to work on a client’s Exchange 2003 servers, where they claimed they could not use Outlook Mobile Access (OMA) on their server.

Each time I opened an IE browser window and browsed to this address:
http://mail.client’s-domain.com/oma

After logging on with the Administrator’s credentials I got this error:

Server Error in ‘/OMA’ Application.
Access to the path “C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\oma\4707b1f2\a6dd9810” is denied.

net error ex 2003 1 — Server Error in ‘/OMA’ Application

I also noticed that Outlook Web Access Administration (OWAAdmin) gave me the same error. However, interestingly, the ActiveSync Admin (MobileAdmin) application worked just fine.
I investigated this for a few moments and found this Microsoft KB article:
XCCC: “Server Error in ‘/OMA’ Application” Error Message When You View the Outlook Mobile Access Web Site
http://support.microsoft.com/kb/818486
The article says:
“This problem occurs when you install the Microsoft .NET Framework on a server that is running Microsoft Windows 2000 or when you install Microsoft ASP.NET on a server that is running Microsoft Windows Server 2003 before you promote the server to the role of domain controller. When you promote the server, the access control list (ACL) permissions that you configured during the .NET Framework or during the ASP.NET installation are modified, and all ASP.NET applications are affected by this change. You must install ASP.NET after you promote the computer to a domain controller for applications that require ASP.NET.”
I turns out that indeed, as the article says, that server had IIS and ASP.NET installed on it, then it was promoted to become a Domain Controller for the client’s domain, and finally, they had Exchange Server 2003 installed on it.
BTW, to initially prevent this from happening, the proper way to install Exchange Server 2003 on a machine that is also a Domain Controller is to install Exchange Server 2003 in the following sequence:
1. Install Windows Server 2003.
2. Promote the server to the role of domain controller.
3. Install ASP.NET.
4. Install Exchange Server 2003.
Getting back to my problem, in order to fix this issue, you need to reset the ASP.NET ACLs. This is done by using the aspnet_regiis.exe command:
1. Click Start, and then click Run.
2. In the Open box, type CMD, and then click OK.
3. Type cd C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322, and then press ENTER.
4. Type aspnet_regiis.exe -i, and then press ENTER.

net error ex 2003 2 — Resetting the ASP.NET ACLs

After ASP.NET was successfully re-installed, go back and try to browse to the OMA site again:

Note that the above message is pretty normal, and it is because I’m trying to get to the OMA site by using an unsupported device – an IE browser.
I clicked on OK and got to the Administrator’s mailbox.

net error ex 2003 4 — OMA Administrator Mailbox

BTW, the OWA Admin site now also works.