I am currently working on migrating a client from Exchange 2003 to 2010. I have configured the mail flow through the 2010(internet send & receive connectors) and configured a bidirectional RGC.
Mail flow in & out is working fine for all users. I'm not working on configuring OWA 2010. I am testing internally at present as I don't want to cause any service disruption for any users.
I have configured the internal OWA address as
https://servername/owa.
When I navigate to this page I get a certificate error that I can bypass (to be expected) and I get to the 2010 OWA login page. When I log in as domain admin, which has a mailbox on the new 2010 server, I get the error:
Access is denied.
The Active Directory resource couldn't be accessed. This may be because the Active Directory object doesn't exist or the object has become corrupted, or because you don't have the correct permissions.
I've restarted the MS Exchange info store service, OWA is enabled against the mailbox I'm trying to log in as, I've restarted the site in IIS. I'm kind of at a loss really.
Best Answer
Check the mailbox permissions for the domain admin account, make sure that inherit permissions is checked. You'll only have about 15 minutes to check with this account as the permissions will be reset by AD after that.
You shouldn't use domain admin accounts for testing purposes with Exchange, there are always weird/semi-unexpected issues, especially during upgrades. Ideally your admin accounts shouldn't even have mailboxes, they should be used only for administration never for normal user activities. This is especially true if you're attempting to integrate a MDM platform like BES.
Also, check the Exchange BPA to see if there are other issues. Depending on how Exchange 2010 is installed all the appropriate supporting roles may not have been installed along side it. You can download the BPA HERE