I was asked to look into an issue with Exchange 2013. Report was that users were not able to send emails internally or externally. This had been happening since around 2PM and it was now 5PM when I was asked to intervene. I asked my usual questions such as what changes had there been. Specifically anything in Active Directory such as user accounts, groups and so forth, asked if there were any network changes or virtualization reconfiguration. The answer given to all of these was no. The exchange servers had already been rebooted multiple times.
Opened OWA just fine, yet no mail since around the affected time, outlook was connecting on the client PC. Then tried to connect to the Exchange Administration Console website ECP and no dice, just a blank screen with no error. Logged into the client access server, all services are running, no major errors in the event log, no errors in the IIS log for the default site.
Next up was to try the Exchange powershell console. When launched it came up a bit slow, after a minute it gave errors of “…winrm client cannot process the request access denied…” against all three servers in the organization. Tried the exchange console on the other two servers, and one of them worked the other had the same error of access denied. Verified that AD was syncing properly, and that DNS was working. I looked into this error online which lead me down many paths, none of which were of any luck.
I called my contact back and probed some more. Turned out that the network time was changed on the primary domain controller role holding server, early in the morning, to adjust for the users complaining the time on their computer was not close enough to their cell phones. With this new information I logged into all 5 domain controllers and found 2 of them had time that was 10 minutes off due to the earlier time change. Fixed the time on the domain controllers, rebooted all 3 exchange servers and now email was flowing and the ECP page worked fine.