Exchange 2007 breaks IIS?

When hitting the default website (i.e. http://corp.example.com/) -- NOT OWA, are you getting this error?

HTTP Error 500.0 - Internal Server Error
Calling LoadLibraryEx on ISAPI filter "C:\Program Files\Microsoft\Exchange Server\ClientAccess\owa\auth\owaauth.dll" failed
Error Code 0x8007007e

Have you just installed Exchange 2007 SP1 onto your shiney new Windows Server 2008 R2 box?

Plenty of forums will tell you that it's a 64bit-on-32bit problem, and that you need to change the bittage the Application Pool runs under. They're wrong. In fact, if you tell IIS to run the DefaultAppPool under 32-bit, you'll likely break your OWA.

Like the error page suggests, this problem is caused by permission errors. The easiest solution is to set your DefaultAppPool to run as the LocalSystem user. Here's how:

  • Fire up the IIS Manager
  • Navigate to the Application Pools
  • Click on the DefaultAppPool, then click Advanced Settings...
  • Change the Identity to LocalService
  • Change "Load User Profile" to True
  • Recycle the DefaultAppPool.

Note that this is a quick solution, and introduces some security considerations: LocalSystem may have more privileges than the DefaultAppPool user. Alas, I haven't been able to track down exactly *what* permissions you need to grant to this user to fix the issue.