Cannot connect to Remote Web Access. Please contact the person who manages the server. Remote Web Access may cause users to experience trouble connecting remotely. The issue occurs after Office 365 with Azure Active Directory Integration is completed and a certain amount of time passes without a reboot, typically 36-48 hours.

The server will be responsive, but the https://servername/remote web site will indicate that it is not accessible and will redirect users to their Administrator with the following message:

“Cannot connect to Remote Web Access. Please contact the person who manages the server. “

The issue is caused by WCF connections not being cleaned up by the Essentials provider framework and they are no longer removed by the CLR in Windows Server 2016. To verify this, you can check the amount of WCF connections by running the following PowerShell command in an elevated console:

netstat -a | select-string ‘:65532’ | measure-object -line

There should be 100-300 connections typically.

Temporary FIX:

1. On the server, go to folder %programfiles%\Windows Server\Bin\FeatureDefinitions\Microsoft PwdSync\;

2. Make a copy of file Definition.xml for backup;

3. Edit the original Definition.xml (if you don’t have permission, copy the file out, edit it and put it back in the folder);

4. Comment out the following two sections:

  <!--

<HealthDefinition Name="PasswordSyncInvalidPassword"

...

</HealthDefinition>

<HealthDefinition Name="PasswordSyncOtherFailure"

...

</HealthDefinition>

 -->

4. Restart WseEmailSvc windows service.

The fix has been tested and checked in and it will be available in the May update package for Windows Server 2016. When the kb article is published and the fix is available, I will post about it here.