ASP 0131 or HTTP 500 Internal Server error when you log on by using Outlook Web Access (823119)


The information in this article applies to:

  • Microsoft Exchange Server 5.5

SYMPTOMS

When you try to log on to a Microsoft Exchange Server 5.5 computer by using Outlook Web Access (OWA), and you have the Show Friendly Http Error Messages check box in Microsoft Internet Explorer turned on, you receive the following error message:
ASP error 0131 The include file <%filename.ext%> cannot contain '..' to indicate the parent directory. /<%path%>/<%filename.ext%>, line <%number%>.
You also receive the following error message:
The Page Cannot Be Displayed
HTTP 500-Internal server error For additional information about disabling friendly HTTP error messages, click the following article number to view the article in the Microsoft Knowledge Base:

KBLink: 294807.KB.EN-US: HOW TO: Turn Off the Internet Explorer 5.x and 6.x "Show Friendly HTTP Error Messages" Feature on the Server Side

CAUSE

This issue may occur when the Enable Parent Paths option has been disabled on the application settings for the virtual directory for the OWA ASP pages.

RESOLUTION

To resolve this issue, turn on the Enable Parent Paths option on the Exchange 5.5 virtual directory in Microsoft Internet Information Services (IIS). To do so, follow these steps:
  1. Click Start, click Administrative Tools, and then click Internet Information Services Manager.
  2. In the IIS console, expand the Web site that OWA is running under (typically this is the Default Web site).
  3. Locate the Web folder that contains the ASP Web application.
  4. Right-click the Web folder, and then click Properties.
  5. On the Directory tab, click Configuration in the Application Settings section.
  6. On the App Options tab, click to select the Enable Parent Paths check box.
  7. Click OK, and then click OK again to apply the changes.

MORE INFORMATION

If you run the Microsoft Base Security Analyzer on the Exchange 5.5 virtual server, the Microsoft Base Security Analyzer recommends that you disable the Enable Parent Paths option in Internet Information Services (IIS). Additionally, the Microsoft Secure Internet Information Services 5.0 Checklist recommends that you disable the Enable Parent Paths option. However, OWA requires that the Enable Parent Paths option be turned on.

To view the Secure Internet Information Services 5.0 Checklist, visit the following Microsoft Web site:http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/default.mspx
For additional information about the ASP 0131 error message, click the following article number to view the article in the Microsoft Knowledge Base:

226474 Err Msg: Active Server Pages, ASP 0131 Disallowed Parent Path


For additional information about the Enable Parent Paths option in IIS 6.0, click the following article number to view the article in the Microsoft Knowledge Base:

332117 Enable Parent Paths is disabled by default in IIS 6.0

Modification Type:MajorLast Reviewed:8/3/2006
Keywords:kbprb KB823119 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.