Solved

Exchange 2003 c1030af0 error. Invalid format in the HTTP request. When trying to access Public Folders in ESM.

Posted on 2004-09-01
11
5,620 Views
Last Modified: 2008-03-10
Heres the setup:
I have an Exchange 2003 server running. The server has 2 network cards, one on the internal domain and one to catch mail from the internet. I recently added am additional HTTP Virtual Server in ESM to handle OWA email and public folders. I added a certificate to this new server and now require access using encryption via SSL. This new Virtual server is bound to the external NIC using port 443. The internal OWA HTTP virtual server (default) is bound to my internal domain NIC and is running on port 80. Ever since i made these changes i can not edit my public folders via ESM.

The Error:
  The operation failed due to an invalid format in the HTTP request. Verify that the host header is correct for the virtual server.
  ID no: c1030af0
  Exchange System Manager

Things I have Tried:
1. When i ping the server i get the IP of the external NIC. The one that only uses SSL. I thought this could be a problem so i added an entry in the host file. I was then able to ping the server by name and got the proper internal address. However this did not correct my ESM problem.

2. When i disable the external NIC it allows me to access the public folders in ESM.

If anyone has any input please let me know. I have looked at other articles in EE however none have solved my problem hence this question.
Thanks!
0
Comment
Question by:Mohonk
11 Comments
 
LVL 7

Assisted Solution

by:jaguarpriest
jaguarpriest earned 250 total points
ID: 11956991
Did you setup RAS. Remote Access Services. Are you using the server as a multi homed server, aka a router? did you set that up first. I only guess because it's not mentioned.

2nd question, why is it that you don't want to use a standard router??

Jaguar
0
 

Author Comment

by:Mohonk
ID: 11957072
There is no RAS setup on the computer. The reason for the 2 network cards is that 1 is on the domain side and is fairly open. The other is on the internet side and setup behind a firewall. There isnt any routing going on between the 2 network cards.
0
 
LVL 12

Accepted Solution

by:
BNettles73 earned 250 total points
ID: 11957183
check out this link ... http://www.experts-exchange.com/Networking/Email_Groupware/Exchange_Server/Q_20833935.html?query=c1030af0&clearTAFilter=true

http://www.tech-archive.net/Archive/Exchange/microsoft.public.exchange.setup/2004-02/1447.html

http://support.microsoft.com/default.aspx?scid=kb;en-us;q289492



I also saw this as a potential fix ... but no serious documentation on it -

To resolve this issue, set the Allow Expand DL in ACL Data registry value.

To set the Allow Expand DL in ACL Data registry value:

1. Start Registry Editor (Regedt32.exe).
2. Locate and click the following key in the registry:
 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
3. On the Edit menu, click Add Value, and then add the following registry
value:
     Value name: Allow Expand DL in ACL Data
     Data type: REG_DWORD
     Radix: Binary
     Value data: 1
4. Quit Registry Editor
0
 
LVL 12

Expert Comment

by:BNettles73
ID: 11957197
http://support.microsoft.com/default.aspx?scid=kb;en-us;292262 here is the support article on that last fix ...
0
 

Author Comment

by:Mohonk
ID: 11957322
I did try the regisrty hack with no success. Thanks
0
Why do Marketing keep bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

 
LVL 12

Expert Comment

by:BNettles73
ID: 11957388
Did you read the links above it ... the first link is a similar situation you are experiencing I believe ...
0
 

Author Comment

by:Mohonk
ID: 11957654
I did read that article and thats why i tried pinging the server name from the server command prompt. It did go to the external ip address which is where my certificate is running. So i added a host entry to the server, then my pings went to the internal ip. This did not resolve my problem. If i disable the Virtual server in IIS it does not fix my problem either. The only thing i can do to fix the problem is to disable my external network card, which is no solution.

Thanks for the fast responses!
0
 
LVL 12

Expert Comment

by:BNettles73
ID: 11957786
0
 

Author Comment

by:Mohonk
ID: 12644888
What a fun problem. I will split the points evenly between you all and tell you what i did to fix the problem.

ESM can not handle using SSL or access the IIS database, nor can it handle 2 network cards on the exchange server both allowing web access if one is using SSL. At least on my server this is the case. What i did to get around this is the following:
1. Left both Nics able to serve up OWA.
2. I set my certificate to not require SSL (I dont care to use it from the inside network)
3. Set my router to only allow 443 traffic and deny port 80.
    This made it so that clients from the web nad to use a certificate but internal clients including the ESM did not.

So i got my secure web access while allowing ESM to access the public folders and such.
0
 
LVL 1

Expert Comment

by:Jaedub
ID: 16028216
Okay, long post but hey...it's not DOS  :-)

The issue & solution here is thinly veiled in the error message description.  

The Error:
  The operation failed due to an invalid format in the HTTP request. Verify that the host header is correct for the virtual server.
  ID no: c1030af0

A good reference for this error is located at:
http://support.microsoft.com/kb/325920/      # This should be looked at first!
And
http://www.microsoft.com/technet/prodtechnol/exchange/2003/insider/publicfolders.mspx

The last link covers almost all common public folder errors.
 Following the last link we arrive at:
-----------------------------------------------
Error ID number: c1030af0
Error Message
The operation failed due to an invalid format in the HTTP request. Verify that the host header is correct for the virtual server.
Possible Causes
•      This error can occur if you have multiple IP addresses bound to the network card on the Exchange server and you have the default Web site bound to the secondary IP address.
•      An invalid host header or IP address has been set for the default Web site
•      Incorrect IP addresses or host header is set on the cluster virtual server.

Troubleshooting
•      Try setting the default Web site to All Unassigned and then reopen the ESM and try to expand public folders.
•      Correct the host header value or remove it completely.
-----------------------------------------------
The cause of course is the multiple IP addresses on the machine (this example gives it one NIC, but it could be a multi-homed server!!!)

The answer is thinly veiled here: "and you have the default Web site bound to the secondary IP address"  
However, MS in bad fashion does not address this in their Troubleshooting section.  So to resolve:

Windows Explorer > Control Panel > Network Connections
Menu:  Advanced > Advanced Settings >> Adapters and Bindings tab
Move the NIC that you want the OWA and Exchange to be primary to the top by selecting it and using the up arrows on the right to move it to the top.

In IIS, bind the IP address of the adjusted NIC to the Default Website and enable SSL (you do have a certificate public or self signed right???)  Make sure the TCP port for the default website is 80

Make any adjustments to your host headers [if you use host headers, make sure to set at least 2 entries: 1 FQDN and 1 NETBIOS name (Commonly: mail.company.tld & exch01.company.tld & exch01; assuming you are either CNAMEing or have an extra HOST A record for mail pointing to the NetBIOS name)]

Restart W3SVC service (World Wide Web Publishing Service) for good measure :-)

Close ESM and re open

--------------
Footnotes:

I have seen articles staring that Exadmin virtual folder must not have SSL required, but I have it working with the above settings in production and see no errors in the event logs or have any problems with the user population.

You do not have to hard set the firewall exclusively for port 443 to your server (unless you only need 443, then do so; if you need 80 or any others as appropriate, let them through.)  

If you have multiple addresses bound to 1 NIC and this is your issue, remember that you will likely have to have all unassigned addresses configured for the Exchange virtual sites assuming: that the IP address you want is ***NOT*** the lowest (first) address.  You can alternately set you IP addresses in order:
TCP IP> advanced> IP Settings> List you IP address in the order you want wit the Exchange IP address first (should match the main property sheet for TCPIP settings)
---------------

Cheers! 500 "Whose Line Is It" points  :-)
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now