Solved

Exchange Webmail failure but probably IIS problem

Posted on 2004-10-04
9
344 Views
Last Modified: 2011-08-18
In my company we have a single domain with a single Windows 2003 server acting as the domain controller and data server. This server is also running Exchange 2003 standard edition and it was upgraded in two stages from an NT4 /Exchange 5.5 system. The server itself appears to be running fine, all users can logon and access their mailboxes via Outlook 2003 without problems. One or two user were interested in Outlook Web Access which naturally is included as standard with Exchange 2003 and was installed along with the rest of the package. However OWA simply isn't working.
From a machine on the network (or on the server itself) I can enter
//servername/exchange in IE and get a log-in prompt. However I enter the username and password (/domainname/username or username@fully_qualified_domainname) it always fails to authenticate and after three tries gives me a
HTTP/1.1 401 Unauthorised
error message. This is the same for all users and all users have webmail enabled.

I have also recently installed Microsoft's SUS software and when I attempt to go the the admin webpage //servername/SUSAdmin the system asks me to log-on (which I don't think it should be doing as I am already logged onto the server with admin rights), the system apparently accepts my log-in but then the IE screen remains completely blank (all white).

This is making me think that the problem is more with IIS or Windows itself rather than with Exchange or SUS. If I enter //servername in IE then I do get the IIS 'homepage' as I would expect. IIS permissions all appear to be OK and I have tried various authentication methods (anonymous, Windows digest etc. without any luck). There are no errors listed in any of the event logs and all other aspects of the server are running correctly

Do I need to uninstall and re-install IIS (is this even possible in Windows 2003 server and will it bring done the Exchange system)? or does anyone know of anything else I should look for?

Many thanks

John
0
Comment
Question by:jem99
  • 4
  • 3
9 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 12216648
SUS will always ask you to login - that is by design.

The URLs you have entered, have you fudged them on purpose? It should be http://servername/exchange
The user authentication should be domain\username - no leading \

First fix for any OWA queries is authentication types.
In IIS Manager look at the Exchange virtual directories.
/exchange
/exadmin
/public
/exchweb

Each should have ONLY basic and integrated authenticaiton enabled.
/exchweb should also have anonymous authentication enabled.

Simon.
0
 

Author Comment

by:jem99
ID: 12218458
Authentications are all checked and set ok; and that was a mistake on my part re the log-in name. I  have tried domainname\username with no luck. Oddly enough if I enter

http://servername/exchange/username then I immediately get a page not found error and it doesn't ask me to log-in first.

As for the SUS log-in, on another system I look after, if I log-onto the server console directly as a domain admin and enter http://servername/susadmin it immediately gives me the front page (as I'm already logged in with admin privs.) wherase on the server in question  doing the same thing asks for a log-in and still fails.

Very odd

John
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12218898
Try following this article to reset the virtual directories in Exchange 2003:
http://support.microsoft.com/default.aspx?kbid=883380

Simon.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:jem99
ID: 12226149
Simon

Thanks for the tip but I already found that article when doing a search for solutions. Needless to say it didn't work.

John
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12229454
The two fixes I have outlined resolve most problems. If this machine was an upgrade then that is probably the cause. Upgrades can cause many problems - with legacy settings interfering. If the IIS Lockdown tool was run on the old NT4 system then some of those settings could be causing the problem.

You might be looking at moving the data to another machine, wipe and reinstall, unless anyone else can come up with ideas.

Simon.
0
 

Author Comment

by:jem99
ID: 12237394
I am beginning to come to the same conclusion myself.

Just to make things a little more wierd on another system (also Windows 2003 Server / Exchange 2003) I can check the IIS setting for the Exchange virtual directory and find that it's pointing to //./BackOfficeStore/domain_name/MBX as I would expect. On the faulty server in question it's the same (different domain name naturally). The difference is that I can ping this address on the faulty server and get it resolved to a public IP address. I then get a cached DNS entry for it. I've removed the cached entry, flushed the DNS cache but it gets recreated as soon as I try to ping the address again. I don't actually get a response from the host but I shouldn't get a resolved address anyway!

John
0
 
LVL 104

Accepted Solution

by:
Sembee earned 250 total points
ID: 12243130
That pinging problem sounds like duff DNS settings somewhere on the server. I presume you have gone through the network settings and ensured that they are correct? (DNS pointing to the DC only etc).

Otherwise it sounds like a mess and I would start planning to swing the data out to another machine so that it can be rebuilt clean.

Simon.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now