• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 641
  • Last Modified:

Exchange 2003 Front End Server problems

Hi experts

I just setup an exchange 2003 front end server on server 2003. It's pretty much just a detault install and apart from dismounting the store and stopping any unneccessary services I havn't really done much else to it.

Problem is I can't access OWA. I put in http://server/exchange I get asked for username and password but it won't accept anything.

I check event viewer and I have the following error.

EXPROX
Event ID 1000

Microsoft Exchange Server has detected that NTLM-based authentication  is presently being used between this server and server 'AHMAIL'. NTLM is  still a secure authentication mechanism and protects users' credentials.   However, this indicates that there may be a configuration issue preventing  the use of Kerberos authentication.   If this condition persists, please verify that both this server and server 'AHMAIL'  are properly configured to use Kerberos authentication.  After applying any  changes it may be necessary to restart Internet Information Services on both  the front-end and back-end servers.  

So I'm guessing there is a problem with the front end server authenticating to the back end server. Backend server is Exchange 2003 on Server 2003 also.

Domain controller is a windows 2000 server.

Any ideas on what the problem is? I don't understand the part about configuring Kerberos authentication in the event viewer error message. Any help much appreciated.

Thanks



0
hnad
Asked:
hnad
  • 4
  • 3
1 Solution
 
SembeeCommented:
You haven't got Sharepoint services installed somewhere have you? I have seen this error with sharepoint on the same machine...

Simon.
0
 
hnadAuthor Commented:
I havn't installed them knowingly.

Is it something that gets installed with 2003 server or exchange by default?
0
 
hnadAuthor Commented:
I've looked everywhere for sharepoint services. I don't have them installed as far as I can tell. Seems it's something I need to purchase. Sorry never heard of sharepoint before. :)
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
SembeeCommented:
Sharepoint comes in two flavours.
Sharepoint services - that is a free download for Windows 2003 and Sharepoint Portal Server which is a paid for product.

Anyhow, it sounds like you don't have that enabled on your server.

Take a look at this newgroup posting, particularly the bottom posting.

http://groups.google.co.uk/groups?hl=en&lr=&c2coff=1&safe=off&th=a09a9ad6f2838be4&rnum=3

Simon.
0
 
hnadAuthor Commented:
Hi Simon, I'm guessing the metabase issue in the link you posted goes a long way towards my problem. However I don't have the line:

NTAuthenticationProviders="NTLM"

Under: <IIsWebServer>

as specified in the newsgroup posting.

I did try disabling the reuse connection issue as per the MS support page. However it hasn't helped.

Do you think adding the line:

NTAuthenticationProviders="Negotiate,NTLM"

to the <IIsWebServer> section would cause any problems.

This is what my metabase file looks like

/>
</IIsWebService>
<IIsWebServer      Location ="/LM/W3SVC/1"
            AppPoolId="DefaultAppPool"
            DefaultDoc="Default.htm,Default.asp,index.htm,iisstart.htm,Default.aspx"
            ServerAutoStart="TRUE"
            ServerBindings=":80:"
            ServerComment="Default Web Site"
            ServerSize="1"
      >
      <Custom
            Name="UnknownName_45054"
            ID="45054"
            Value="0"
            Type="DWORD"
            UserType="IIS_MD_UT_SERVER"
            Attributes="INHERIT"
      />
      <Custom
            Name="UnknownName_45055"
            ID="45055"
            Value="0"
            Type="DWORD"
            UserType="IIS_MD_UT_SERVER"
            Attributes="INHERIT"
      />
      <Custom
            Name="UnknownName_49875"
            ID="49875"
            Value="1"
            Type="STRING"
            UserType="IIS_MD_UT_SERVER"
            Attributes="NO_ATTRIBUTES"
      />
      <Custom
            Name="UnknownName_61536"
            ID="61536"
            Value="{2D8E32EE-DE40-413D-B1CA-C7C81FADFE64}"
            Type="MULTISZ"
            UserType="IIS_MD_UT_SERVER"
            Attributes="NO_ATTRIBUTES"
      />
0
 
SembeeCommented:
It is getting to the point of suggesting radical things...
You shouldn't have to do this to a front-end server to get it working. If it is just a front-end then I would remove Exchange using Add/Remove Programs, drop the machine in to a workgroup and wipe it.

Install Windows 2003 and the required optional components, but not Exchange. Run auto updates on the machine and install those.
Install Exchange, and enable frontend. Do not do ANYTHING else (even stopping stores etc). See if it works.

I once did this six times in two days for a client before I was happy with the server.

Simon.
0
 
hnadAuthor Commented:
heh yeh I actually did exactly what you suggested earlier. Re-installed everything and it's working at the moment. I'm just going through the process of stopping one service at a time, testing to makesure it still works then proceeding to stop the next service.

Thanks for your help anyway. I'll give you the points because the links you provided were very interesting.



0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now