Exchange 2003 Front End Server problems

Hi experts

I just setup an exchange 2003 front end server on server 2003. It's pretty much just a detault install and apart from dismounting the store and stopping any unneccessary services I havn't really done much else to it.

Problem is I can't access OWA. I put in http://server/exchange I get asked for username and password but it won't accept anything.

I check event viewer and I have the following error.

EXPROX
Event ID 1000

Microsoft Exchange Server has detected that NTLM-based authentication  is presently being used between this server and server 'AHMAIL'. NTLM is  still a secure authentication mechanism and protects users' credentials.   However, this indicates that there may be a configuration issue preventing  the use of Kerberos authentication.   If this condition persists, please verify that both this server and server 'AHMAIL'  are properly configured to use Kerberos authentication.  After applying any  changes it may be necessary to restart Internet Information Services on both  the front-end and back-end servers.  

So I'm guessing there is a problem with the front end server authenticating to the back end server. Backend server is Exchange 2003 on Server 2003 also.

Domain controller is a windows 2000 server.

Any ideas on what the problem is? I don't understand the part about configuring Kerberos authentication in the event viewer error message. Any help much appreciated.

Thanks



LVL 1
hnadAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SembeeCommented:
You haven't got Sharepoint services installed somewhere have you? I have seen this error with sharepoint on the same machine...

Simon.
0
hnadAuthor Commented:
I havn't installed them knowingly.

Is it something that gets installed with 2003 server or exchange by default?
0
hnadAuthor Commented:
I've looked everywhere for sharepoint services. I don't have them installed as far as I can tell. Seems it's something I need to purchase. Sorry never heard of sharepoint before. :)
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

SembeeCommented:
Sharepoint comes in two flavours.
Sharepoint services - that is a free download for Windows 2003 and Sharepoint Portal Server which is a paid for product.

Anyhow, it sounds like you don't have that enabled on your server.

Take a look at this newgroup posting, particularly the bottom posting.

http://groups.google.co.uk/groups?hl=en&lr=&c2coff=1&safe=off&th=a09a9ad6f2838be4&rnum=3

Simon.
0
hnadAuthor Commented:
Hi Simon, I'm guessing the metabase issue in the link you posted goes a long way towards my problem. However I don't have the line:

NTAuthenticationProviders="NTLM"

Under: <IIsWebServer>

as specified in the newsgroup posting.

I did try disabling the reuse connection issue as per the MS support page. However it hasn't helped.

Do you think adding the line:

NTAuthenticationProviders="Negotiate,NTLM"

to the <IIsWebServer> section would cause any problems.

This is what my metabase file looks like

/>
</IIsWebService>
<IIsWebServer      Location ="/LM/W3SVC/1"
            AppPoolId="DefaultAppPool"
            DefaultDoc="Default.htm,Default.asp,index.htm,iisstart.htm,Default.aspx"
            ServerAutoStart="TRUE"
            ServerBindings=":80:"
            ServerComment="Default Web Site"
            ServerSize="1"
      >
      <Custom
            Name="UnknownName_45054"
            ID="45054"
            Value="0"
            Type="DWORD"
            UserType="IIS_MD_UT_SERVER"
            Attributes="INHERIT"
      />
      <Custom
            Name="UnknownName_45055"
            ID="45055"
            Value="0"
            Type="DWORD"
            UserType="IIS_MD_UT_SERVER"
            Attributes="INHERIT"
      />
      <Custom
            Name="UnknownName_49875"
            ID="49875"
            Value="1"
            Type="STRING"
            UserType="IIS_MD_UT_SERVER"
            Attributes="NO_ATTRIBUTES"
      />
      <Custom
            Name="UnknownName_61536"
            ID="61536"
            Value="{2D8E32EE-DE40-413D-B1CA-C7C81FADFE64}"
            Type="MULTISZ"
            UserType="IIS_MD_UT_SERVER"
            Attributes="NO_ATTRIBUTES"
      />
0
SembeeCommented:
It is getting to the point of suggesting radical things...
You shouldn't have to do this to a front-end server to get it working. If it is just a front-end then I would remove Exchange using Add/Remove Programs, drop the machine in to a workgroup and wipe it.

Install Windows 2003 and the required optional components, but not Exchange. Run auto updates on the machine and install those.
Install Exchange, and enable frontend. Do not do ANYTHING else (even stopping stores etc). See if it works.

I once did this six times in two days for a client before I was happy with the server.

Simon.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
hnadAuthor Commented:
heh yeh I actually did exactly what you suggested earlier. Re-installed everything and it's working at the moment. I'm just going through the process of stopping one service at a time, testing to makesure it still works then proceeding to stop the next service.

Thanks for your help anyway. I'll give you the points because the links you provided were very interesting.



0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.