SBS 2003 & OWA can't login after scratch SBS install.

Hello, I did a scratch install of SBS 2003 and can't make OWA work in the new environment, I have been fooling around with the authentication and the problem goes from a 403.6 to a 503 service unavailable. I have applied the patch to get around having to put the domain name in the logon. Another interesting issue is when ever I do get a logon I get a failure no matter how I try to get in and from that point on I don't get another attempt. I have read and attempted solutions from many similar problems in kb articles but still can't overcome this issue..
also, no front-end server involved here. I suspect this may be sharepoint hosing exchange in an iis directory but am not sure how to correct.
(new guy - 1st post) thanks.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You have sharepoint on this machine? That causes complications.
This came up last month, take a read of the question and see if that helps.

RedshawAuthor Commented:
Thanks, I tried all the authentication changes to no avail (well when I cahnged the . What concerns me is sharepoint comes integrated into SBS and I don't recall doing any particular changes to the default installation. The only other thing I know to try is based on kb832769 regarding integrated authorization vs kerberose.
My initial thought was to get it running then apply the https & certificate stuff. Maybe I should start again and try to implement this security stuff from the beginning. Is there a general cookbook somewhere documenting a solution that works.
I am running W2003 enterprise and exchange 2003 enterprise on my personal systems and seem to be having the same problems there. Am I perhaps overlooking something that is simple and obvious?
I see kb articles on the new OWA client (not even sure what that is).
One fact that is somewhat confusing is that SBS generates an internal dns name with a .local extension, there is also a netbios name so when trying to get past the logon prompts there are a bunch of possibilities when it comes to qualifying logins.

previously on 5.5 and 2000 I just used http://xxxxxxxxxxxxx/exchange and then logged in.
is this still correct?

on my personal systems I can get an OWA initial screen (that says loading under inbox) but in the lower left I get an "error on page"
Thanks very much..

Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Did you apply SP1 to Exchange?  If so, did you apply the patch for OWA after that?

Why don't you check out and make sure that you have EVERY current patch and update applied.  

As for a general cookbook... you should definitely use either or follow Harry Brelsford's Small Business Server Best Practices Guide (

Be aware that SBS IS NOT W2003 Enterprise... you MUST use the wizards and templates.  Because you are running all of these server functions in the same box as your DC, it's critical to do it the prescribed way (and then tinker with it to your liking once you have everything up and running).  

Essentially when all is said and done, you should be able to use http://servername/exchange for OWA but if you haven't applied all updates and patches, and you haven't used the wizards to configure your server, you probably missed something along the way.  The Email and Internet Configuration Wizard generates over 500 separate instructions alone... so its not something you want to mess with manually.

Check out my posting here at EE for more info:  http:Q_21031607.html

Good Luck!

Jeff @
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

RedshawAuthor Commented:
Thanks very much Jeff, these are terrific guidelines, I have ordered the best proactices book and was able to download it while I wait on the hardcopy. I also ordered the CYA series on OWA and IIS. I did verify that all the patches were on (great document).
Your point about the wizard hit home though, It didn't want to set these up easily when I ran it  so I did it manually. My question is, is it too late (distructive) to run it now and see if it helps? Another point of interest, I went to the web diva's sbs blog and this is evidently a real and confusing problem to a lot of folks with 4 or 5 different solutions (and a number of folks who had tried them all and still weren't working).
Will keep you posted as I continue rumblin bumblin stumblin down this track..

RedshawAuthor Commented:
OK, I did the follwoing search (this site) on remote web workplace, and got this (Jeff I think you are right about the wizards, thanks)

If you are running SBS 2003 the best way of solving this problem is to run the wizard:

1.-Open Server Management
2.- Click on to do list on left side of MMC
3.- On the right side Click on connect to the internet
4. Follow the wizard until you reach " Firewall" and select Enable Firewall
5.-Make sure you check E-mail on service Confihuration and what ever is apropriate to services that you want to offer.
     a.-Outlook Web Access
     b.-Remote Webworkplace
     c.-Outlook Via the internet
You could select any other services that you want to be accessed from the external network
then click next finish and run the wizard.
That should solve your problem.

Good Luck! Posted as Comment from vico1

I also enabled port 443 on my sonicwall firewall

This now allows me to connect from inside and outside. However, I get the signon screen and can't sign-on
I still get the HTTP 503 service unavailable. Feel like I am getting closer though.
any ideas are welcome, in the mean time I will continue along this trek.

RedshawAuthor Commented:
Well still no success, I can logon to the default sbs web site, or the remote workplace base site and now can get a logon prompt either through /exchange or /remote but still the same result http/1.1 503 service unavailable when I try to logon. I have also been denied when I try to use the following format.
domain/user (I get a bad user name or password).
I have now enabled FBA and it appears like my certificate is working ok.
I think I have tried all the stuff I have found on this site as well.. (headed towards wits end) There also seems to be a lot of chatter on some of the blogs out there.

I have used Henrick Walther's CYA book and purchased Harry Brelsford's 2003 SBS book.
I set all the authorizations precisely as in the CYA book.

No erriors in the log
RedshawAuthor Commented:
since opening this problem, I have had to install another sbs at another customer.. all features work fine. I am afraid I am gonna have to re-inatall this one at the next earliest convenience.
Thanks everyone for your help.

Moderator, thanks and please close.
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
no problem, hope that my comments and the associated links were of help in your other install.

Jeff @

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.