Redshaw
asked on
SBS 2003 & OWA can't login after scratch SBS install.
Hello, I did a scratch install of SBS 2003 and can't make OWA work in the new environment, I have been fooling around with the authentication and the problem goes from a 403.6 to a 503 service unavailable. I have applied the patch to get around having to put the domain name in the logon. Another interesting issue is when ever I do get a logon I get a failure no matter how I try to get in and from that point on I don't get another attempt. I have read and attempted solutions from many similar problems in kb articles but still can't overcome this issue..
also, no front-end server involved here. I suspect this may be sharepoint hosing exchange in an iis directory but am not sure how to correct.
(new guy - 1st post) thanks.
also, no front-end server involved here. I suspect this may be sharepoint hosing exchange in an iis directory but am not sure how to correct.
(new guy - 1st post) thanks.
ASKER
Thanks, I tried all the authentication changes to no avail (well when I cahnged the . What concerns me is sharepoint comes integrated into SBS and I don't recall doing any particular changes to the default installation. The only other thing I know to try is based on kb832769 regarding integrated authorization vs kerberose.
My initial thought was to get it running then apply the https & certificate stuff. Maybe I should start again and try to implement this security stuff from the beginning. Is there a general cookbook somewhere documenting a solution that works.
I am running W2003 enterprise and exchange 2003 enterprise on my personal systems and seem to be having the same problems there. Am I perhaps overlooking something that is simple and obvious?
I see kb articles on the new OWA client (not even sure what that is).
One fact that is somewhat confusing is that SBS generates an internal dns name with a .local extension, there is also a netbios name so when trying to get past the logon prompts there are a bunch of possibilities when it comes to qualifying logins.
previously on 5.5 and 2000 I just used http://xxxxxxxxxxxxx/exchange and then logged in.
is this still correct?
on my personal systems I can get an OWA initial screen (that says loading under inbox) but in the lower left I get an "error on page"
Thanks very much..
My initial thought was to get it running then apply the https & certificate stuff. Maybe I should start again and try to implement this security stuff from the beginning. Is there a general cookbook somewhere documenting a solution that works.
I am running W2003 enterprise and exchange 2003 enterprise on my personal systems and seem to be having the same problems there. Am I perhaps overlooking something that is simple and obvious?
I see kb articles on the new OWA client (not even sure what that is).
One fact that is somewhat confusing is that SBS generates an internal dns name with a .local extension, there is also a netbios name so when trying to get past the logon prompts there are a bunch of possibilities when it comes to qualifying logins.
previously on 5.5 and 2000 I just used http://xxxxxxxxxxxxx/exchange and then logged in.
is this still correct?
on my personal systems I can get an OWA initial screen (that says loading under inbox) but in the lower left I get an "error on page"
Thanks very much..
Did you apply SP1 to Exchange? If so, did you apply the patch for OWA after that?
Why don't you check out http://sbslinks.com/patch.htm and make sure that you have EVERY current patch and update applied.
As for a general cookbook... you should definitely use either http://www.microsoft.com/downloads/details.aspx?FamilyID=483b6e22-8ed2-420b-915e-96d469347fb2&DisplayLang=en or follow Harry Brelsford's Small Business Server Best Practices Guide (http://gallery.bcentral.com/GID4648245P2942932-Books/Book-Small-Business-Server-2003-Best-Practices.aspx).
Be aware that SBS IS NOT W2003 Enterprise... you MUST use the wizards and templates. Because you are running all of these server functions in the same box as your DC, it's critical to do it the prescribed way (and then tinker with it to your liking once you have everything up and running).
Essentially when all is said and done, you should be able to use http://servername/exchange for OWA but if you haven't applied all updates and patches, and you haven't used the wizards to configure your server, you probably missed something along the way. The Email and Internet Configuration Wizard generates over 500 separate instructions alone... so its not something you want to mess with manually.
Check out my posting here at EE for more info: http:Q_21031607.html
Good Luck!
Jeff @
TechSoEasy
Why don't you check out http://sbslinks.com/patch.htm and make sure that you have EVERY current patch and update applied.
As for a general cookbook... you should definitely use either http://www.microsoft.com/downloads/details.aspx?FamilyID=483b6e22-8ed2-420b-915e-96d469347fb2&DisplayLang=en or follow Harry Brelsford's Small Business Server Best Practices Guide (http://gallery.bcentral.com/GID4648245P2942932-Books/Book-Small-Business-Server-2003-Best-Practices.aspx).
Be aware that SBS IS NOT W2003 Enterprise... you MUST use the wizards and templates. Because you are running all of these server functions in the same box as your DC, it's critical to do it the prescribed way (and then tinker with it to your liking once you have everything up and running).
Essentially when all is said and done, you should be able to use http://servername/exchange for OWA but if you haven't applied all updates and patches, and you haven't used the wizards to configure your server, you probably missed something along the way. The Email and Internet Configuration Wizard generates over 500 separate instructions alone... so its not something you want to mess with manually.
Check out my posting here at EE for more info: http:Q_21031607.html
Good Luck!
Jeff @
TechSoEasy
ASKER
Thanks very much Jeff, these are terrific guidelines, I have ordered the best proactices book and was able to download it while I wait on the hardcopy. I also ordered the CYA series on OWA and IIS. I did verify that all the patches were on (great document).
Your point about the wizard hit home though, It didn't want to set these up easily when I ran it so I did it manually. My question is, is it too late (distructive) to run it now and see if it helps? Another point of interest, I went to the web diva's sbs blog and this is evidently a real and confusing problem to a lot of folks with 4 or 5 different solutions (and a number of folks who had tried them all and still weren't working).
Will keep you posted as I continue rumblin bumblin stumblin down this track..
gary
Your point about the wizard hit home though, It didn't want to set these up easily when I ran it so I did it manually. My question is, is it too late (distructive) to run it now and see if it helps? Another point of interest, I went to the web diva's sbs blog and this is evidently a real and confusing problem to a lot of folks with 4 or 5 different solutions (and a number of folks who had tried them all and still weren't working).
Will keep you posted as I continue rumblin bumblin stumblin down this track..
gary
ASKER
OK, I did the follwoing search (this site) on remote web workplace, and got this (Jeff I think you are right about the wizards, thanks)
If you are running SBS 2003 the best way of solving this problem is to run the wizard:
1.-Open Server Management
2.- Click on to do list on left side of MMC
3.- On the right side Click on connect to the internet
4. Follow the wizard until you reach " Firewall" and select Enable Firewall
5.-Make sure you check E-mail on service Confihuration and what ever is apropriate to services that you want to offer.
6.-Select
a.-Outlook Web Access
b.-Remote Webworkplace
c.-Outlook Via the internet
You could select any other services that you want to be accessed from the external network
then click next finish and run the wizard.
That should solve your problem.
Good Luck! Posted as Comment from vico1
I also enabled port 443 on my sonicwall firewall
This now allows me to connect from inside and outside. However, I get the signon screen and can't sign-on
I still get the HTTP 503 service unavailable. Feel like I am getting closer though.
any ideas are welcome, in the mean time I will continue along this trek.
Thanks
If you are running SBS 2003 the best way of solving this problem is to run the wizard:
1.-Open Server Management
2.- Click on to do list on left side of MMC
3.- On the right side Click on connect to the internet
4. Follow the wizard until you reach " Firewall" and select Enable Firewall
5.-Make sure you check E-mail on service Confihuration and what ever is apropriate to services that you want to offer.
6.-Select
a.-Outlook Web Access
b.-Remote Webworkplace
c.-Outlook Via the internet
You could select any other services that you want to be accessed from the external network
then click next finish and run the wizard.
That should solve your problem.
Good Luck! Posted as Comment from vico1
I also enabled port 443 on my sonicwall firewall
This now allows me to connect from inside and outside. However, I get the signon screen and can't sign-on
I still get the HTTP 503 service unavailable. Feel like I am getting closer though.
any ideas are welcome, in the mean time I will continue along this trek.
Thanks
ASKER
Well still no success, I can logon to the default sbs web site, or the remote workplace base site and now can get a logon prompt either through /exchange or /remote but still the same result http/1.1 503 service unavailable when I try to logon. I have also been denied when I try to use the following format.
domain/user (I get a bad user name or password).
I have now enabled FBA and it appears like my certificate is working ok.
I think I have tried all the stuff I have found on this site as well.. (headed towards wits end) There also seems to be a lot of chatter on some of the blogs out there.
I have used Henrick Walther's CYA book and purchased Harry Brelsford's 2003 SBS book.
I set all the authorizations precisely as in the CYA book.
No erriors in the log
domain/user (I get a bad user name or password).
I have now enabled FBA and it appears like my certificate is working ok.
I think I have tried all the stuff I have found on this site as well.. (headed towards wits end) There also seems to be a lot of chatter on some of the blogs out there.
I have used Henrick Walther's CYA book and purchased Harry Brelsford's 2003 SBS book.
I set all the authorizations precisely as in the CYA book.
No erriors in the log
ASKER
since opening this problem, I have had to install another sbs at another customer.. all features work fine. I am afraid I am gonna have to re-inatall this one at the next earliest convenience.
Thanks everyone for your help.
Moderator, thanks and please close.
Thanks everyone for your help.
Moderator, thanks and please close.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This came up last month, take a read of the question and see if that helps.
https://www.experts-exchange.com/questions/21314128/OWA-and-Sharepoint-Services-problem-with-OWA.html
Simon.