• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 336
  • Last Modified:

OWA - Exchange 2000 -The page cannot be displayed - Cannot find server or DNS Error

Hello there

I have three Exchange 2000 servers,  al located at different sites and connected together via routing connectors.

Two of the sites use ISA and are in the same country.  The third site just has it's own DSL router,  static IP, and domain etc.

The first two servers are just fine with OWA,  the third server however,  I am not able to access OWA even from the server ie:  https://servername/exchange.  I receive the error above.  I have read various articles from Microsoft etc and have set permissions in ESM and IIS etc etc etc.  No luck though,  still the same message.

Hope you can enlighten me - thanks in advance.
Chris
0
ANCARE
Asked:
ANCARE
  • 7
  • 7
1 Solution
 
AmitspeedstarCommented:
Can u post your error message , as u have not specified what error u r receiving

Amit.
0
 
LeeDerbyshireCommented:
Can you access it using its IP address https://xxx.xxx.xxx.xxx/exchange instead of https://servername/exchange ?
0
 
ANCAREAuthor Commented:
The error in IE6 is "Page cannot be displayed" at the bottom of the screen
Cannot find server or DNS Error
Internet Explorer

It also will not access using https://IP address/exchange

regards,  Chris
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LeeDerbyshireCommented:
How about if you try to open the server's Default Web Site with https://IP address ?  If you can't access that, I would check that you have port 443 forwarded to the server at its firewall/router .
0
 
ANCAREAuthor Commented:
SEMBEE - can you help please?

I have 3 Exchange 2000 servers located at different sites,  connected via routing connectors.  Two of the servers are just fine with OWA,  the new server, #3 will not even work internally with OWA.

Previously,  any access attempt would result in 'page cannot be displayed - DNS error'

I registered a digital cert with InstantCer and installed it and now if I https://servername/exchange,  it redirects me to one of my other Exchange servers with an authentication for that (wrong) server.
Entering http://servername/exchange results in the same re-direction.

Thanks everyone,  especially Simon if he picks this one up.

cheers,  Chris
0
 
LeeDerbyshireCommented:
Here's something for you to think about, in case Simon doesn't read this.  You say that you are being redirected from one server to another?  Is the server you are being redirected to the one that actually has the user's mailbox on?  If so, then that is normal if the first server is not a front-end server.  If you use a FE server, it will act as an OWA proxy, performing the request to the mailbox server on your behalf.  If it is not a FE server, then it will simply redirect you to the mailbox server if your mailbox is not on that server.  It will also use the NetBIOS name in the redirect, so this will cause problems if you are not on the LAN.
0
 
ANCAREAuthor Commented:
SEMBEE - can you help please?

Thanks Lee,  All 3 servers are just W2K Ex2K individual servers connected via routing connectors,  sharing the same GAL etc.  I get redirected when simply typing https://servername/exchange.  What actually happens is I receive the digital certicate window for the 'correct' server I am trying to get to,  when I accept (YES) the certificate,  I get a logon window for my first installed server,  which is in fact in a different country.
0
 
ANCAREAuthor Commented:
**I found the solution to one problem and then found another problem.**

The problem was,  the server I could not logon to needed to have an SMTP address established in AD for the same domain name as the primary domain.
eg.   company.com is the primary domain,  the problem servers SMTP domain is company.com.au - needed to create an additional SMTP address for user as user@company.com.

NOW I have a bigger problem - although the Exchange web site in IIS is set to Windows Authentication Only and Anonymous is unselected,  it will allow anyone to access users mailboxes on that server without any authentication?

Please help?
0
 
LeeDerbyshireCommented:
If you have Integrated Auth selected, then users who are already logged onto your domain will not need to log in again - their browsers will send the credentials used to log into the domain.
0
 
ANCAREAuthor Commented:
Thanks Lee - the problem is it allows anyone access to anyones mailbox.
0
 
LeeDerbyshireCommented:
You mean if you go to http://server/exchange/user , instead of just http://server/exchange ?  First, check that it is definitely ~any user that can do this, and not just you.  You will probably find that you (logging in as a Domain Admin) can open other maiboxes - non-admin users should not be able to do this.  Domain Admins can do this because they have Send As permission on the Mailbox Store object in Exchange System Manager .  Also, what sometimes happens is that you may be using one of those applications that require users to have admin permissions to be able to use it, and you may have needed to put all your users in the Domain Admins group.  Rare, but it sometimes happens.
0
 
ANCAREAuthor Commented:
Correct,  if I go to https://server/exchange/user (SSL cert exists)
This is only a problem on "one" of the Exchange servers (all other Ex2K servers present with an authentication window for username/password)

The network is very well locked down (except for this weird issue) - I can access mailboxes on this server using a 'user' logon with 'domain user' only rights,  this problem is not limited to my account logon.  I certainly need to get this sorted before I think of going live on the web with OWA on this server.
0
 
LeeDerbyshireCommented:
Okay, in Exchange System Manager, open the affected server, and open the properties of its Mailbox Store object.  Look at the Security page.  A permissions problem that affects all mailboxes will be caused by an entry here.  Have a look at any groups listed (Everyone, Domain Admins, etc.) and the permissions for those groups.  You want to check who has Full Access, Read, Send As, etc., on this object as it will propagate down to all your mailboxes.
0
 
ANCAREAuthor Commented:
Thank you Lee - there are no problems with the ESM - Mailbox store object security.  Everything here is standard,  only admins and servers have permissions are set by default.  Everyone group is there but all rights are unselected.

I have further defined the problem now.   eg. When going to https://servername/exchange/user1 - the system now prompts for username and password, however,  if I enter any valid domain username and password for a non admin user,  eg user2 , it will allow access to the user1 mailbox.
0
 
LeeDerbyshireCommented:
The only thing I can think of now, is that your users (or some of them), have ended up in the admins group.  Check the group membership for one of your users in ADUC, and make sure there is nothing unexpected in there.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 7
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now