[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2290
  • Last Modified:

Cant login to OWA with external domain name, .local domain name comes back "page not found"

Currently using SBS 2003(sp2) with exchange(sp2), sql(sp4), sharepoint(sp2) and IIS installed.  The local domain is DIA.local and the external domain is somedomain.com.  When i as administrator or a test user try to login to OWA, i can only use the local domain as the login, so lets say "test" is the account.  

When i login as "test@DIA.local", owa goes in, has the frames page built but both frames say "page not found".
When i login as "test@somedomain.com", owa says the username or password is incorrect.  
Its the same way if i try to login with DIA.local\test or if i set the exchange virtual directory to default to "\".  If i force somedomain.com in the domain box, i cant login unless i use test@dia.local.

After looking at the some MS KB's, it appears the OWA is meant for whatever the exchange site is setup for, which in this case is "somedomain.com" in the exchange virutal directory under exchange.  If that domain is not used to login, then the page not found is displayed.

I have tried to:
-Recreate the default website
-Recreate the OWA site using a ms KB, it was rebuilt, but still no change.
-Rerun the CICW
-Verified that the accounts are defaulted to (bolded) "test@somedomain.com" in active directory.

It seems like something in IIS or exchange is not jiving.  I setup a virutal server with sbs installed and it works fine with this configuration.. so something was done on this server that is preventing this from working.

How can i fix this so they can login with the external domain?
0
Brent
Asked:
Brent
  • 11
  • 11
1 Solution
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
While technically you should be able to log in as test@DIA.local, it should work.  There would be no way whatsoever that test@somedomain.com would.  (Unless you manually modify the server's settings to allow for alternate domain logins to OWA, but I doubt you've done that).

Also, if you were using the format Domain\Username, that uses the NETBIOS name of the domain not the DNS name.  So it would be DIA\test.  

But none of these should be necessary at all.  You really only need to have users log in with their username, in this case "test".  You seem to be confusing E-mail Addresses with User Accounts.  (as demonstrated by your comment: "Verified that the accounts are defaulted to (bolded) "test@somedomain.com" in active directory").  This is not a POP3 Server like what you may have been used to.  Account authentication is based on the user's ACTIVE DIRECTORY account, not the email addresses listed in such account.  

I will also clarify this for you:
"After looking at the some MS KB's, it appears the OWA is meant for whatever the exchange site is setup for, which in this case is "somedomain.com" in the exchange virutal directory under exchange.  If that domain is not used to login, then the page not found is displayed."

It doesn't matter one bit what FQDN you use to access your server and OWA.  In fact, one would normally configure a sub-domain FQDN that designates the server because the domain name itself with or without the www would point to the Web Server (usually hosted in a different place).  So, for instance you would configure sbs.domain.com to point to your SBS's external IP address.  This configuration is made in the PUBLIC DNS Zone File for the Internet Domain Name.  Usually that's done at the Domain Name Registrar  -- such as GoDaddy -- or at the ISP that hosts the web site by entering a HOST A record pointing that FQDN to your SBS.

If this hasn't been done, you can initially test OWA by just using the External IP address of the Server instead, ie, https://123.45.67.89/exchange.  Note that we're using https and not just http.  This means that incomming traffic will be on port 443 and that port must be open on your router and be pointed to your SBS.

Whatever you decide to do though, that FQDN or IP address is what's entered on the CEICW's SSL Certificate page so that the server generates a certificate in the correct name.  IIS does not care one bit what's before the /exchange in the URL.  You will get to OWA as long as you can get to the server properly.

I can tell you though, that if you have monkeyed with any of the settings on the default web site the CEICW will usually not fix them all properly and you may have to fully reinstall IIS and Exchange per http://support.microsoft.com/kb/320202

But before doing that, please see if you can access OWA internally on your LAN by going to http://servername/exchange.

If you can do that, then try externally with the IP address using https.

Jeff
TechSoEasy
0
 
BrentDevOpsAuthor Commented:
Ok your right about the "test@somedomain.com".  Not sure what i was thinking... i thought i had tested that with my virtual PC test box, but i didnt.  I just tested that and yes.. i cant get in.  Which makes sense.  I have another site that they use the same domain internally and externally( which i know is not the best of ideas and causes some problems ).

So what this boils down to is(default domain is set to "\" on the exchange virtual directory in IIS):

When i log on to the server using just "test" and the password, it opens up OWA with frames but both frames have "page not found".

Currently i am testing the site directly from the server http://servername/exchange(which auto redirects to https://servername/exchange.  Its using forms based authentication and SSL.  If i try from a PC on the network, it gives me the cert warning(which is fine), the site loads up the same way.  I also tried using the IP Addresss.  I also disabled all the other sites running on the server to see if any were causing an issue.  Sharepoint is not installed in the default website, nor is front page extensions.

But from either the PC or the server itself, i get the page not found.
0
 
BrentDevOpsAuthor Commented:
"But from either the PC or the server itself, i get the page not found. "

Let me clarify: I get the "page not found" errors(one in each pane) AFTER i login.
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Ok... here's the next few things to check:

Can you please verify if Remote Web Workplace is working?  https://FQDNorIP/remote or internally http://servername/remote?

Please advise if the Monitoring & Reporting as well as Backup Snap-ins in the Server Management Console are working or do they also generate 404 errors?

If you just go to http://localhost on the server do you get the "Welcome to Small Business Server 2003" page?

Then, be sure that KB831464 patch is installed.  If you are unsure, it's best to reinstall that.  http://support.microsoft.com/kb/831464

Jeff
TechSoEasy
0
 
BrentDevOpsAuthor Commented:
Remote web worked, share point portal works, frontpage extensions management page works, the companyweb was moved, but it does work where it is.

I dont know about the snapins.. but i might be able to check tomorrow.

The localhost page is actually setup to go to a docuserver login page.. which is why the moved the companyweb.  I removed the default web, recreated it and recreated OWA, that didnt fix it so i restored the original config.

I will check on the patch tomorrow, i dont know if sp1 was ever installed on the server, but the server does currently run sp2.  I can check the unistall directories for sp1 remnants though.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Please explain in more detail about what you did to move the companyweb.  It does sound as though that may be your problem.  Because you really shouldn't do that on an SBS.  If you wanted the default web page to go to a document library that's quite easy to do with a redirect.

Jeff
TechSoEasy

0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Also, the comment that internally your http://servername/exchange redirects you to https also raised a red flag.  By default that wouldn't happen internally in an SBS network.

Jeff
TechSoEasy
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
And as a final thought on all that... if you "restored the config" was that just the IIS Configuration?  Because it probably broke the way it connects to Exchange.  You generally have to reinstall IIS and Exchange together in order to get things back working right.  The steps to do this are provided in detail at http://support.microsoft.com/kb/320202

Jeff
TechSoEasy
0
 
BrentDevOpsAuthor Commented:
I inherited this box from someone else.  So whoever was before me moved it.. i am not sure why.  Heck could of been the business owner.

On my test box, it does redirect if you type in http://localhost/exchange or http://servername/exchange or http://ipaddress/exchange from both the console and a remote PC by default.   Might be a difference in builds, but mine and his both do it.

Yes, just the IIS Configuration.  I backed up the IIS Config and the default website config, then removed all the exchange directories per the KB and deleted the metabase entry in the KB.  Then restarted the system attendant.  The owa site was rebuilt by the server, but that didnt work, same result.  I then removed the default website completely,  created a new one, edited the metabase to reassign the new one i made an ID of 1, then restarted the system attendant so the site would be rebuilt.  Everything went according to plan, but the result was the same: Page not found errors in both owa frames after login.  After these tests, i restored the IIS config.

I have not reinstalled IIS.



0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
" I inherited this box from someone else.  So whoever was before me moved it.. i am not sure why.  Heck could of been the business owner."

I'm sorry if you didn't personally move the companyweb but could you PLEASE describe what you mean by saying it was moved?  Where was it moved?

Also, you can't manually recreate an SBS's default web site without doing a full reinstall of IIS & Exchange per 320202.  There are far too many interdependent parts that would have to manually be re-attached so reinstalling all of IIS & Exchange is the most efficient and successful method.

However 320202 could fail if the companyweb configuration is not right.  That's why I want to first know where the companyweb was moved, and THEN once we know if that's okay you can continue on with 320202.  If it's not okay, you will first have to reinstall the companyweb.

Jeff
TechSoEasy
0
 
BrentDevOpsAuthor Commented:
its still named companyweb and its not in the Default website.  They told me originally it was in the default website.  BUT, my test box shows that its just another site setup under IIS named companyweb.  Which is what his looks like.  So thats probably just a bit of mis-information there.

i manually recreated "Default Website".  You can delete the original site, create a new site, edit the metabase and change the ID to 1.  This will allow you to initiate the exchange owa recreation and have it end up in the default website.  Its not a reinstall of IIS or exchange.

Maybe the removal of IIS and Exchange a reinstall will fix it.  I just thought i would stay away from major surgery.  If that doesnt work.. a reinstall of the OS might be necessary, which means a whole lotta work.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
That's correct.  The companyweb site is one of FOUR that are created automatically.  Please see this blog bost of mine which shows them:  "http://techsoeasy.spaces.live.com/blog/cns!AB2725BC5698FCB8!175.entry"

I'm sorry to say that recreating the "Default Website" is NOT the way to reset OWA's virtual folders on an SBS.  You'll find that procedure here:  http://msmvps.com/blogs/kwsupport/archive/2004/10/02/14723.aspx

The fact that you "recreated" the Default Website is most likely the cause of your problems.  The Default Website on an SBS is much more critical to the overall operation of the server's system tools than would normally be the case on a standard Server 2003 running IIS.

At this point you really should follow 320202.

Jeff
TechSoEasy
0
 
BrentDevOpsAuthor Commented:
i recreated OWA using microsofts KB, when that didnt yeild any result, i recreated the default website so i would start from scratch.  It was just a step i took to see if it would have any effect.  I have since restored the IIS config to whatever it was before i touched the server.  Just note that i did follow MS's procedure for that, it did recreate the OWA site but it still did not correct the problem.  Again, i restored the original IIS configuration, so everything i did was rendered moot.  Course that doesnt mean that the person who setup the server messed with the configuration.  As far as i can tell, everything looks fine.

Sounds like we are at the end of the road then.. i will go ahead with the 320202 article.  I cant do it till friday night on the production system.  So i will post the results after i finish.  Hope this works! :)

Thanks
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
What I tried to explain to you above is that restoring the original IIS configuration on an SBS doesn't really do the job because of Exchange.  Just because it creates the OWA site, doesn't mean that it's properly connected to Exchange.  

I've performed 320202 many times, and its always been successful for me.

Jeff
TechSoEasy
0
 
BrentDevOpsAuthor Commented:
This is turning into a major issue.  I just tried to perform the reinstall.  IIS was reinstalled without issue, but i cant reinstall exchange becase the SBS setup wont let me.  It keeps saying that SQL needs sp3 to install on server 2003.  That doesnt make any sense since this is sbs 2003!  Besides that sql sp4 is aready installed on the machine.

I think its time to call MS.  Bet they say reinstall.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
I wouldn't say that you are at the point of reinstall, but I am a bit confused by the SQL error because it has nothing to do with Exchange.  

Can you tell me what the exact error is?  And at what point in 320202 did it show up?

Jeff
TechSoEasy
0
 
BrentDevOpsAuthor Commented:
It showed up when i tried to reinstall exchange.  Some Docs on the internet and the technet news forums suggested an uninstall of sp2, install of sp1, sbs sp1 and then a reinstall of sp2.

As far as the error goes, after it analyzes the installed components, the sbs install program comes back with an error for the SQL component.  The message in the description states that SQL 2000 needs sp3 in order to run on a windows 2003 server.  

I called MS Support to see if they could get this working again.  I started at 8:40 with them and i am still on with them as i type this.  

They were able, just like me, to reinstall IIS, but exchange still wont reinstall.  They actually MANUALLY removed it.  They even went as far as to remove it from active directory.  At this point they are still unable to install it.  

They are talking about escilating it to a level 3(?) after the exchange support guy left the conference call.  My Understanding as to why they are elevating the call is that they need to have a higher level support rep reinstall and initialize the DCOM and WMI services because they think they are corrupt.  The corruption is believed to be the cause of the exchange installation failure and most likely the cause of the "page not found" issue in OWA.

At this point... i am probably going to get the server back to where it was, then get a new machine to perform a fresh install on.  He needs an actual server anyhow, this beefed up workstation has no redundancy.

 I hope MS has better news though.

0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
So, I guess you're also saying that you don't have a full backup that was made before you attempted to reinstall these things?  Because restoring that would be a whole lot simpler.

And if this is running on a PC instead of a server, then unfortunately it's just a good example as to why PC's should not be used for a server.  

Just FYI, you can't install SBS SP1 unless Exchange is running properly because it checks to be sure you have Exchange SP1 (or SP2) installed before it will proceed.  But what you are saying is that the SQL error comes from the "SBS" install program.  Why not just run the Exchange setup from disk 2 instead?  That way you can get Exchange back on the machine.  Because the Exchange Setup doesn't scan for SQL prerequisites.

The SQL error is often caused by one of the MSSQL services not runing under the "SYSTEM" account.  Or, it can happen if the companyweb SharePoint instance was reinstalled improperly at an earlier time.

The best overview of installing SP1 is at http://sbsurl.com/sp1

Jeff
TechSoEasy
0
 
BrentDevOpsAuthor Commented:
I did and still do have full backups(IIS, exchange and server).  The backup doesnt solve the OWA issue though.

As for exchange, i never did anything with it because i called MS since i couldnt uninstall it.  They tried in vain to get the installer to run from the second cd.  Like i said, they had to manually remove registry settings, delete active directory objects and then remove/rename files to uninstall exchange.  They did finally get exchange reinstalled at 5:30am.  

No more errors on the server atm, though OWA was still not working when i told them i had to leave.  I left them with it.  Now that i am awake, i realize i never saw him reattach the mailboxes.. which is probably the error he was getting before i left.

As far as the error goes, they still cant run the install cd.  After we loaded sbs sp1, it says the version is on the server is newer than the cd, then shuts down.  They acted like this was normal, so i assume it is.  

Essentially, they removed sp2, installed sp1, installed sbs sp1, installed sp2, restored the .net framework 2.0, then manually removed exchange as well as some IIS registry keys, removed sharepoint, removed IIS, reinstalled IIS, rebooted, reinstalled exchange, sp2'ed exchange.  Course OWA was still not working at this point, but that was most likely because the mailboxes were not reattached.  

I dont know who set this server up, but something was not done right originally(not to mention being on a desktop).  Every server i have ever installed, never had an issue that i had to call MS for, much less spend 10 hours on the phone.  Been doing this for 10 years, though SBS's little subset of quarks is new to me.
0
 
BrentDevOpsAuthor Commented:
Ok, everything is working now.  We definitely got our moneys worth out of MS.  They had to rebuild all the default website services, mycompany, sharepoint, and monitoring.

I remounted the exchange store when i got back to the office, OWA came right up.

So something in the original exchange installation probably hosed OWA and IIS.

I am going to award points anyhow, because you did recommend the reinstall of exchange and iis.

This one definitely sucked.. but its working now and the client is happy.

Thanks!
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Well, I also warned you about having to rebuild the other web sites... but am glad you got it fixed anyhow.

Jeff
TechSoEasy
0
 
BrentDevOpsAuthor Commented:
True, i was just going to restore each site from metabase backups, but MS actually manually removed some of the registry setting for sharepoints which also killed the sharepoint instance.  I dont know if that was intentional or not, i assume it was, but the guy spent four hours getting IIS back to its original config.

Oh one other note, Trend micro uses an iis web called officescan.  
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

  • 11
  • 11
Tackle projects and never again get stuck behind a technical roadblock.
Join Now