• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1422
  • Last Modified:

ISA 2004, OWA and SBS 2003 issue!

This is my issue:

We have SBS 2003 R2 installed, ISA 2004. SBS box configured for OWA.

WHat happens is that we get intermittent connectivity to OWA. Trying to connect to OWA produces two to three errors:

Error code: 12206
Background: The page you requested could not be reached

Error Code: 500 Internal Server Error. The target principal name is incorrect. (-2146893022)


I refresh Internet explorer 4 to 5 times and then I connect to the OWA page and I am able to login no problem.

This is very strange and frustrating. We have tried several recommended changes:
Assigned a host header to match the https publishing rule is ISA, this did not help.
Put a host file on the sbs box itself to resolve the OWA path, this did not help.

this appears to be some sort of ISA loop issue but we cannot get it fixed. If anyone has had the same issue and knows the fix or can point us in the right direction it would be appreciated!!!
0
Jamiem11
Asked:
Jamiem11
1 Solution
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
This is generally caused by a naming problem within your SSL certificates.  Please see this KB article and it's linked troubleshooting site:  http://support.microsoft.com/kb/841664

Jeff
TechSoEasy
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
FYI, it could be due to having stale certificates installed on the machine you are connecting with as well... you might want to see about deleting any are left over from testing and such.

Jeff
TechSoEasy
0
 
Jamiem11Author Commented:
Hello Techsoeasy,

We looked into the certificate issue. the certificates name matches the server name.

We tried adding a local host file as well.

Issue is still present!  If you refresh a few times the OWA login page open fine.

Don't know where else to turn....
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Does this happen from ANY computer that connects to OWA?  Or just one?

Jeff
TechSoEasy
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Also...

"We looked into the certificate issue. the certificates name matches the server name"

Even if the certificate name matches that doesn't mean that you don't have a stale certificate stored which has a different thumbprint than the one on the server.  I would still recommend that you delete the one on the remote machine and allow a new one to be installed when you reconnect with OWA.

Jeff
TechSoEasy
0
 
manicsquirrelCommented:
From pskemp, http://www.experts-exchange.com/Security/Software_Firewalls/Q_21647783.html?eeSearch=true

"Fixed it, had to change the name of the server to publish to match the external DNS name. The ICW seems to set it to publishing.kbtech.local which matched the self generated certificate issued-to name, so when i used the new certiifcate which issued-name is the external DNS name it failed."
0
 
madmanaliCommented:
I had exactly same problem after tryin to put a .co.uk certificate on a sbs2003 which had a fqdn of .local
After struggling, I was able to use ceicw and follow through the setup again and bang it works.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now