how to enable 'Web Mail' in Exchange/SBS 2003
We use Exchange/SBS 2003 with SMTP & Pop3.
We have a request for web mail. can you please guide with a step by step procedure to implement the 'web mail' feature (like yahoo, gmail etc) using our server.
Thanks
We have a request for web mail. can you please guide with a step by step procedure to implement the 'web mail' feature (like yahoo, gmail etc) using our server.
Thanks
Web Mail is enabled by default. You don't need to do any special work. Simply open port 443 through your firewall, and direct users to connect to https://<firewall external IP>/exchange from outside. This will present them with a login interface to enable them to access their webmail.
For security reasons, you will need to enable SSL on the web access if you have not yet done so. This ensures data is sent encrypted between the server and the client computer - particularly important for password details. You can purchase cheap 3rd-party SSL certificates from www.certificatesforexchange.com.
-Matt
Run the Internet Connection and Email Wizard and make sure you enable Outlook Web Access in the firewall section and enable Internet Mail in the Exchange section.
If you are using the 2 network cards recommended setup then you don't need to do anything else and just follow security and SSL recommendations by tigermatt.
If you are using a 1 NIC setup, then you will have to forward traffic on the 443 port to your SBS server.
If you are using the 2 network cards recommended setup then you don't need to do anything else and just follow security and SSL recommendations by tigermatt.
If you are using a 1 NIC setup, then you will have to forward traffic on the 443 port to your SBS server.
ASKER
Thanks very much. Yes, now I am able to get the login screen, and the users are able to login, but when they do, they get this error:
"HTTP/1.1 503 Service Unavailable"
Is there a seperate security user group for Web mail?
Thanks
"HTTP/1.1 503 Service Unavailable"
Is there a seperate security user group for Web mail?
Thanks
I've seen this error screen when you lack of enough licenses.
Are ALL your users getting this error?
You can check your licenses in the Server Management console, under "Licensing".
SBS2003 comes with 5 CAL's, so if you have more than 5 users you should buy a License Pak. Let me know what you find out.
Are ALL your users getting this error?
You can check your licenses in the Server Management console, under "Licensing".
SBS2003 comes with 5 CAL's, so if you have more than 5 users you should buy a License Pak. Let me know what you find out.
ASKER
gonz-IT,
Under Licensing, Under ProductID, I see 15 installed licenses, and 11 as 'Maximum usage'.
Under License Codes, I see of them with each of 5 licenses.
In terms of the error, yes, all the users are getting it.
Thanks
Under Licensing, Under ProductID, I see 15 installed licenses, and 11 as 'Maximum usage'.
Under License Codes, I see of them with each of 5 licenses.
In terms of the error, yes, all the users are getting it.
Thanks
Restart the server and if the problem is not fixed, run the Internet Connection and Email Wizard, then run the Remote Access Wizard. The problem should be fixed.
The problem is more likely a configuraton issue than a licensing issue.
A "Service Unavailable" message usually indicates the web site or the web server services are not started on the server. Open the Services Management applet in Administrative Tools. Check the following services are started and set to 'Automatic':
World Wide Web
IIS Admin
HTTP SSL
Next, open IIS Manager, locate the 'Default Web Site' in the 'Web Sites' container, right-click and verify it is started.
-Matt
The reason I supposed a Licensing problem is because as anushahanna stated, the users get to the login screen, and after the login screen they get the service unavailable error. So, www and ssl services are up and running.
If the number of licenses is correct, then I suggest a server restart, just to check if all services get in place in the correct order and OWA works now.
If the number of licenses is correct, then I suggest a server restart, just to check if all services get in place in the correct order and OWA works now.
That error usually comes from the WWW service being up and running, but another service being stopped or inaccessible behind the scenes. This means IIS cannot connect to Exchange, so IIS throws a Service Unavailable error.
Licenses are not generally enforced, but if it was licensing I would be expecting the Author to be seeing many other strange issues.
The usual culprit is a binding set incorrectly somewhere.
-Matt
ASKER
tigermatt
can you please suggest what config issues/binding I may check, apart from World Wide Web,
IIS Admin,HTTP SSL, dedault web site which are all running.
thanks
can you please suggest what config issues/binding I may check, apart from World Wide Web,
IIS Admin,HTTP SSL, dedault web site which are all running.
thanks
You need to first verify whether it works internally. Can you get to OWA using http://servername/exchange and/or https://servername/exchange? If so, you have a firewall issue with forwarding port 443 to the Exchange Server, and that needs to be addressed in the firewall/router device.
You stated "apart from World Wide Web". Are you implying that service is stopped - not running? If so, you must enable it. Without that running, no OWA will function at all.
-Matt
ASKER
tigermatt,
I used http://servername/exchange from internally, and it gives the same message
"HTTP/1.1 503 Service Unavailable"
When I do it from outside the local network, it shows the OWA welcome screen. If I put a wrong credentials, it is smart to deny entry. But if the right password is put, then it gives the above error message.
The following are indeed running:
World Wide Web Publishing Service (Started, Automatic)
IIS Admin Service (Started, Automatic)
HTTP SSL(Started Manual)
dedault web site (running in IIS Manager - Port 80, SSL 443)
The following are not running
Microsoft Exchange Event,
Microsoft Exchange IMAP4
Microsoft Exchange POP3
Microsoft Exchange Site Replication Service
Thanks for your help.
I used http://servername/exchange from internally, and it gives the same message
"HTTP/1.1 503 Service Unavailable"
When I do it from outside the local network, it shows the OWA welcome screen. If I put a wrong credentials, it is smart to deny entry. But if the right password is put, then it gives the above error message.
The following are indeed running:
World Wide Web Publishing Service (Started, Automatic)
IIS Admin Service (Started, Automatic)
HTTP SSL(Started Manual)
dedault web site (running in IIS Manager - Port 80, SSL 443)
The following are not running
Microsoft Exchange Event,
Microsoft Exchange IMAP4
Microsoft Exchange POP3
Microsoft Exchange Site Replication Service
Thanks for your help.
Okay - take a read through http://support.microsoft.com/kb/823159 and action the steps it describes.
-Matt
ASKER
tigermatt
I have tried every option in the article you provided, but one. I need the HKCRScan.exe file, but I searched in MS website, and it does not have it. Any thoughts on it.?
But so far, OWA does not work with all the fix.
I have also tried Step1 and 3 from the following article, with no help:
http://support.microsoft.com/?id=883380
My Remote Web Workplace works fine. Just the company web and OWA needs to work. The users are enabled for OWA in Exchange Features.
Server->Users has listed under it , the user
IUSR_SERVER
Thanks
I have tried every option in the article you provided, but one. I need the HKCRScan.exe file, but I searched in MS website, and it does not have it. Any thoughts on it.?
But so far, OWA does not work with all the fix.
I have also tried Step1 and 3 from the following article, with no help:
http://support.microsoft.com/?id=883380
My Remote Web Workplace works fine. Just the company web and OWA needs to work. The users are enabled for OWA in Exchange Features.
Server->Users has listed under it , the user
IUSR_SERVER
Thanks
At this point, I'd be abandoning trying to workaround this problem, and simply do a repair install from the Exchange installation media. This will reconfigure all the Exchange system files - but leave your mailbox databases in tact. Hopefully, if there is a configuration issue, this would resolve it.
Download a fresh copy of the Exchange Server 2003 Service Pack 2 from Microsoft at http://www.microsoft.com/downloads/details.aspx?FamilyID=535BEF85-3096-45F8-AA43-60F1F58B3C40&displaylang=en. Once you have it down, extract it and run the setup program. Go through the steps, and if you are prompted, you can choose to do a 'Repair' install. Otherwise, just let it install itself over the top of the existing install.
It will take the Exchange Services down momentarily, so users on Exchange at that time may notice a slight interruption of service.
-Matt
ASKER
Matt
I installed this 109MB SP2 version last weekend (from your link), but it showed after that there is not even SP1, so on tuesday, I installed SP1
SBS2003-KB885918-SP1-X86-E
WindowsServer2003-KB889101
WSS2003SP1-kb841876-fullfi
and also SP2 from the below link which is a lot bigger file than the one you sent:
http://www.microsoft.com/downloads/details.aspx?FamilyId=95AC1610-C232-4644-B828-C55EEC605D55&displaylang=en
What do you think is the difference between the 109MB and 372MB SP2?
Regardless, I tried both these versions, and the 372MB was done on tuesday July 21st.
Let me know if I should try again the same file. I have all these files saved.
Apart from this, last thursday, I found 2 hijack files on the system. Could they be causing any issues related to OWA?
These are the 2 files.I am working on removing it.
HKEY_CURRENT_USER\SOFTWARE
HKEY_CURRENT_USER\SOFTWARE
Thanks
I installed this 109MB SP2 version last weekend (from your link), but it showed after that there is not even SP1, so on tuesday, I installed SP1
SBS2003-KB885918-SP1-X86-E
WindowsServer2003-KB889101
WSS2003SP1-kb841876-fullfi
and also SP2 from the below link which is a lot bigger file than the one you sent:
http://www.microsoft.com/downloads/details.aspx?FamilyId=95AC1610-C232-4644-B828-C55EEC605D55&displaylang=en
What do you think is the difference between the 109MB and 372MB SP2?
Regardless, I tried both these versions, and the 372MB was done on tuesday July 21st.
Let me know if I should try again the same file. I have all these files saved.
Apart from this, last thursday, I found 2 hijack files on the system. Could they be causing any issues related to OWA?
These are the 2 files.I am working on removing it.
HKEY_CURRENT_USER\SOFTWARE
HKEY_CURRENT_USER\SOFTWARE
Thanks
ASKER
Matt
Can you please help me verify some settings, that I noted down from the server. I am concerned about the local path issue. Thanks
--------------
1)In IIS Manager, by right click 'Default
Web Site' -> Properties->'Directory Security' tab->'Edit' in 'Authentication and access control'->'Enable anonymous access' and 'Integrated Windows
authentication' are checked. Other options are not checked.
2a)Under properties for 'Exadmin', only 'Integrated Windows authentication' is checked.
2b)for 'Exadmin', Virtual Directory-> Local Path is '\\.\BackOfficeStorage'
I believe, the local directory is C:\Inetpub. Should this under 'Local path'?
3a)Under properties for 'Exchange', only 'Basic Authentication' is checked; also under "Secure communications"->Edit, the "Require secure channel (SSL)" and "Require 128-bit
encryption" are checked.
3b)Exchange - Default Domain is '\' under Authentication Methods
3c)Exchange - Virtual Directory ->Local Path is '\\.\BackOfficeStorage\dom
I believe, the local directory is C:\Inetpub. Should this under 'Local path'?
4)Under 'ExchWeb'->Properties, only 'Enable anonymous access' is checked.
Please see the attached picture of c:\Inetpub. Can you please tell me if that should be the local path for Exaadmin and Exchange folders under IIS manager-> Default Web Site. Will this impact OWA?
inetpub.jpg
Can you please help me verify some settings, that I noted down from the server. I am concerned about the local path issue. Thanks
--------------
1)In IIS Manager, by right click 'Default
Web Site' -> Properties->'Directory Security' tab->'Edit' in 'Authentication and access control'->'Enable anonymous access' and 'Integrated Windows
authentication' are checked. Other options are not checked.
2a)Under properties for 'Exadmin', only 'Integrated Windows authentication' is checked.
2b)for 'Exadmin', Virtual Directory-> Local Path is '\\.\BackOfficeStorage'
I believe, the local directory is C:\Inetpub. Should this under 'Local path'?
3a)Under properties for 'Exchange', only 'Basic Authentication' is checked; also under "Secure communications"->Edit, the "Require secure channel (SSL)" and "Require 128-bit
encryption" are checked.
3b)Exchange - Default Domain is '\' under Authentication Methods
3c)Exchange - Virtual Directory ->Local Path is '\\.\BackOfficeStorage\dom
I believe, the local directory is C:\Inetpub. Should this under 'Local path'?
4)Under 'ExchWeb'->Properties, only 'Enable anonymous access' is checked.
Please see the attached picture of c:\Inetpub. Can you please tell me if that should be the local path for Exaadmin and Exchange folders under IIS manager-> Default Web Site. Will this impact OWA?
inetpub.jpg
ASKER
Matt,
I ran the SBS Best Practice analysis tool: It has three issues with my server:
"DNS Client was not configured"
"Task Offloading is enabled"
"Sharepoint 2.0 RTM installed"
Do you see any trouble, related to OWA? I am also attaching the whole analysis, for the complete big picture.
Also there are 2 application log error events when I restarted the server:
MSExchangeDSAccess;Categor
MSExchangeIS; Category:General;Event 9542; User N/A; Computer :Server
Would appreciate any feedback if this could be causing any trouble to the OWA.
Thanks
Critical-All-Issues.jpg
Info-Items.jpg
I ran the SBS Best Practice analysis tool: It has three issues with my server:
"DNS Client was not configured"
"Task Offloading is enabled"
"Sharepoint 2.0 RTM installed"
Do you see any trouble, related to OWA? I am also attaching the whole analysis, for the complete big picture.
Also there are 2 application log error events when I restarted the server:
MSExchangeDSAccess;Categor
MSExchangeIS; Category:General;Event 9542; User N/A; Computer :Server
Would appreciate any feedback if this could be causing any trouble to the OWA.
Thanks
Critical-All-Issues.jpg
Info-Items.jpg
"...I installed this 109MB SP2 version last weekend (from your link), but it showed after that there is not even SP1..."
You are referring to 3 *different* service packs. You have different service packs for:
- the Operating System - Windows Server 2003
- the Email Server - Exchange Server 2003
- the Small Business Server software
Windows Server 2003 should be at Server 2003 Service Pack 2.
Exchange Server 2003 should be at Exchange Service Pack 2.
SBS should be at Service Pack 1.
Links to Service Pack downloads:
http://www.microsoft.com/downloads/details.aspx?FamilyId=95AC1610-C232-4644-B828-C55EEC605D55
http://www.microsoft.com/downloads/details.aspx?FamilyID=535BEF85-3096-45F8-AA43-60F1F58B3C40
http://www.microsoft.com/downloads/details.aspx?FamilyId=B6F8A4C0-B707-4161-ADEB-44F1B756119F
If your server is to be up-to-date, all those should be installed. According to the last screenshot you posted, it appears they are already installed.
"...I found 2 hijack files on the system. Could they be causing any issues related to OWA?..."
I wouldn't say they are hijacks. They are more likely lock-down settings applied by a Group Policy.
That said, you should never browse the Internet from your server.
"...Can you please help me verify some settings, that I noted down from the server. I am concerned about the local path issue..."
All the authentication settings you referred to sound correct. The Exchange directories are not stored in C:\Inetpub but at the \\.\BackOfficeStorage location, which ultimately resolves back to a virtual path into the Exchange database. That is not a problem - and you shouldn't see anything within C:\Inetpub regarding Exchange.
"...I ran the SBS Best Practice analysis tool: It has three issues with my server..."
Those won't affect OWA.
Have you progressed any further with this problem since your last post?
-Matt
ASKER
I have cleared out some of the errors mentioned in the SBS BP Tool. Apart from that, I am kind of going around the Microsoft documents on '503 Service not available' error, includind deleting and regenerating the virtual diectories.
thanks for verifying all the settings. it is good to know they are in their place.
thanks for verifying all the settings. it is good to know they are in their place.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks.
Calendar items were present in event logs, called MS and they resolved by deleting registry Sub-key N34d90ae5 and everything now works.
Below is the resolution from Microsoft:
"the Sub key: N34d90ae5 was causing the 503 Service Unavailable issue since it has exceeded the Default 259 characters. This problem can occur if the Exoledb library does not initialize. When the Exoledb library initializes, it scans the HKEY_CLASSES_ROOT (HKCR) registry hive for content class information. If the Exoledb library finds a ProgID with a value that exceeds 259 characters, the Exoledb library cannot initialize."
Calendar items were present in event logs, called MS and they resolved by deleting registry Sub-key N34d90ae5 and everything now works.
Below is the resolution from Microsoft:
"the Sub key: N34d90ae5 was causing the 503 Service Unavailable issue since it has exceeded the Default 259 characters. This problem can occur if the Exoledb library does not initialize. When the Exoledb library initializes, it scans the HKEY_CLASSES_ROOT (HKCR) registry hive for content class information. If the Exoledb library finds a ProgID with a value that exceeds 259 characters, the Exoledb library cannot initialize."
ASKER
A Solution, finally! Many thanks for the right diagnosis.
http://technet.microsoft.com/en-us/library/bb123645(EXCHG.65).aspx
good luck,
Yannick