stephenbuckton
asked on
Exchange Transition 2003 to 2007 OWA not working for migrated mailboxes onto 2007
I'm doing a transition from Exchange 2003 (SP2) running on Windows 2000 Advanced Server (SP4) to Exchange 2007 (SP2) running on Windows Server 2008 (SP2).
I moved a test account from my Exchange 2003 server onto the clustered 2007 mailbox server, but the problem is that every time I try to access OWA 2003 interface my exchange 2007 mailbox redirection isn't working, it only shows me an "Internet Explorer cannot display the webpage" error, the environment scenario I have is as follows:
-server1 owa 2003 on Windows 2000 Advanced Server with SSL form based authentication.
-server2 CAS - 2008.
-server3 HUB - 2008
-server4 MBX (Clustered CCR) - 2008
-server5 MBX (Clustered CCR) - 2008
As I understand from this article http://technet.microsoft.com/en-us/library/bb885041(EXCHG.80).aspx if the mailbox is still on Exchange 2003 it should redirect back, but I may not have IIS permissions set correctly?
Any assistance is greatly appreciated.
Thanks
Stephen.
I moved a test account from my Exchange 2003 server onto the clustered 2007 mailbox server, but the problem is that every time I try to access OWA 2003 interface my exchange 2007 mailbox redirection isn't working, it only shows me an "Internet Explorer cannot display the webpage" error, the environment scenario I have is as follows:
-server1 owa 2003 on Windows 2000 Advanced Server with SSL form based authentication.
-server2 CAS - 2008.
-server3 HUB - 2008
-server4 MBX (Clustered CCR) - 2008
-server5 MBX (Clustered CCR) - 2008
As I understand from this article http://technet.microsoft.com/en-us/library/bb885041(EXCHG.80).aspx if the mailbox is still on Exchange 2003 it should redirect back, but I may not have IIS permissions set correctly?
Any assistance is greatly appreciated.
Thanks
Stephen.
In short run the command
set-mailbox -identity "testacountalis" -applymandatoryproperties
Please feel free to revert in case of any queries
set-mailbox -identity "testacountalis" -applymandatoryproperties
Please feel free to revert in case of any queries
ASKER
None of my mailboxes were showing within the EMC as LegacyMailbox but I tried the command on a test user account anyway but it didn't make any difference.
please check the Authentication mechanism for the following Virtual Directories in E2k7 as mentioned below:-
Autodiscover-> Basic+Windows Integrated - SSL was disabled. == Enabled SSL
EWS-> Windows Integrated -- SSL was disabled. == Enabled SSL.
OAB-> Windows Integrated.
Autodiscover-> Basic+Windows Integrated - SSL was disabled. == Enabled SSL
EWS-> Windows Integrated -- SSL was disabled. == Enabled SSL.
OAB-> Windows Integrated.
ASKER
On my CAS server I already have SSL enabled for Autodiscover & EWS, I've also got the authentication configured for each virtual directory as per the attached screenshot.
Authentication-Settings.png
Authentication-Settings.png
Hello,
If I understand correctly, you have moved a mailbox from your Exchange 2003 server to your Exchange 2007 server and are trying to access the Exchange 2007 mailbox through the Exchange 2003 OWA interface. If I understand your issue correctly, what you are attempting is not possible. You cannot access an Exchange 2007 mailbox through the Exchange 2003 OWA.
In a coexistance scenario, you need to redirect all your client traffic through the Exchange 2007 CAS servers before you start moving mailboxes. The CAS server can proxy requests for both Exchange 2003 and Exchange 2007 mailboxes.
JJ
If I understand correctly, you have moved a mailbox from your Exchange 2003 server to your Exchange 2007 server and are trying to access the Exchange 2007 mailbox through the Exchange 2003 OWA interface. If I understand your issue correctly, what you are attempting is not possible. You cannot access an Exchange 2007 mailbox through the Exchange 2003 OWA.
In a coexistance scenario, you need to redirect all your client traffic through the Exchange 2007 CAS servers before you start moving mailboxes. The CAS server can proxy requests for both Exchange 2003 and Exchange 2007 mailboxes.
JJ
ASKER
Hi, yes that is the situation I am in, do I need to point my external IP to the external name I have assigned to the External URL on my CAS server? Do I need to copy any certificates across to the CAS server from my Exchange 2003 server? I'm just a little worried if I do this and it doesn't work for some reason I'll have blocked OWA for all my Exchnage 2003 users.
Thanks
Stephen.
Thanks
Stephen.
Do you only have one external IP on your network? If possible, it would be best to NAT out your CAS server as a new IP. Did you purchase a SAN cert for your Exchange 2007 server? If not, you will need to get one. Here are the instructions on how to setup a SAN cert - http://www.msexchange.org/articles_tutorials/exchange-server-2007/mobility-client-access/securing-exchange-2007-client-access-server-3rd-party-san-certificate.html
JJ
JJ
ASKER
Thanks for the update, before I look at the external side of OWA I'd like to get it working internally, if I browse to the CAS Internal URL and enter the credentials of a 2003 mailbox user I get the following message "The mailbox may be stored on a Microsoft Exchange 2000 or Microsoft Exchange 2003 server, or the Active Directory user account was created recently and has not yet replicated to the Active Directory site where this Client Access server is hosted".
On Exchange 2003 we are using forms based authentification, does this need to be changed to integrated?
Thanks
Stephen.
On Exchange 2003 we are using forms based authentification, does this need to be changed to integrated?
Thanks
Stephen.
When you want to connect to an Exchange 2003 mailbox, you need to use the /exchange virtual difectory and not the /owa virtual directory.
JJ
JJ
ASKER
Hi, we also logged this call with Microsoft and have only just had a resolution through from them today, if this call can be left open I'll post the fix so that other members can see the resolution process for this issue.
Thanks
Stephen.
Thanks
Stephen.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://support.microsoft.com/kb/931747