• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 922
  • Last Modified:

403 Error when connecting IIS7 after Migration from SBS 2003

This may be an easy one...

I had a domain setup on our old SBS 2003 box for remote access. I have all the DNS settings and a lot of mobile devices (iPhones) setup to use the old domain name..

The domain I had setup was local.domainname.com

Windows SBS2008 wants to use remote.domainename.com for the same purpose. I added the binding local.domainname.com to the SBS Web Applications and when I try to go to that site I get a 403 Error. If I go to remote.domainname.com it works...

I want to enable the local.domainname.com to ease the transition, esp for the mobile device users using Activesync, since all of them are setup using local.domainname.com.

Strange thing is that before I went through the internet setup wizard it worked.

So basic question is how to I add the binding local.domainname.com to the WBS Web Applications and have it resolve instead of giving a 403 error?

  • 3
  • 3
1 Solution
Shreedhar EtteCommented:
Re-run the Internet setup wizard.

RWW is installed on the server during SBS Setup, but is not fully configured for Internet access until you complete the “Internet Address Management Wizard” (IAMW). Note: If you are using a 3rd party SSL certificate, you must complete the “Add A Trusted Certificate Wizard” also. It is installed as the remote virtual directory under the SBS Web Applications site, which accepts SSL connections on port 443.

By default, the IAMW will add the prefix “remote” to your chosen domain name to distinguish the SBS 2008 in your web presence as the remote user portal. In this case, if you chose contoso.com as your domain name, you would access RWW using “https://remote.contoso.com”.

You can change the default setting to something other then REMOTe if you like

Other solutions...

1) open your DNS console... add a new A record called LOCAL in the domain.com forward lookup zone.  Associate the internal IP address of your 2008 SBS server to this record.

now when people ping local.domainname.com they will resolve properly to the sbs server... the http link will work too.
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

ClintSwineyAuthor Commented:
I added a DNS zone and the resolution works just right... The problem is when I go to local.domainname.com it gives this:

I have a DNS Zone named local.domainname.com, it has a single A record, same as parent pointing to the server IP. Exactally the same as remote.domainname.com

I have a binding setup in IIS on the SBS Web Applications for local.domainname.com.

When I connect to local.domainname.com I get this:

Server Error
403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.

If I connect to remote.domainname.com it brings up the RWW login page.
Ok... sorry about that...

Then go throught the Intenet Connection wizard again...  (oh... and delete the A record you created first)  Change remote to LOCAL in this section of the wizard:


ClintSwineyAuthor Commented:
I can totally do that but I want to use both local and remote... If I have to change it I may as well leave it since it's working... Eventually all the clients will be moved over to remote, I like the sound of it better than local anyway! But I'll continue to pursue getting this operational. If I find a solution I'll post back here.
ClintSwineyAuthor Commented:
Just FYI I never did find an answer. Other than this:

You can only have one domain for remote access. So I changed all the clients to remote.xxx.xxx

No solution but at least it's an answer.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now