Solved

SBS 2008 Woes

Posted on 2010-09-03
8
748 Views
Last Modified: 2012-05-10
Hi All,

Hoping someone can help.
Small network 5 users tops.
HP Proliant ML AMD Opteron Quad Core 1354 2.2GHz, 4GB Ram, 64Bit Windows SBS2008 Premium.
At all times CPU Usage sits at around 50% - 80%, physical Ram sits at around 90% 105 processes running. Store.exe using most Ram at 308MB w3wp.exe using 201MB and so on.
I have stopped the AV and restricted the SQL and Exchange RAM but its out of control, the user interface is so sluggish its barely usable!

Secondary issue, cannot access https://localhost/certsrv to create an exchange cert as all users are getting security prompts regarding the name on the cert.  I get 404 error path could not be found, IIS points to c:\windows\system32\certsrv\en-us\default.aspx but error path points to c:\program files\windows small business server\bin\webapp\certsrv which doesnt exist.

Please can someone help!

Thanks
Sparky
0
Comment
Question by:sparky1977
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 10

Expert Comment

by:tmoore1962
ID: 33598546
IF you have SBS you should be able to create the cert by running the Remote Web workplace wizard.  Follow onscreen instructions to create and distribute the cert.
0
 
LVL 1

Author Comment

by:sparky1977
ID: 33598733
thats fine but the internal and external domains are different, internal is domain.local, external is domain.co.uk i need to add both and the wizard does not let me do so.
0
 
LVL 1

Author Comment

by:sparky1977
ID: 33598968
I would just like to add that i dont want a 3rd party cert, i need to create a cert with remote.domain.local, autodiscover.domain.local, server.domain.local, remote.domain.co.uk, autodiscover.domain.co.uk and mail.domain.co.uk but i cant find a way to do this.
Normally for exchange you just create your request and off you go with certsrv but that does not appear to be the case in SBS2008.
0
Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

 
LVL 2

Accepted Solution

by:
dgenerosa earned 500 total points
ID: 33599064
As far as the performance goes remember you are running at the bare minimum for RAM. See http://www.microsoft.com/sbs/en/us/system-requirements.aspx 

We run our SBS2008 deployments on 8GB minimum and usually 16GB for most.

I know 4GB seems like a lot (especially considering it was the maximum you could through at an SBS2003 box), but we have found that SBS2008 really needs the RAM.

Until you upgrade the RAM I would not expect better performance.

As far as the cert goes, SBS documentation strongly suggests using the self signed cert temporarily (i.e while you get  a real cert from a CA).

You do not need to use the wizard to have multiple certs.  You can use IIS directly to add a certs to the services that require them.  I strongly suggest using a cert from a CA because users of RWW and OWA will be bogged down by the security warnings even if you match the the domains internally and externally with multiple certs.  They will still get warnings that the cert is not from a trusted provider.  We use thawte (now owned by symantec).

 
0
 
LVL 1

Author Comment

by:sparky1977
ID: 33599381
Hi, i understand your thoughts, however a small company such as theirs cannot justify the cost of a 3rd party CA just to make the messages go away, there are only two people who use the RWW and OWA anyway. What i dont get is that this was so simple in 2003 yet such a pain in 2008. Its not multiple certs i need, its a cert with all permutations of the servers names, hence the internal errors in Outlook with Cert warnings, if i change the setup again to reflect the internal name it goes away but RWW breaks and vice versa.
0
 
LVL 4

Expert Comment

by:evilsi
ID: 33603111
Hi,

This is quite common,

Firstly the ceretificate created when using the wizard should be the outside FQDN  of the server (exp: remote.mydomain.com). This will mean the outside cert will work properly for outlook anywhere once you have installed the root certificate on the client machines (unless they are domain pc's in which case its done automatically)
Then you may get the cert mismatch error when using outlook 2007 internally. If you do see this article. http://blogs.technet.com/b/sbs/archive/2010/01/05/troubleshooting-certificate-mismatch-warnings-in-outlook-2007-clients-on-small-business-server-2008.aspx 

When you have completed this you can then start to add specific certificates for RWW etc.. Do this through http://servername/certsrv

That should be it. Hope this helps.

Si.
0
 
LVL 1

Author Comment

by:sparky1977
ID: 34229643
Hi all,

Adding Ram did the trick on the performance issue.
The cert issue was solved here...

http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/

Thanks for all your help!!
0
 
LVL 1

Author Closing Comment

by:sparky1977
ID: 34229653
Solution was partially correct wrt the performance but not the cert, i found the cert solution elsewhere.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
DCOM was unable to communicate with the computer 8 60
Copy user profile 6 36
wannacry ransomware virus 2008R2 6 96
Exchange 2010 certificate warning. 5 40
If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question