?
Solved

SBS 2008 Woes

Posted on 2010-09-03
8
Medium Priority
?
758 Views
Last Modified: 2012-05-10
Hi All,

Hoping someone can help.
Small network 5 users tops.
HP Proliant ML AMD Opteron Quad Core 1354 2.2GHz, 4GB Ram, 64Bit Windows SBS2008 Premium.
At all times CPU Usage sits at around 50% - 80%, physical Ram sits at around 90% 105 processes running. Store.exe using most Ram at 308MB w3wp.exe using 201MB and so on.
I have stopped the AV and restricted the SQL and Exchange RAM but its out of control, the user interface is so sluggish its barely usable!

Secondary issue, cannot access https://localhost/certsrv to create an exchange cert as all users are getting security prompts regarding the name on the cert.  I get 404 error path could not be found, IIS points to c:\windows\system32\certsrv\en-us\default.aspx but error path points to c:\program files\windows small business server\bin\webapp\certsrv which doesnt exist.

Please can someone help!

Thanks
Sparky
0
Comment
Question by:sparky1977
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 10

Expert Comment

by:tmoore1962
ID: 33598546
IF you have SBS you should be able to create the cert by running the Remote Web workplace wizard.  Follow onscreen instructions to create and distribute the cert.
0
 
LVL 1

Author Comment

by:sparky1977
ID: 33598733
thats fine but the internal and external domains are different, internal is domain.local, external is domain.co.uk i need to add both and the wizard does not let me do so.
0
 
LVL 1

Author Comment

by:sparky1977
ID: 33598968
I would just like to add that i dont want a 3rd party cert, i need to create a cert with remote.domain.local, autodiscover.domain.local, server.domain.local, remote.domain.co.uk, autodiscover.domain.co.uk and mail.domain.co.uk but i cant find a way to do this.
Normally for exchange you just create your request and off you go with certsrv but that does not appear to be the case in SBS2008.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 2

Accepted Solution

by:
dgenerosa earned 1500 total points
ID: 33599064
As far as the performance goes remember you are running at the bare minimum for RAM. See http://www.microsoft.com/sbs/en/us/system-requirements.aspx 

We run our SBS2008 deployments on 8GB minimum and usually 16GB for most.

I know 4GB seems like a lot (especially considering it was the maximum you could through at an SBS2003 box), but we have found that SBS2008 really needs the RAM.

Until you upgrade the RAM I would not expect better performance.

As far as the cert goes, SBS documentation strongly suggests using the self signed cert temporarily (i.e while you get  a real cert from a CA).

You do not need to use the wizard to have multiple certs.  You can use IIS directly to add a certs to the services that require them.  I strongly suggest using a cert from a CA because users of RWW and OWA will be bogged down by the security warnings even if you match the the domains internally and externally with multiple certs.  They will still get warnings that the cert is not from a trusted provider.  We use thawte (now owned by symantec).

 
0
 
LVL 1

Author Comment

by:sparky1977
ID: 33599381
Hi, i understand your thoughts, however a small company such as theirs cannot justify the cost of a 3rd party CA just to make the messages go away, there are only two people who use the RWW and OWA anyway. What i dont get is that this was so simple in 2003 yet such a pain in 2008. Its not multiple certs i need, its a cert with all permutations of the servers names, hence the internal errors in Outlook with Cert warnings, if i change the setup again to reflect the internal name it goes away but RWW breaks and vice versa.
0
 
LVL 4

Expert Comment

by:evilsi
ID: 33603111
Hi,

This is quite common,

Firstly the ceretificate created when using the wizard should be the outside FQDN  of the server (exp: remote.mydomain.com). This will mean the outside cert will work properly for outlook anywhere once you have installed the root certificate on the client machines (unless they are domain pc's in which case its done automatically)
Then you may get the cert mismatch error when using outlook 2007 internally. If you do see this article. http://blogs.technet.com/b/sbs/archive/2010/01/05/troubleshooting-certificate-mismatch-warnings-in-outlook-2007-clients-on-small-business-server-2008.aspx 

When you have completed this you can then start to add specific certificates for RWW etc.. Do this through http://servername/certsrv

That should be it. Hope this helps.

Si.
0
 
LVL 1

Author Comment

by:sparky1977
ID: 34229643
Hi all,

Adding Ram did the trick on the performance issue.
The cert issue was solved here...

http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/

Thanks for all your help!!
0
 
LVL 1

Author Closing Comment

by:sparky1977
ID: 34229653
Solution was partially correct wrt the performance but not the cert, i found the cert solution elsewhere.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question