SBS 2008 + Exchange 2007 + IIS Problem with OWA

When I try to access the virtual directory named "Exchange" in IIS I receive an error that the path no longer exists. I am just wondering what I need to do to recover this. I am trying to make Outlook Anywhere work and this has become an obstacle. This is all configured during the installation process for SBS 2008 and I am not sure if a change I've made has caused this problem. Please help.
J CAsked:
Who is Participating?
 
endital1097Commented:
run the following from the exchnage management shell
get-outlookanywhere | fl

if it says rpc (Default Web Site) that is your issue
run
get-outlookanywhere | set-outlookanywhere -Name "Rpc (SBS Web Applications)"
0
 
endital1097Commented:
you need to use /owa
0
 
endital1097Commented:
exchange was the vdir for 2003
2007 uses owa
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
J CAuthor Commented:
If RPC over http isn't working out of the box with SBS 2008/Exchange 2007 do you know of what I could check that may be wrong? I verified RPC over HTTP is installed on the SBS and that Outlook Anywhere is enabled within the ESM. I have the security certificate installed on both the server and the workstation that I am trying to configure for Outlook Anywhere.

I get an error that the exchange server must be online.

Outlook is configured for RPC over HTTP. I can connect to the OWA from outside, no issues there.
0
 
J CAuthor Commented:
It was set to Default Web Site. This is the error I receive when I try to run the command.

WARNING: IIS://WIN2008SBS.habitat01.local/W3SVC/1/ROOT/Rpc was not found. Please make sure you have typed it correctly.
0
 
endital1097Commented:
verify that rpc proxy is installed
in iis manager look under the sbs web applications site for a rpc virutal directory
0
 
J CAuthor Commented:
Verified both
0
 
sunnyc7Commented:
Can you test your RPC

http://www.testexchangeconnectivity.com/
Test for outlook anywhere and post back here.

thanks
0
 
endital1097Commented:
i would go into server configuration and disable outlook anywhere
wait a few minutes then enable outlook anywhere
0
 
J CAuthor Commented:
Results:
 
ExRCA is testing RPC/HTTP connectivity.
  The RPC/HTTP test failed.
   Test Steps
   Attempting to resolve the host name remote.mydomain.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: x.x.x.x
 
 Testing TCP Port 443 on host remote.mydomain.com to ensure it is listening and open.
  The port was opened successfully.
 ExRCA is testing the SSL certificate to make sure it's valid.
  The SSL certificate failed one or more certificate validation checks.
 
 
0
 
J CAuthor Commented:
Can you use a self signed cert with exchange 2007/Outlook anywhere? It should just be a matter of having the cert installed right?
0
 
endital1097Commented:
you can, but your windows clients must install the cert to trust it
0
 
sunnyc7Commented:
its better to go with UCC/SAN certs for exchange 2007, as you will need it for phones / outlook / rpc/https
You can get one from godaddy here
https://www.godaddy.com/ssl/ssl-certificates.aspx

add

mail.domain.com
autodiscover.domain.com
mail.domain.local
mail (exchange mail server name)
0
 
endital1097Commented:
agree with sunnyc7
i was just answering your question if it was possible :)
0
 
J CAuthor Commented:
I have the cert installed on the windows client that I have configured Outlook Anywhere for. Can you think of any other reason this wouldn't be working?
0
 
J CAuthor Commented:
I did try to disable and re-enable Outlook Anywhere.
0
 
sunnyc7Commented:
run this from the workstation where you have the cert installed.

RPCPing.exe -t ncacn_http -o RpcProxy=fqdn.yourdomain.com -P "testuser,yourdomain,testpassword" -I "testuser,yourdomain,testpassword" -H 1 -u 10 -a connect -F 3 -E -v -3 -R none -q

post back what you get.
whether you get a ping response or get error 87
0
 
endital1097Commented:
i believe it is because it points the the default web site
can you try it again

Get-OutlookAnywhere | Set-OutlookAnywhere -Name "Rpc (SBS Web Application)"
0
 
J CAuthor Commented:
endital1097,

I ran this command again:

get-outlookanywhere | fl

Even though it had given me the error when I tried to change it from "Default Website" it did make the change so that it reflects SBS Web Application now. I don't know if the server needs to be restarted but Outlook will still not connect.

sunnyc7,
yourdomain=internal domain? I did receive error 87.
0
 
J CAuthor Commented:
It is using port 443 for the rpcping right? I don't have port 80 open in the firewall.
0
 
sunnyc7Commented:
a) can you ping before you can rpcping ?

b) Restart service RPC client access
start > run > services.msc

c)
run this from exchange shell

get-outlookanywhere | fl IISAuthenticationMethods

IIS auth has to be basic and NTLM
0
 
J CAuthor Commented:
a) Not sure what you mean here.

b) I don't have a RPC client access service. The RPC service doesn't allow me to restart it. I am logged into the server as an admin...Maybe thats normal behavior?

c) IISAuthenticationMethods: Basic was the result
0
 
sunnyc7Commented:
set-OutlookAnywhere -IISAuthenticationMethods: Basic,Ntlm
set-outlookprovider EXPR -CertPrincipalName:remote.domain.com -server $null


where remote.domain.com is listed in your cert
is listed in your external DNS and points to your public IP
or is your primary MX

--
I meant can you ping the server first, before you try rpcping.

please run the commands above.

-
Can you restart the server @ RPC wont allow you to restart.
0
 
J CAuthor Commented:
When I run the first command, I get prompted for Identity...What should I enter there?

This is the message I receive "cmdlet set-OutlookAnywhere at command pipeline position 1 Supply values for the following parameters:"

Yes I can ping the server and it does resolve correctly. I will restart the server as soon as I make sure I have successfully set the AuthenticationMethods
0
 
sunnyc7Commented:
can you do this
get-outlookanywhere | fl

look for identity field and copy paste that within quotes below
then run it again.

set-OutlookAnywhere -identity:" " -IISAuthenticationMethods: Basic,Ntlm

0
 
J CAuthor Commented:
It accepted it. I will reboot as soon as I can and post back with results.
0
 
sunnyc7Commented:
I am out for the day.

Please post back here. We get alerts when you update the case.

have a good weekend.
0
 
endital1097Commented:
when do you think you'll have a chance to reboot
0
 
J CAuthor Commented:
After 5pm PST
0
 
endital1097Commented:
thx
0
 
J CAuthor Commented:
It still isn't working. Here are a few things I've noticed that may be causing my grief.

I tried to test the connection on the RPC virtual directory and here is the warning/error message I received. I don't know if this is normal behavior.

The server is configured to use pass-through authentication with a built-in account to access the specified physical path. However, IIS Manager cannot verify whether the built-in account has access. Make sure that the application pool identity has Read access to the physical path. If this server is joined to a domain, and the application pool identity is NetworkService or LocalSystem, verify that <domain>\<computer_name>$ has Read access to the physical path. Then test these settings again.

Also,

I installed the cert on the workstation I am trying to configure Outlook Anywhere on but I noticed that within a few hours of installing the cert that I am once again given a security certificate warning when I browse to remote.mydomain.com. I've never had that happen before.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.