Link to home
Create AccountLog in
Avatar of J C
J CFlag for United States of America

asked on

SBS 2008 + Exchange 2007 + IIS Problem with OWA

When I try to access the virtual directory named "Exchange" in IIS I receive an error that the path no longer exists. I am just wondering what I need to do to recover this. I am trying to make Outlook Anywhere work and this has become an obstacle. This is all configured during the installation process for SBS 2008 and I am not sure if a change I've made has caused this problem. Please help.
Avatar of endital1097
Flag of United States of America image

you need to use /owa
exchange was the vdir for 2003
2007 uses owa
Avatar of J C


If RPC over http isn't working out of the box with SBS 2008/Exchange 2007 do you know of what I could check that may be wrong? I verified RPC over HTTP is installed on the SBS and that Outlook Anywhere is enabled within the ESM. I have the security certificate installed on both the server and the workstation that I am trying to configure for Outlook Anywhere.

I get an error that the exchange server must be online.

Outlook is configured for RPC over HTTP. I can connect to the OWA from outside, no issues there.
Avatar of endital1097
Flag of United States of America image

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of J C


It was set to Default Web Site. This is the error I receive when I try to run the command.

WARNING: IIS://WIN2008SBS.habitat01.local/W3SVC/1/ROOT/Rpc was not found. Please make sure you have typed it correctly.
verify that rpc proxy is installed
in iis manager look under the sbs web applications site for a rpc virutal directory
Avatar of J C


Verified both
Can you test your RPC
Test for outlook anywhere and post back here.

i would go into server configuration and disable outlook anywhere
wait a few minutes then enable outlook anywhere
Avatar of J C


ExRCA is testing RPC/HTTP connectivity.
  The RPC/HTTP test failed.
   Test Steps
   Attempting to resolve the host name in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: x.x.x.x
 Testing TCP Port 443 on host to ensure it is listening and open.
  The port was opened successfully.
 ExRCA is testing the SSL certificate to make sure it's valid.
  The SSL certificate failed one or more certificate validation checks.
Avatar of J C


Can you use a self signed cert with exchange 2007/Outlook anywhere? It should just be a matter of having the cert installed right?
you can, but your windows clients must install the cert to trust it
its better to go with UCC/SAN certs for exchange 2007, as you will need it for phones / outlook / rpc/https
You can get one from godaddy here

mail (exchange mail server name)
agree with sunnyc7
i was just answering your question if it was possible :)
Avatar of J C


I have the cert installed on the windows client that I have configured Outlook Anywhere for. Can you think of any other reason this wouldn't be working?
Avatar of J C


I did try to disable and re-enable Outlook Anywhere.
run this from the workstation where you have the cert installed.

RPCPing.exe -t ncacn_http -o -P "testuser,yourdomain,testpassword" -I "testuser,yourdomain,testpassword" -H 1 -u 10 -a connect -F 3 -E -v -3 -R none -q

post back what you get.
whether you get a ping response or get error 87
i believe it is because it points the the default web site
can you try it again

Get-OutlookAnywhere | Set-OutlookAnywhere -Name "Rpc (SBS Web Application)"
Avatar of J C



I ran this command again:

get-outlookanywhere | fl

Even though it had given me the error when I tried to change it from "Default Website" it did make the change so that it reflects SBS Web Application now. I don't know if the server needs to be restarted but Outlook will still not connect.

yourdomain=internal domain? I did receive error 87.
Avatar of J C


It is using port 443 for the rpcping right? I don't have port 80 open in the firewall.
a) can you ping before you can rpcping ?

b) Restart service RPC client access
start > run > services.msc

run this from exchange shell

get-outlookanywhere | fl IISAuthenticationMethods

IIS auth has to be basic and NTLM
Avatar of J C


a) Not sure what you mean here.

b) I don't have a RPC client access service. The RPC service doesn't allow me to restart it. I am logged into the server as an admin...Maybe thats normal behavior?

c) IISAuthenticationMethods: Basic was the result
set-OutlookAnywhere -IISAuthenticationMethods: Basic,Ntlm
set-outlookprovider EXPR -server $null

where is listed in your cert
is listed in your external DNS and points to your public IP
or is your primary MX

I meant can you ping the server first, before you try rpcping.

please run the commands above.

Can you restart the server @ RPC wont allow you to restart.
Avatar of J C


When I run the first command, I get prompted for Identity...What should I enter there?

This is the message I receive "cmdlet set-OutlookAnywhere at command pipeline position 1 Supply values for the following parameters:"

Yes I can ping the server and it does resolve correctly. I will restart the server as soon as I make sure I have successfully set the AuthenticationMethods
can you do this
get-outlookanywhere | fl

look for identity field and copy paste that within quotes below
then run it again.

set-OutlookAnywhere -identity:" " -IISAuthenticationMethods: Basic,Ntlm

Avatar of J C


It accepted it. I will reboot as soon as I can and post back with results.
I am out for the day.

Please post back here. We get alerts when you update the case.

have a good weekend.
when do you think you'll have a chance to reboot
Avatar of J C


After 5pm PST
Avatar of J C


It still isn't working. Here are a few things I've noticed that may be causing my grief.

I tried to test the connection on the RPC virtual directory and here is the warning/error message I received. I don't know if this is normal behavior.

The server is configured to use pass-through authentication with a built-in account to access the specified physical path. However, IIS Manager cannot verify whether the built-in account has access. Make sure that the application pool identity has Read access to the physical path. If this server is joined to a domain, and the application pool identity is NetworkService or LocalSystem, verify that <domain>\<computer_name>$ has Read access to the physical path. Then test these settings again.


I installed the cert on the workstation I am trying to configure Outlook Anywhere on but I noticed that within a few hours of installing the cert that I am once again given a security certificate warning when I browse to I've never had that happen before.