Solved

SBS 2008 + Exchange 2007 + IIS Problem with OWA

Posted on 2010-09-10
31
457 Views
Last Modified: 2012-05-10
When I try to access the virtual directory named "Exchange" in IIS I receive an error that the path no longer exists. I am just wondering what I need to do to recover this. I am trying to make Outlook Anywhere work and this has become an obstacle. This is all configured during the installation process for SBS 2008 and I am not sure if a change I've made has caused this problem. Please help.
0
Comment
Question by:J C
  • 14
  • 10
  • 7
31 Comments
 
LVL 32

Expert Comment

by:endital1097
ID: 33648756
you need to use /owa
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33648764
exchange was the vdir for 2003
2007 uses owa
0
 

Author Comment

by:J C
ID: 33649107
If RPC over http isn't working out of the box with SBS 2008/Exchange 2007 do you know of what I could check that may be wrong? I verified RPC over HTTP is installed on the SBS and that Outlook Anywhere is enabled within the ESM. I have the security certificate installed on both the server and the workstation that I am trying to configure for Outlook Anywhere.

I get an error that the exchange server must be online.

Outlook is configured for RPC over HTTP. I can connect to the OWA from outside, no issues there.
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 500 total points
ID: 33649170
run the following from the exchnage management shell
get-outlookanywhere | fl

if it says rpc (Default Web Site) that is your issue
run
get-outlookanywhere | set-outlookanywhere -Name "Rpc (SBS Web Applications)"
0
 

Author Comment

by:J C
ID: 33649250
It was set to Default Web Site. This is the error I receive when I try to run the command.

WARNING: IIS://WIN2008SBS.habitat01.local/W3SVC/1/ROOT/Rpc was not found. Please make sure you have typed it correctly.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33649298
verify that rpc proxy is installed
in iis manager look under the sbs web applications site for a rpc virutal directory
0
 

Author Comment

by:J C
ID: 33649317
Verified both
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33649349
Can you test your RPC

http://www.testexchangeconnectivity.com/
Test for outlook anywhere and post back here.

thanks
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33649594
i would go into server configuration and disable outlook anywhere
wait a few minutes then enable outlook anywhere
0
 

Author Comment

by:J C
ID: 33649965
Results:
 
ExRCA is testing RPC/HTTP connectivity.
  The RPC/HTTP test failed.
   Test Steps
   Attempting to resolve the host name remote.mydomain.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: x.x.x.x
 
 Testing TCP Port 443 on host remote.mydomain.com to ensure it is listening and open.
  The port was opened successfully.
 ExRCA is testing the SSL certificate to make sure it's valid.
  The SSL certificate failed one or more certificate validation checks.
 
 
0
 

Author Comment

by:J C
ID: 33649975
Can you use a self signed cert with exchange 2007/Outlook anywhere? It should just be a matter of having the cert installed right?
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33649980
you can, but your windows clients must install the cert to trust it
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33649994
its better to go with UCC/SAN certs for exchange 2007, as you will need it for phones / outlook / rpc/https
You can get one from godaddy here
https://www.godaddy.com/ssl/ssl-certificates.aspx

add

mail.domain.com
autodiscover.domain.com
mail.domain.local
mail (exchange mail server name)
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33650010
agree with sunnyc7
i was just answering your question if it was possible :)
0
 

Author Comment

by:J C
ID: 33650013
I have the cert installed on the windows client that I have configured Outlook Anywhere for. Can you think of any other reason this wouldn't be working?
0
How does your email signature look on mobiles?

Do your employees use mobile devices to reply to emails? With mobile becoming increasingly important to the business world, it is in your best interest to make sure that your email signature looks great across all types of devices.

 

Author Comment

by:J C
ID: 33650014
I did try to disable and re-enable Outlook Anywhere.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33650026
run this from the workstation where you have the cert installed.

RPCPing.exe -t ncacn_http -o RpcProxy=fqdn.yourdomain.com -P "testuser,yourdomain,testpassword" -I "testuser,yourdomain,testpassword" -H 1 -u 10 -a connect -F 3 -E -v -3 -R none -q

post back what you get.
whether you get a ping response or get error 87
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33650028
i believe it is because it points the the default web site
can you try it again

Get-OutlookAnywhere | Set-OutlookAnywhere -Name "Rpc (SBS Web Application)"
0
 

Author Comment

by:J C
ID: 33650204
endital1097,

I ran this command again:

get-outlookanywhere | fl

Even though it had given me the error when I tried to change it from "Default Website" it did make the change so that it reflects SBS Web Application now. I don't know if the server needs to be restarted but Outlook will still not connect.

sunnyc7,
yourdomain=internal domain? I did receive error 87.
0
 

Author Comment

by:J C
ID: 33650240
It is using port 443 for the rpcping right? I don't have port 80 open in the firewall.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33650291
a) can you ping before you can rpcping ?

b) Restart service RPC client access
start > run > services.msc

c)
run this from exchange shell

get-outlookanywhere | fl IISAuthenticationMethods

IIS auth has to be basic and NTLM
0
 

Author Comment

by:J C
ID: 33650486
a) Not sure what you mean here.

b) I don't have a RPC client access service. The RPC service doesn't allow me to restart it. I am logged into the server as an admin...Maybe thats normal behavior?

c) IISAuthenticationMethods: Basic was the result
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33650546
set-OutlookAnywhere -IISAuthenticationMethods: Basic,Ntlm
set-outlookprovider EXPR -CertPrincipalName:remote.domain.com -server $null


where remote.domain.com is listed in your cert
is listed in your external DNS and points to your public IP
or is your primary MX

--
I meant can you ping the server first, before you try rpcping.

please run the commands above.

-
Can you restart the server @ RPC wont allow you to restart.
0
 

Author Comment

by:J C
ID: 33650618
When I run the first command, I get prompted for Identity...What should I enter there?

This is the message I receive "cmdlet set-OutlookAnywhere at command pipeline position 1 Supply values for the following parameters:"

Yes I can ping the server and it does resolve correctly. I will restart the server as soon as I make sure I have successfully set the AuthenticationMethods
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33650634
can you do this
get-outlookanywhere | fl

look for identity field and copy paste that within quotes below
then run it again.

set-OutlookAnywhere -identity:" " -IISAuthenticationMethods: Basic,Ntlm

0
 

Author Comment

by:J C
ID: 33650656
It accepted it. I will reboot as soon as I can and post back with results.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33650682
I am out for the day.

Please post back here. We get alerts when you update the case.

have a good weekend.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33651295
when do you think you'll have a chance to reboot
0
 

Author Comment

by:J C
ID: 33651317
After 5pm PST
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33651344
thx
0
 

Author Comment

by:J C
ID: 33667141
It still isn't working. Here are a few things I've noticed that may be causing my grief.

I tried to test the connection on the RPC virtual directory and here is the warning/error message I received. I don't know if this is normal behavior.

The server is configured to use pass-through authentication with a built-in account to access the specified physical path. However, IIS Manager cannot verify whether the built-in account has access. Make sure that the application pool identity has Read access to the physical path. If this server is joined to a domain, and the application pool identity is NetworkService or LocalSystem, verify that <domain>\<computer_name>$ has Read access to the physical path. Then test these settings again.

Also,

I installed the cert on the workstation I am trying to configure Outlook Anywhere on but I noticed that within a few hours of installing the cert that I am once again given a security certificate warning when I browse to remote.mydomain.com. I've never had that happen before.
0

Featured Post

Why do Marketing keep bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

Join & Write a Comment

Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This video discusses moving either the default database or any database to a new volume.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now