J C
asked on
SBS 2008 + Exchange 2007 + IIS Problem with OWA
When I try to access the virtual directory named "Exchange" in IIS I receive an error that the path no longer exists. I am just wondering what I need to do to recover this. I am trying to make Outlook Anywhere work and this has become an obstacle. This is all configured during the installation process for SBS 2008 and I am not sure if a change I've made has caused this problem. Please help.
you need to use /owa
exchange was the vdir for 2003
2007 uses owa
2007 uses owa
ASKER
If RPC over http isn't working out of the box with SBS 2008/Exchange 2007 do you know of what I could check that may be wrong? I verified RPC over HTTP is installed on the SBS and that Outlook Anywhere is enabled within the ESM. I have the security certificate installed on both the server and the workstation that I am trying to configure for Outlook Anywhere.
I get an error that the exchange server must be online.
Outlook is configured for RPC over HTTP. I can connect to the OWA from outside, no issues there.
I get an error that the exchange server must be online.
Outlook is configured for RPC over HTTP. I can connect to the OWA from outside, no issues there.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It was set to Default Web Site. This is the error I receive when I try to run the command.
WARNING: IIS://WIN2008SBS.habitat01 .local/W3S VC/1/ROOT/ Rpc was not found. Please make sure you have typed it correctly.
WARNING: IIS://WIN2008SBS.habitat01
verify that rpc proxy is installed
in iis manager look under the sbs web applications site for a rpc virutal directory
in iis manager look under the sbs web applications site for a rpc virutal directory
ASKER
Verified both
Can you test your RPC
http://www.testexchangeconnectivity.com/
Test for outlook anywhere and post back here.
thanks
http://www.testexchangeconnectivity.com/
Test for outlook anywhere and post back here.
thanks
i would go into server configuration and disable outlook anywhere
wait a few minutes then enable outlook anywhere
wait a few minutes then enable outlook anywhere
ASKER
Results:
ExRCA is testing RPC/HTTP connectivity.
The RPC/HTTP test failed.
Test Steps
Attempting to resolve the host name remote.mydomain.com in DNS.
Host successfully resolved
Additional Details
IP(s) returned: x.x.x.x
Testing TCP Port 443 on host remote.mydomain.com to ensure it is listening and open.
The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
ExRCA is testing RPC/HTTP connectivity.
The RPC/HTTP test failed.
Test Steps
Attempting to resolve the host name remote.mydomain.com in DNS.
Host successfully resolved
Additional Details
IP(s) returned: x.x.x.x
Testing TCP Port 443 on host remote.mydomain.com to ensure it is listening and open.
The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
ASKER
Can you use a self signed cert with exchange 2007/Outlook anywhere? It should just be a matter of having the cert installed right?
you can, but your windows clients must install the cert to trust it
its better to go with UCC/SAN certs for exchange 2007, as you will need it for phones / outlook / rpc/https
You can get one from godaddy here
https://www.godaddy.com/ssl/ssl-certificates.aspx
add
mail.domain.com
autodiscover.domain.com
mail.domain.local
mail (exchange mail server name)
You can get one from godaddy here
https://www.godaddy.com/ssl/ssl-certificates.aspx
add
mail.domain.com
autodiscover.domain.com
mail.domain.local
mail (exchange mail server name)
agree with sunnyc7
i was just answering your question if it was possible :)
i was just answering your question if it was possible :)
ASKER
I have the cert installed on the windows client that I have configured Outlook Anywhere for. Can you think of any other reason this wouldn't be working?
ASKER
I did try to disable and re-enable Outlook Anywhere.
run this from the workstation where you have the cert installed.
RPCPing.exe -t ncacn_http -o RpcProxy=fqdn.yourdomain.c om -P "testuser,yourdomain,testp assword" -I "testuser,yourdomain,testp assword" -H 1 -u 10 -a connect -F 3 -E -v -3 -R none -q
post back what you get.
whether you get a ping response or get error 87
RPCPing.exe -t ncacn_http -o RpcProxy=fqdn.yourdomain.c
post back what you get.
whether you get a ping response or get error 87
i believe it is because it points the the default web site
can you try it again
Get-OutlookAnywhere | Set-OutlookAnywhere -Name "Rpc (SBS Web Application)"
can you try it again
Get-OutlookAnywhere | Set-OutlookAnywhere -Name "Rpc (SBS Web Application)"
ASKER
endital1097,
I ran this command again:
get-outlookanywhere | fl
Even though it had given me the error when I tried to change it from "Default Website" it did make the change so that it reflects SBS Web Application now. I don't know if the server needs to be restarted but Outlook will still not connect.
sunnyc7,
yourdomain=internal domain? I did receive error 87.
I ran this command again:
get-outlookanywhere | fl
Even though it had given me the error when I tried to change it from "Default Website" it did make the change so that it reflects SBS Web Application now. I don't know if the server needs to be restarted but Outlook will still not connect.
sunnyc7,
yourdomain=internal domain? I did receive error 87.
ASKER
It is using port 443 for the rpcping right? I don't have port 80 open in the firewall.
a) can you ping before you can rpcping ?
b) Restart service RPC client access
start > run > services.msc
c)
run this from exchange shell
get-outlookanywhere | fl IISAuthenticationMethods
IIS auth has to be basic and NTLM
b) Restart service RPC client access
start > run > services.msc
c)
run this from exchange shell
get-outlookanywhere | fl IISAuthenticationMethods
IIS auth has to be basic and NTLM
ASKER
a) Not sure what you mean here.
b) I don't have a RPC client access service. The RPC service doesn't allow me to restart it. I am logged into the server as an admin...Maybe thats normal behavior?
c) IISAuthenticationMethods: Basic was the result
b) I don't have a RPC client access service. The RPC service doesn't allow me to restart it. I am logged into the server as an admin...Maybe thats normal behavior?
c) IISAuthenticationMethods: Basic was the result
set-OutlookAnywhere -IISAuthenticationMethods: Basic,Ntlm
set-outlookprovider EXPR -CertPrincipalName:remote. domain.com -server $null
where remote.domain.com is listed in your cert
is listed in your external DNS and points to your public IP
or is your primary MX
--
I meant can you ping the server first, before you try rpcping.
please run the commands above.
-
Can you restart the server @ RPC wont allow you to restart.
set-outlookprovider EXPR -CertPrincipalName:remote.
where remote.domain.com is listed in your cert
is listed in your external DNS and points to your public IP
or is your primary MX
--
I meant can you ping the server first, before you try rpcping.
please run the commands above.
-
Can you restart the server @ RPC wont allow you to restart.
ASKER
When I run the first command, I get prompted for Identity...What should I enter there?
This is the message I receive "cmdlet set-OutlookAnywhere at command pipeline position 1 Supply values for the following parameters:"
Yes I can ping the server and it does resolve correctly. I will restart the server as soon as I make sure I have successfully set the AuthenticationMethods
This is the message I receive "cmdlet set-OutlookAnywhere at command pipeline position 1 Supply values for the following parameters:"
Yes I can ping the server and it does resolve correctly. I will restart the server as soon as I make sure I have successfully set the AuthenticationMethods
can you do this
get-outlookanywhere | fl
look for identity field and copy paste that within quotes below
then run it again.
set-OutlookAnywhere -identity:" " -IISAuthenticationMethods: Basic,Ntlm
get-outlookanywhere | fl
look for identity field and copy paste that within quotes below
then run it again.
set-OutlookAnywhere -identity:" " -IISAuthenticationMethods:
ASKER
It accepted it. I will reboot as soon as I can and post back with results.
I am out for the day.
Please post back here. We get alerts when you update the case.
have a good weekend.
Please post back here. We get alerts when you update the case.
have a good weekend.
when do you think you'll have a chance to reboot
ASKER
After 5pm PST
thx
ASKER
It still isn't working. Here are a few things I've noticed that may be causing my grief.
I tried to test the connection on the RPC virtual directory and here is the warning/error message I received. I don't know if this is normal behavior.
The server is configured to use pass-through authentication with a built-in account to access the specified physical path. However, IIS Manager cannot verify whether the built-in account has access. Make sure that the application pool identity has Read access to the physical path. If this server is joined to a domain, and the application pool identity is NetworkService or LocalSystem, verify that <domain>\<computer_name>$ has Read access to the physical path. Then test these settings again.
Also,
I installed the cert on the workstation I am trying to configure Outlook Anywhere on but I noticed that within a few hours of installing the cert that I am once again given a security certificate warning when I browse to remote.mydomain.com. I've never had that happen before.
I tried to test the connection on the RPC virtual directory and here is the warning/error message I received. I don't know if this is normal behavior.
The server is configured to use pass-through authentication with a built-in account to access the specified physical path. However, IIS Manager cannot verify whether the built-in account has access. Make sure that the application pool identity has Read access to the physical path. If this server is joined to a domain, and the application pool identity is NetworkService or LocalSystem, verify that <domain>\<computer_name>$ has Read access to the physical path. Then test these settings again.
Also,
I installed the cert on the workstation I am trying to configure Outlook Anywhere on but I noticed that within a few hours of installing the cert that I am once again given a security certificate warning when I browse to remote.mydomain.com. I've never had that happen before.