Solved

Exchange ActiveSync to iPhone suddenly not working

Posted on 2010-09-11
165
2,801 Views
Last Modified: 2012-05-10
Hello all:

We have a fairly simple email setup.  A single SBS2003 box running Exchange 2003 and ActiveSync out to several iPhones, no SSL whatsoever.  Has never been a problem before like this.  Last night, power was out long enough for our battery to die, and server went down.  Upon rebooting this AM, activesync will not work out to any iphones or other activesync enabled mobile devices (Droid, etc..).  Checked that all services are running, IIS settings are unchanged and IIS is running, also confirmed it's not a router issue because the devices don't work behind the firewall either pointing directly to the local IP of the mail server.  Beyond what I've already looked at, I do not know how to further troubleshoot the problem.  Any ideas?
0
Comment
Question by:zagnutttt4
  • 90
  • 55
  • 14
  • +3
165 Comments
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
i would start by looking at the iis logs to determine if the devices are hitting the system
c:\windows\system32\logfiles\w3svcx
looking for an entry with /Microsoft-Server-ActiveSync and at the end of the line will be the http error code
post the line
0
 

Author Comment

by:zagnutttt4
Comment Utility
Hi there:

I checked C:\Windows\system32\LogFiles\W3SVC4 as this is the folder that seems to contain the newest logs, at least by date and time.  The most recent file is from today, it is ex100911.log.  It hasn't been modified since almost 2 hours ago, although I've been trying to connect this whole time, and there appears to be no lines whatsoever in the entire log file (of the one from the day before) that contain the line /Microsoft-Server-ActiveSync.

What next?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
i would go to an external client and attempt to browse to https://server.domain.com/Microsoft-Server-ActiveSync

see what happens in IE
you could also try https://server.domain.com/exchange

make sure https traffic is reaching the system from the outside
0
 

Author Comment

by:zagnutttt4
Comment Utility
I take back what I said, the files were in a different folder - here's a few lines:

/exchange-oma/cmyers@woodhavenassociation.com/NON_IPM_SUBTREE/Microsoft-Server-ActiveSync/iPhone/Appl88838NU7Y7H - 80 WLAMAIN\cmyers 10.0.0.150 Microsoft-Server-ActiveSync/6.5.7638.1 405 0 0 397 651
2010-09-11 23:17:27 10.0.0.150 POST /Microsoft-Server-ActiveSync User=cmyers&DeviceId=Appl88838NU7Y7H&DeviceType=iPhone&Cmd=FolderSync&Log=V4TNASNC:0A0C0D0FS:0A0C0D0SP:1C1I493S794R0S0L0H0P 80 cmyers 71.228.5.36 Apple-iPhone/705.18 500 0 0 313 458
2010-09-11 23:17:27 10.0.0.150 PROPFIND /exchange-oma/cmyers@woodhavenassociation.com/NON_IPM_SUBTREE/Microsoft-Server-ActiveSync/iPhone/Appl88838NU7Y7H - 80 - 10.0.0.150 Microsoft-Server-ActiveSync/6.5.7638.1 401 1 0 2063 438
2010-09-11 23:17:27 10.0.0.150 PROPFIND /exchange-oma/cmyers@woodhavenassociation.com/NON_IPM_SUBTREE/Microsoft-Server-ActiveSync/iPhone/Appl88838NU7Y7H - 80 WLAMAIN\cmyers 10.0.0.150 Microsoft-Server-ActiveSync/6.5.7638.1 405 0 0 397 651
2010-09-11 23:17:27 10.0.0.150 POST /Microsoft-Server-ActiveSync User=cmyers&DeviceId=Appl88838NU7Y7H&DeviceType=iPhone&Cmd=FolderSync&Log=V4TNASNC:0A0C0D0FS:0A0C0D0SP:1C1I493S794R0S0L0H0P 80 cmyers 71.228.5.36 Apple-iPhone/705.18 500 0 0 313 458
2010-09-11 23:17:27 10.0.0.150 PROPFIND /exchange-oma/cmyers@woodhavenassociation.com/NON_IPM_SUBTREE/Microsoft-Server-ActiveSync/iPhone/Appl88838NU7Y7H - 80 - 10.0.0.150 Microsoft-Server-ActiveSync/6.5.7638.1 401 1 0 2063 438
2010-09-11 23:17:27 10.0.0.150 PROPFIND /exchange-oma/cmyers@woodhavenassociation.com/NON_IPM_SUBTREE/Microsoft-Server-ActiveSync/iPhone/Appl88838NU7Y7H - 80 WLAMAIN\cmyers 10.0.0.150 Microsoft-Server-ActiveSync/6.5.7638.1 405 0 0 397 651
0
 

Author Comment

by:zagnutttt4
Comment Utility
In addition to the above lines I just posted, please also note the following:  Internally, OWA no longer works correctly.  You can log into Outlook Web Access and get your list of email folders on the left, but the actual messages at the right never load.  This is a new problem as well.  It also does the same thing trying externally, using http://externalserverurl/exchange   (without https)
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
in system manager expand the server, protocols, and http
go to the properties for the http virtual server and check if forms based auth is enabled
disable it if it is and test
0
 

Author Comment

by:zagnutttt4
Comment Utility
I disabled Forms Based auth and tried again - same thing.  Cannot connect to server on iphone.  
0
 

Expert Comment

by:ocasey
Comment Utility
I take it that your regular Outlook users have no problems opening their folders and that the mobile devices are indeed authenticating. If Outlook has issues with folders, then perhaps you might want to run an integrity check and then performa a defrag of the information store. Be sure to back it up first. Have you retried removing and then adding a mobile user? Perhaps IIS is having issues since your OWA is problematic.
0
 

Author Comment

by:zagnutttt4
Comment Utility
Latest log line ends in Microsoft-Server-ActiveSync/6.5.7638.1 405 0 0 397 651
0
 

Author Comment

by:zagnutttt4
Comment Utility
Yes, the regular Outlook access is fine.  Seems to be no problems whatsoever when using Outlook as the native client.  Definitely seems to be something tied to IIS, but not sure how to troubleshoot it further.
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
what do you have in the iis log for a /exchange entry
i want to see this before making my next recommendation (since you were able to connect via http)
0
 

Author Comment

by:zagnutttt4
Comment Utility
Would the /exchange entry be in the same log file?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
yes
0
 

Author Comment

by:zagnutttt4
Comment Utility
I do not find any /exchange, only  /exchange-oma
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
check in iis manager, which site has the exchange vdir then get the site number to check logs
it is typically in the same site
0
 

Author Comment

by:zagnutttt4
Comment Utility
Hmm.. under my Default Web Site, it states that my log file is C:\WINDOWS\system32\LogFiles\W3SVC1\exyymmdd.log  Technically, this is the file we are discussing.  (C:\WINDOWS\system32\LogFiles\W3SVC1\ex100911.log

Here's the most recent line I find, although it's from earlier today - I see nothing from my own username, just the Administrator account.

2010-09-12 00:07:37 10.0.0.150 GET /exchange/Administrator/ Cmd=logoff 80 - 10.0.0.150 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 1 0 605 500
2010-09-12 00:07:37 10.0.0.150 GET /exchange/Administrator/ Cmd=logoff 80 WLAMAIN\Administrator 10.0.0.150 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 302 0 0 304 520
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
the 302 is a redirect
check the properties of the exchange vdir
make sure the virtual directory tab is set to "a directory location on this computer"
check the custom errors tab for the 403;4 error

there should be something for the 403;4
browse to the file specified and see where the redirection sends you to
0
 

Author Comment

by:zagnutttt4
Comment Utility
Here's one that just took place:

2010-09-12 00:25:23 10.0.0.150 SEARCH /exchange/MAINGATE/Inbox/ - 80 WLAMAIN\MAINGATE 10.0.0.26 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+FunWebProducts;+.NET+CLR+1.1.4322;+IEMB3;+IEMB3) 405 0 0 672 4844
0
 

Author Comment

by:zagnutttt4
Comment Utility
I checked the Exchange Virtual Directory.  The tab is set to "A directory located on this computer".

For the custom errors for 403;4, it says  C:\WINDOWS\help\iisHelp\common\403-4.htm

If I try to just open the .htm file, it says "the page must be viewed over  secure channel"  Error 403.4 - Forbidden: SSL required to view this resource

Should I be trying to browse to it internally?  What URL path should I be trying to browse to it from?

0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
In IIS Manager, check the Application pools are set correctly:
/exchange - ExchangeApplicationPool*
/exchweb - ExchangeApplicationPool*
/exadmin - ExchangeApplicationPool*
/public  - ExchangeApplicationPool*
/oma - ExchangeMobileBrowseApplicationPool
/Microsoft-Server-ActiveSync - ExchangeApplicationPool
* will probably show ExchangeApplicationPool but greyed out.

check the authentication methods
/exchange - basic and windows
/exchweb - anonymous
/exadmin - integrated
/public - basic and windows
/oma - basic
/Microsoft-Server-ActiveSync - basic
0
 

Author Comment

by:zagnutttt4
Comment Utility
All virtual directories are pointing to the correct application pools, and all authentication methods specified on each of the virtual directories is exactly as you specify
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
do you have urlscan installed on this server
0
 

Author Comment

by:zagnutttt4
Comment Utility
Not that I know of - I' don't think I've ever heard of it.  Is it a 3rd party product?  If so, probably not.
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
you can also try re-enabling forms based authentication and restart iis
0
 

Author Comment

by:zagnutttt4
Comment Utility
Can I use forms based authentication without SSL?
Which compression level should I choose before applying and rebooting?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
did you have it enabled before? it will enable it because of the basic auth requirement. you would need to go back an manually disable the require ssl.
high
don't reboot, just run the following from a command prompt
iisreset
0
 

Author Comment

by:zagnutttt4
Comment Utility
It was enabled before, and it was checked for "high" compression, yes.  So now that I've re-enabled forms-based auth, I need to go back and disable the "require ssl" on all virtual directories?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
just the exchange vdir will be modified by that
0
 

Author Comment

by:zagnutttt4
Comment Utility
After I re-enabled Forms-based auth, I checked the Exchange vdir and it did not re-check the "require SSL" box.  Nonetheless, I reset IIS using iisreset twice, still to no avail.  Same thing on iphone and same problem in outlook web access as well (loads mailbox, but no individual emails will appear in the message pain of OWA).  really weird.  What should I try next?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
0
 

Author Comment

by:zagnutttt4
Comment Utility
I just tried deleted the temporary compressed files like it says - no go.  I have not tried to recreated the virtual directories themselves..  Although I'm a bit hesitant to try it.  I back up all actual files on the server each night.. do you think I could restore the actual directories that make up these virtual directories?
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 250 total points
Comment Utility
my last recommendation for the night (and it is something i try to avoid)
http://support.microsoft.com/kb/883380
0
 

Author Comment

by:zagnutttt4
Comment Utility
Where is the \\.\BackOfficeStorage directory that these refer to??
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
it is not a direcotry on the machine
0
 

Author Comment

by:zagnutttt4
Comment Utility
Interesting - how do I know exactly which physical files the virtual directories contain?  
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
the files are located under the c:\program files\exchsrvr directory
0
 

Author Comment

by:zagnutttt4
Comment Utility
What if I restored everything in C:\inetpub and C:\program files\exchsrvr   (I keep the actual exchange database and streaming file on a seperate drive)
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
i don't think it is a file error, i believe it is an iis issue
the 405 error is Resource not allowed

sorry, but i need to call it a night
0
 

Author Comment

by:zagnutttt4
Comment Utility
Thanks for your help this evening - I'll keep plugging away and see what i can find out.  :)
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 250 total points
Comment Utility
Pease have a read through my Exchange 2003 / Activesync article and make sure all your IIS settings are set correctly.
You can use SSL (and should be) with SBS 2003 and can use the SBS issued certificate to achieve this.  If you want guidance, please let me know.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798-Exchange-2003-Activesync-Connection-Problems-FAQ.html
If my article does not get you going, please let me know.
Alan
0
 

Author Comment

by:zagnutttt4
Comment Utility
Hi Alan:

I am anazlyzing your article in depth now - so far no go, but following it to the T.  Very nice work, btw.  Very thorough.  I'm thinking I may end up recreating the virtual directories, but will try everything else first.  Stay tuned for an update!
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
i'm watching the status too
0
 

Author Comment

by:zagnutttt4
Comment Utility
10-4.  Is using the IIS Resource Kit tools (metabase explorer) the safest method for re-creating the IIS virtual directories?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
unless you've done it many times, yes
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Method 2 of KB883380 is usually the easiest way.
0
 

Author Comment

by:zagnutttt4
Comment Utility
I will try the metabase explorer method  - doing so now
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
I hope you have seen my last comment before you venture down the Metabase Explorer route!  I would not use Metabase Explorer Personally.
0
 

Author Comment

by:zagnutttt4
Comment Utility
Yes, I did read that you thought the 2nd method was easier.  Will read the KB a bit more before proceeding.  In either case - why does the documentation not state to delete the exchange-oma vdir?  Should I leave that one in tact?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
it does state to delete the oma vdir
0
 

Author Comment

by:zagnutttt4
Comment Utility
it statest to delete the oma vdir, but doesn't say to delete the exchange-oma vdir
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
It does not state to delete that because it is hopefully not necessary and does not get automatically re-created anyway.  KB817379 covers the exchange-oma virtual directory, should the need arise.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Another thought sprung to mind earlier - what router / firewall do you have and have you checked that all the relevant ports are open?
You will only need TCP port 443 (HTTPS) for Activesync over SSL or TCP port 80 (HTTP) for insecure Activesync.
What were the results of the test site?
0
 

Author Comment

by:zagnutttt4
Comment Utility
The test failed repeatedly with error 500 - however, the problem exists internally as well, even when completely behind my firewall and router.  :(    It's definitely an IIS thing.

I have deleted the appropriate vdir's (yes, I did use the metabase explorer) and the assosciated metadata, and am now restarting the system attendant service - cross your fingers!
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
If you want, delete the exchange-oma virtual directory and then follow KB817379 to re-create it.  It won't hurt.
0
 

Author Comment

by:zagnutttt4
Comment Utility
Okay.  First, I will reset my access settings on all of the new vdir's that it recreated (it recreated them almost instantly, I just checked) and if I still can't get ActiveSync to work, I will redo the whole process again, this time including exchange-oma
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
remember the article stated to wait 15 minutes and it may even require a reboot
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
wow, i couldn't even type as fast as it could recreate
0
 

Author Comment

by:zagnutttt4
Comment Utility
Hah!  Okay, well I just checked again to verify that all vdir's were recreated - they were.  I did IISRESET.  Browsing to outlook web access still producing same result as before (shows mailbox folders at left, but no messages at right - just says "loading" in the windows where the inbox emails should be).   iPhone still won't sync either.  Should I try a complete reboot?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
what access settings did you change? did you test before making any of your changes?
0
 

Author Comment

by:zagnutttt4
Comment Utility
Just physically rebooted the whole server - still no go!  Tried synching iphone from scratch from behind the firewall on same local subnet as server - same problems with iphone and w/ outlook web access.  I'm stumped.  What is left to try guys?  help!!  
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
what changes did you make after the vdirs were re-created? check the certificate configuration for the site
0
 

Author Comment

by:zagnutttt4
Comment Utility
After the vdir's were created, I went back and made sure all of the configuration settings were exaclty as they've always been.  The default website is not using any certificate, so that settings seemed to stay as I've had it.  I tried the ActiveSync tester from "AccessMyLan" and it still comes up with "ActiveSync detected, but not correctly configured [HTTP 500: Forms-based auth enabled?]"
0
 

Author Comment

by:zagnutttt4
Comment Utility
I tried disabled forms-based auth in exchange http, and activesync test still shows "ActiveSync detected, but not correctly configured [HTTP 500: Forms-based auth enabled?]"
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
i'm guessing the iis logs are once again reporting the sam 405 error?
i would focus on owa first since activesync has a minor dependency on it
0
 

Author Comment

by:zagnutttt4
Comment Utility
Yeah, my latest IIS log entry reports Microsoft-Server-ActiveSync/6.5.7638.1 405 0 0 397 657

What does the error 405 mean?  
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
the 405 error is Resource not allowed
typically it doesn't like the verb being passed (GET, POST, etc)

URLScan which i asked about is a potential cause

what about directly from the server, can you go to http://localhost/exchange
0
 

Author Comment

by:zagnutttt4
Comment Utility
I can't browse to http://locahost/exchange   it gives me "page cannot be found".

I CAN browse to http://hostname/exchange and get to the OWA mailbox page.  In which case it does not ask me for authentication, it goes directly to the mailbox of the user that is locally logged on, and the mailbox items never load, just the mailbox folders to the left.  

I think it has something to do w/ the identity of the site and still has something to do w/ the way connections are trying to authenticate.  
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
ensure that asp.net is allowed and asp.
Also take a look at this KB article...
http://support.microsoft.com/default.aspx?kbid=831464
0
 

Author Comment

by:zagnutttt4
Comment Utility
All of the vdir's list asp.net version 1.1.4322   How do I make sure it's allowed?  
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
web services extensions
look at that last article too
0
 

Author Comment

by:zagnutttt4
Comment Utility
I checked the last article - I've already tried deleting the temporary compressed files as they explain.  Should I try again?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
were you successful the first time, it wouldn't hurt
0
 

Author Comment

by:zagnutttt4
Comment Utility
Just tried deleting the compressed temp files again and reset iis - still no go.  checking the web services extensions now.
0
 

Author Comment

by:zagnutttt4
Comment Utility
I do notice inconistencies in the way the logs show me authenticating.  Sometimes as WLAMAIN\username and sometimes as wlamain.local\username  

(wlamain.local is the domain we are using).   How can I make sure the each vdir has the appropriate 'realm' and 'default domain', etc..  ?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
you need to check the authentication settings for each
any with basic should have the default domain configured
0
 

Author Comment

by:zagnutttt4
Comment Utility
Can we go through one more time exactly what types of authentication I should have checked for each, including the default website itself?  Keeping in mind no SSL at all?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
keep in mind that it is recommended to use SSL any time basic authentication is enabled

/exchange - basic and windows
/exchweb - anonymous
/exadmin - integrated
/public - basic and windows
/oma - basic
/Microsoft-Server-ActiveSync - basic
0
 

Author Comment

by:zagnutttt4
Comment Utility
rechecking all auth settings now..
0
 

Author Comment

by:zagnutttt4
Comment Utility
They all look right.

When the iphone hits the server, it always produces error 405 for exchange-oma, and error 500 for Microsoft-Server-ActiveSync
0
 

Author Comment

by:zagnutttt4
Comment Utility
Is it possible to restore a single website instead of the entire IIS config using the restore feature?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
no, you can only restore the server

can you try creating a new web site then add just the exchange vdir
http://support.microsoft.com/kb/816576

create the virtual directory within esm
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
i would like to see if we can build a new site and at least get owa working
0
Integrate social media with email signatures

Is your company active on social media? Do you also use email signatures? Including social media icons in your email signature is a great way to get fans for free. Let all your email users know you’re on social media quickly and easily, in a single click.

 

Author Comment

by:zagnutttt4
Comment Utility
Okay - will try now
0
 

Author Comment

by:zagnutttt4
Comment Utility
So do I want to first create a new HTTP virtual server in ESM before doing anything in IIS manager yet?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
yes, first create the vs, then the vdirs
don't modify any default setttings
0
 

Author Comment

by:zagnutttt4
Comment Utility
I made a new virtual server in ESM.  I didn't add anything to it in ESM.  Now I go into ISS and create a new website?
0
 
LVL 3

Expert Comment

by:dccj
Comment Utility
OK, back up the bus. You guys are going in waaay too deep. The problem happened after a power fail. It was working. You're dinking with so many setting it will be a miracle if you ever get this working.

Go back to the basics. First off, if you can't browse various sites on your internal web, then it's an IIS problem. Until all of that works properly, forget the iPhones.

Are all of the sites in IIS running? That's the first place to look. If not, that's where you need to start. Stop creating websites, virtual servers, etc. If you didn't need them before, you don't need them now! The chances of any of those actually being bad is slim. The chances of really screwing it up by messing with them when things aren't working is huge!

So start over. Look at the sites in IIS and tell us if they are all up. Also check to make sure you don't have any other NIC's enabled than the one SBS is using.
0
 

Author Comment

by:zagnutttt4
Comment Utility
Yikes!  Well, going back to the basic setup - yes, all sites are up and running.  There's actually just the default website and the virtual directories beneath it.  Yes, everything is running.  It's DEFINITELY an IIS problem.  

So, getting to the next step you mention - There are no other NIC's enabled on this machine, just the one we are using.  All ip settings have remained the same since the power failure.  All other core functions such as AD / DNS / file serving / Core exchange functionality / Print Serving are working as expected.
0
 

Author Comment

by:zagnutttt4
Comment Utility
There's also the "companyweb" sharepoint site in IIS - it's up and running and working fine as well.
0
 
LVL 3

Expert Comment

by:dccj
Comment Utility
OK, so now try (internally) accessing https://servername/Exchange and /oma.

I know you've done this before, but please do it again! Oma should give you a password box and Exchange should give you the OWA login page.
0
 

Author Comment

by:zagnutttt4
Comment Utility
The name of the server internally is just WSBS2003.  If I browse to https://wsbs2003/exchange I get no login box at all, it goes directly to the outlook web access mailbox of the administrator account.  It shows the Mailbox folders (calendar, contacts, deleted, inbox, etc.. on the left, but on the right it shows no messages, just "Loading"...

If I browse to https://wsbs2003/oma I get "Server Error in '/OMA' Application.  Unrecognized configuration section 'connectionStrings'  Line 12 shows in red, source file is C:\inetpub\wwwroot\web.config

0
 
LVL 3

Expert Comment

by:dccj
Comment Utility
For the Exchange one, you may need to add your server to your trusted sites. Maybe not. I'm not sure that these are related - yet.

For the other, I don't have 'connectionStrings' section in my web.config. Can you find that file and copy that section and post it here? You can find the path in the OMA properties in IIS.

Just for grins, go to your OMA properties in IIS, to the ASP.NET tab. What version are you using? You should be using 1.1.4322, not the 2.x version that is also available.
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
i don't think it's a trusted sites issue as they go straight to the mailbox
they just can't view the content of the mailbox due to the 405 error
0
 

Author Comment

by:zagnutttt4
Comment Utility
It does not appear that my web.config file under OMA has a connectionsStrings line.

The error that was reported actually shows as C:\intepub\wwwroot\webconfig on line 12, shows below:

<?xml version="1.0"?>
<!--
    Note: As an alternative to hand editing this file you can use the
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in
    machine.config.comments usually located in
    \Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
    <appSettings/>
    <connectionStrings/>
    <system.web>
0
 

Author Comment

by:zagnutttt4
Comment Utility
All of the sites and vdir's are using asp.net 1.1.4322
0
 

Author Comment

by:zagnutttt4
Comment Utility
I tried to comment out the connectionStrings line just to see waht would happen, and the next error said "Child nodes are not allowed."  Line 27:  <namespaces>
0
 
LVL 3

Expert Comment

by:dccj
Comment Utility
Good on the asp version.

OK, I did pickup on the file name before, but on my machine, I do not *have* a webconfig (web.config) in that folder even though one is referenced. A little research says that SBS2003 does not have that file at that location by default, so this is something that was added in. You might try renaming that file and then doing an IISRESET and see what effect that has.
0
 

Author Comment

by:zagnutttt4
Comment Utility
So the OMA one - you DO have that one, correct?   But you do not have a web.config file in the C:\inetpub\wwwroot location?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
no, there is not a web.config file by default
did you install any third party products on this system? url rewrite, url scan, etc
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
you could rename it to web.config.old and run iisreset
0
 

Author Comment

by:zagnutttt4
Comment Utility
I just did - I renamed it to .old and did iireset.  Now, if I browse to /exchange, I get an actual login box for outlook web access - it lets me log in, but still no loading on the items part.

If I browse now to /OMA - I now get  "A system error has ocurred while processing your request.  Pleasty try again".  The link it takes me to is https://servername/OMA/(qorjo145zmkvw1bfjhm0r0z2)/oma.aspx   Some weird kind of temp folder or something?
0
 

Author Comment

by:zagnutttt4
Comment Utility
Nope - no 3rd party add-ons that I've ever done in regards to urlscan, etc..
0
 

Author Comment

by:zagnutttt4
Comment Utility
Just a quick update - if I click on the 'classic' client for the outlook web access logon, I can get the mailbox items to show up.  Any ideas?
0
 

Author Comment

by:zagnutttt4
Comment Utility
I've tried everything - i even restored the entire system state, including the IIS metabase and the registry, back to it's state the day before the accident - still does the same exact thing.  This is getting insane.  
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
did you try creating the new site and adding the exchange vdir?  
i would like to see how iis handles a new/clean site
0
 

Author Comment

by:zagnutttt4
Comment Utility
I started to, but never progressed past the first part - SO, as we discussed....  My first step is to create a new http virtual server in Exchange, right?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
yes, you'll need something that makes it unique for the default site
can you add a second ip address to the server temporarily for this and assign that ip to the site
then when you test use http://10.1.1.2/exchange
0
 

Author Comment

by:zagnutttt4
Comment Utility
There's only 1 NIC in the server - should I give it two IP's?  Keep in mind this is also our DNS server and domain controller (obviously)
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
yes, once we test we can remove this
0
 

Author Comment

by:zagnutttt4
Comment Utility
I'm actually at a remote site right now - if I give the server two IP's on one NIC, will I still be able to connect correctly over RDP?
0
 

Author Comment

by:zagnutttt4
Comment Utility
Another thing that's weird - I restored the entire system-state (Active Directory, IIS, etc..) using Backup Exec 12.5 in Directory Services Restore mode.  How could it be that even THAT didn't fix it?  lol     Nonetheless..   If you feel the dual-IP scenario is the next step for testing, I shall proceed.  
0
 

Author Comment

by:zagnutttt4
Comment Utility
Should I specifically use that IP?  I should use an IP on my same subnet, right?  Or are we trying right from the server only?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
use an available ip address in your subnet
yes, from the server
0
 

Author Comment

by:zagnutttt4
Comment Utility
Okay - I added a 2nd IP address - 10.0.0.30    Now what?  First create a 2nd server in ESM?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
yes, and associate with this ip
0
 

Author Comment

by:zagnutttt4
Comment Utility
One other weird thing I just noticed..  I cannot expand my Public Folders in ESM - it give me an error 405
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
because the exadmin vdir is also most likely broken, so this would be expected
0
 

Author Comment

by:zagnutttt4
Comment Utility
Okay, I made a 2nd Exchange Virtual Server in ESM and associated it w/ 10.0.0.30..   Now What?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
right-click and select new virtual directory
name = Exchange
Exchange path = mailboxes
0
 

Author Comment

by:zagnutttt4
Comment Utility
I just named it Exchange Virtual Server 2   -   I pointed it to the mailboxes.  It actually won't let me choose 10.0.0.30 for it now that I look. It will only let me select "all unassigned" or whatever
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
can you change it after you create it? it should allow you to choose which ip, otherwise the site won't start by default. you'll need to start it in iis manager until the ip is assigned.
0
 

Author Comment

by:zagnutttt4
Comment Utility
So now I create a new site in IIS manager, right?
0
 

Author Comment

by:zagnutttt4
Comment Utility
What should the home directory be for the new site?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
no, you should be doing it thru esm
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
it must be done thru esm, you cannot select a site for an http vs in esm
0
 

Author Comment

by:zagnutttt4
Comment Utility
Yep, in ESM I made a new virtual server
0
 

Author Comment

by:zagnutttt4
Comment Utility
Understood - yes, I made the new vs in esm.  Awaiting the next step
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
you may have the worst case scenario here based on everything you are reporting, but let's finish this test
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/SBS_Small_Business_Server/Q_22922967.html
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
now that you have the new http vs
right-click and select new virtual directory
name = Exchange
Exchange path = mailboxes

then test http:/10.0.0.30/exchange
0
 

Author Comment

by:zagnutttt4
Comment Utility
gives me a login box
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
go ahead and login
see if you see data on the right
0
 

Author Comment

by:zagnutttt4
Comment Utility
Can't see any data;   After I enter my credentials, it says "waiting for webpage" for about a minute, then goes to Error 404 - The page cannot be found
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
go into iis manager and make sure the site is online
compare its config to the default web site exchange vdir
0
 

Author Comment

by:zagnutttt4
Comment Utility
That's what I was asking earlier..  In IIS manager, should it show this specific virtual directory?  Or do I have to make a new website in IIS manager?  I guess that's where I'm confused - after making the vdir in ESM, what do I need to do in IIS manager?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
in iis manager you will see the new site
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
where do you stand? i am getting ready to call it a night and i want to undo the changes if no progress
0
 

Author Comment

by:zagnutttt4
Comment Utility
I see the new site - the only differences I see between that one and the 'real' one under default website is this one has ExchWeb UNDERNEATH it.  But, I still can't browse to it - I still get the login box, but nothing after that.
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
remove the new http vs and the ip address
0
 

Author Comment

by:zagnutttt4
Comment Utility
Will do.   Howcome under my 'registered mime types' I don't have anything?
0
 

Author Comment

by:zagnutttt4
Comment Utility
Just a status update on this - I've tried several more thing, including once again recreating the virtual directories.  I backed up IIS, then deleted the exchange directories, deleted the appropriate metadata using the metabase explorer. then restarted the system attendant and the directories were recreated.  However, still the same behavior.  Error 500 when trying to activesync, and content panes show "loading" indefinitely when logging into OWA.  

At this point, I believe I need to reinstall something.  Should my next step be just to throw in the appropriate disc that came with SBS2003 and reinstall Exchange and IIS?  I'm kind of leery about this..  If I just reinstall the components over themselves without uninstalling everything, do you think it will fix the problem?
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
0
 

Author Comment

by:zagnutttt4
Comment Utility
Yikes..  Do you think I should just throw the disc in like it says and install over itself?  What about Exchange - I'm now running Exchange 2003 SP2, but the disc is older than that I believe.
0
 

Author Comment

by:zagnutttt4
Comment Utility
I took the plunge - I just uninstalled and reinstalled IIS and now reinstalling Exchange.  After that, I will reinstall SP2 for Exchange.  After that, how do I point my exchange server back over to where I keep my databases (mailbox db and public folder db) ?
0
 

Author Comment

by:zagnutttt4
Comment Utility
Now I installed everything again - now I can't even BROWSE at all to companyweb or OWA.  I just get a page stating "Service Unavailable".  I made sure that asp.net is installed and listed under each website and virtual directory in IIS manager.  Help!
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Uninstalling IIS without following the correct guide will break Exchange.
DId you follow this guide:
http://support.microsoft.com/kb/320202
0
 

Author Comment

by:zagnutttt4
Comment Utility
Exchange is actually working fine.  I uninstalled IIS, the reinstalled/restored IIS, and reinstalled Exchange, then I reinstalled Service Pack2 for Exchange.  I pointed Exchange to my mailbox and public folder databases, fired it back up, and exchange is working great.  In IIS, everything is back in IIS manager and running.  However, I can no longer browse to http://companyweb from the server or any clients.  I just get a page that says "Service Unavailable".  Same thing if I try to browse to http://servername/exchange
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
This article might be relevant if you get the HTTP/1.1 503 Service Unavailable Error:
http://support.microsoft.com/kb/823159
HKCRSCAN.EXE is usually available only from Microsoft, but I hava copy if you need it.
0
 

Author Comment

by:zagnutttt4
Comment Utility
It doesn't look like anything in that article applies.  I actually don't even get the http 503, I just get "Service Unavailable".  In IIS manager, under Application Pools, the "DefaultAppPool" and the "ExchangeApplicationPool" keep going 'down' - that is, they keep ending up w/ a red x in them.  Even if I start them, I still get the "service unavailable message".

0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
That is probably because IIS and Exchange are heavily interwoven.
Please run through the article I posted last and then follow the guidelines (if it is not too late).
0
 

Author Comment

by:zagnutttt4
Comment Utility
Article 320202 is the same exact one I used to uninstall/reinstall IIS and then reinstall exchange.  I followed it to the T...    Or are you talking about 823159
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
KB320202 is the one I am referring to (it's late my end).
What errors are showing in the Event Logs that are IIS / Exchange related?
0