Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 871
  • Last Modified:

Exchange 2010 Migration, OWA 2003 reporting 503 error

Hello-

I have started my Exchange 2010 install.  Been researching this for months but I've obviously missed something as OWA and Activesync were dead this AM.  Last night I installed the CAS server.  That is the only role I currently have installed.  I have not modified any SSL certs, or DNS records, or firewall rules.  Existing Exchange 2003 BE and FE remain untouched.  But login to 2003 OWA results in HTTP/1.1 503 Service Unavailable.  I was under the impression that until I applied the new certificate and modified DNS this would not be an issue.  HELP!!!
0
dfollis
Asked:
dfollis
  • 4
1 Solution
 
NagarajbCommented:
0
 
dfollisAuthor Commented:
Nagarajb-

Thanks for this.  I'm reading but I think I might be confused as I have a split DNS sturcture.  Our interal DNS is company.local.  Of course external is company.com.  Current structure is this:

webmail.company.com --> exchangeFE.company.local
mail.company.com --> exchangeBE.company.local

After the CAS install; I have not installed the HT or MB Exchange 2010 servers yet (no EDGE will be used), I now have the following DNS records setup:

webmail.company.com --> exchangeFE.company.local
mail.company.com --> exchangeBE.company.local
legacy.company.local --> exchangeFE.company.local
autodiscover.company.local --> exchangeCAS.company.local

I have not modified any of my external DNS records yet.  I simply need to get OWA working.  I'm not able to access OWA 2003 or OWA 2010 via external or internal hostnames.  Nor by localhost via the console of those systems.  Something in IIS is broken or has been changed.  When you install the CAS role does it modify something on the ExchangeFE box?  Nothing I have read indicated this.
0
 
dfollisAuthor Commented:
So I went ahead and called PSS.  We have SA so no cost.  I feel like a complete idiot.  For some reason the IIS service on the BE Exchange server had stopped.  Still not sure what caused this, but starting it up again fixed it of course.  Moral of this story is always check the simple things first.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
dfollisAuthor Commented:
Not directly related to my problem but still good information.
0
 
e_aravindCommented:
When you install the CAS role does it modify something on the ExchangeFE box?  

When we are adding E2010 CAS server on the setup
We should get the few other AD-Groups (atleast 5 groups) added for some permission on the E2k3 servers/stores...so the CAS code can access the mailboxes without any issues


0
 
dfollisAuthor Commented:
e_aravind-

I don't think the CAS server modifies anything on the FE.  From what I understand, after you install the CAS, you have to setup the legacy.company.X and autodiscover.company.X DNS records (internal and external if you have split DNS) and procure the new SSL certificates.  After that is done and they are applied to the CAS, the final step is to point your OWA traffic from the firewall to the CAS server.  It should now act as a proxy between your old Exchange FE/BE config and the new Exchange CAS/MBX config.  All OWA logins hit the CAS first.  If the CAS server determines the person's mailbox is still on the the 2003 BE server it points them to the OWA 2003 on the FE server.  If it determines the person has a mailbox on the 2010 MBX server it responds with the OWA 2010 pages.

Regarding the permissons, most of that is done by adding users to groups.  I think the user you install as is added to the new groups.  I've done quite a bit of reading and I haven't seen anything about needing to change permissions.  Now if you are using a new service account for Exchange 2010 compared to what you used for 2003 that could be a different story.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now