Solved

Exchange 2010 Migration, OWA 2003 reporting 503 error

Posted on 2010-09-23
6
858 Views
Last Modified: 2012-05-10
Hello-

I have started my Exchange 2010 install.  Been researching this for months but I've obviously missed something as OWA and Activesync were dead this AM.  Last night I installed the CAS server.  That is the only role I currently have installed.  I have not modified any SSL certs, or DNS records, or firewall rules.  Existing Exchange 2003 BE and FE remain untouched.  But login to 2003 OWA results in HTTP/1.1 503 Service Unavailable.  I was under the impression that until I applied the new certificate and modified DNS this would not be an issue.  HELP!!!
0
Comment
Question by:dfollis
  • 4
6 Comments
 
LVL 6

Accepted Solution

by:
Nagarajb earned 500 total points
ID: 33746934
0
 

Author Comment

by:dfollis
ID: 33747391
Nagarajb-

Thanks for this.  I'm reading but I think I might be confused as I have a split DNS sturcture.  Our interal DNS is company.local.  Of course external is company.com.  Current structure is this:

webmail.company.com --> exchangeFE.company.local
mail.company.com --> exchangeBE.company.local

After the CAS install; I have not installed the HT or MB Exchange 2010 servers yet (no EDGE will be used), I now have the following DNS records setup:

webmail.company.com --> exchangeFE.company.local
mail.company.com --> exchangeBE.company.local
legacy.company.local --> exchangeFE.company.local
autodiscover.company.local --> exchangeCAS.company.local

I have not modified any of my external DNS records yet.  I simply need to get OWA working.  I'm not able to access OWA 2003 or OWA 2010 via external or internal hostnames.  Nor by localhost via the console of those systems.  Something in IIS is broken or has been changed.  When you install the CAS role does it modify something on the ExchangeFE box?  Nothing I have read indicated this.
0
 

Author Comment

by:dfollis
ID: 33749249
So I went ahead and called PSS.  We have SA so no cost.  I feel like a complete idiot.  For some reason the IIS service on the BE Exchange server had stopped.  Still not sure what caused this, but starting it up again fixed it of course.  Moral of this story is always check the simple things first.
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 

Author Closing Comment

by:dfollis
ID: 33749260
Not directly related to my problem but still good information.
0
 
LVL 26

Expert Comment

by:e_aravind
ID: 33751399
When you install the CAS role does it modify something on the ExchangeFE box?  

When we are adding E2010 CAS server on the setup
We should get the few other AD-Groups (atleast 5 groups) added for some permission on the E2k3 servers/stores...so the CAS code can access the mailboxes without any issues


0
 

Author Comment

by:dfollis
ID: 33754531
e_aravind-

I don't think the CAS server modifies anything on the FE.  From what I understand, after you install the CAS, you have to setup the legacy.company.X and autodiscover.company.X DNS records (internal and external if you have split DNS) and procure the new SSL certificates.  After that is done and they are applied to the CAS, the final step is to point your OWA traffic from the firewall to the CAS server.  It should now act as a proxy between your old Exchange FE/BE config and the new Exchange CAS/MBX config.  All OWA logins hit the CAS first.  If the CAS server determines the person's mailbox is still on the the 2003 BE server it points them to the OWA 2003 on the FE server.  If it determines the person has a mailbox on the 2010 MBX server it responds with the OWA 2010 pages.

Regarding the permissons, most of that is done by adding users to groups.  I think the user you install as is added to the new groups.  I've done quite a bit of reading and I haven't seen anything about needing to change permissions.  Now if you are using a new service account for Exchange 2010 compared to what you used for 2003 that could be a different story.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
This video discusses moving either the default database or any database to a new volume.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now