Solved

Exchange 2010 Migration, OWA 2003 reporting 503 error

Posted on 2010-09-23
6
865 Views
Last Modified: 2012-05-10
Hello-

I have started my Exchange 2010 install.  Been researching this for months but I've obviously missed something as OWA and Activesync were dead this AM.  Last night I installed the CAS server.  That is the only role I currently have installed.  I have not modified any SSL certs, or DNS records, or firewall rules.  Existing Exchange 2003 BE and FE remain untouched.  But login to 2003 OWA results in HTTP/1.1 503 Service Unavailable.  I was under the impression that until I applied the new certificate and modified DNS this would not be an issue.  HELP!!!
0
Comment
Question by:dfollis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
6 Comments
 
LVL 6

Accepted Solution

by:
Nagarajb earned 500 total points
ID: 33746934
0
 

Author Comment

by:dfollis
ID: 33747391
Nagarajb-

Thanks for this.  I'm reading but I think I might be confused as I have a split DNS sturcture.  Our interal DNS is company.local.  Of course external is company.com.  Current structure is this:

webmail.company.com --> exchangeFE.company.local
mail.company.com --> exchangeBE.company.local

After the CAS install; I have not installed the HT or MB Exchange 2010 servers yet (no EDGE will be used), I now have the following DNS records setup:

webmail.company.com --> exchangeFE.company.local
mail.company.com --> exchangeBE.company.local
legacy.company.local --> exchangeFE.company.local
autodiscover.company.local --> exchangeCAS.company.local

I have not modified any of my external DNS records yet.  I simply need to get OWA working.  I'm not able to access OWA 2003 or OWA 2010 via external or internal hostnames.  Nor by localhost via the console of those systems.  Something in IIS is broken or has been changed.  When you install the CAS role does it modify something on the ExchangeFE box?  Nothing I have read indicated this.
0
 

Author Comment

by:dfollis
ID: 33749249
So I went ahead and called PSS.  We have SA so no cost.  I feel like a complete idiot.  For some reason the IIS service on the BE Exchange server had stopped.  Still not sure what caused this, but starting it up again fixed it of course.  Moral of this story is always check the simple things first.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Closing Comment

by:dfollis
ID: 33749260
Not directly related to my problem but still good information.
0
 
LVL 26

Expert Comment

by:e_aravind
ID: 33751399
When you install the CAS role does it modify something on the ExchangeFE box?  

When we are adding E2010 CAS server on the setup
We should get the few other AD-Groups (atleast 5 groups) added for some permission on the E2k3 servers/stores...so the CAS code can access the mailboxes without any issues


0
 

Author Comment

by:dfollis
ID: 33754531
e_aravind-

I don't think the CAS server modifies anything on the FE.  From what I understand, after you install the CAS, you have to setup the legacy.company.X and autodiscover.company.X DNS records (internal and external if you have split DNS) and procure the new SSL certificates.  After that is done and they are applied to the CAS, the final step is to point your OWA traffic from the firewall to the CAS server.  It should now act as a proxy between your old Exchange FE/BE config and the new Exchange CAS/MBX config.  All OWA logins hit the CAS first.  If the CAS server determines the person's mailbox is still on the the 2003 BE server it points them to the OWA 2003 on the FE server.  If it determines the person has a mailbox on the 2010 MBX server it responds with the OWA 2010 pages.

Regarding the permissons, most of that is done by adding users to groups.  I think the user you install as is added to the new groups.  I've done quite a bit of reading and I haven't seen anything about needing to change permissions.  Now if you are using a new service account for Exchange 2010 compared to what you used for 2003 that could be a different story.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Suggested Courses
Course of the Month7 days, 17 hours left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question