[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Configuring Default Web site on SBS 2008

Posted on 2010-11-08
25
Medium Priority
?
899 Views
Last Modified: 2012-08-13
Our SBS 2008 Server has been running for a year now, but now I need to start making use of the default website.

IIS says the website is running, but when I try to navigate to it externally or internally, I get a gray bar with white letters saying 'Server Error' then underneath it says in red letters '403 - Forbidden: Access is denied'

How do I fix this?
0
Comment
Question by:TownTalk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 10
  • 2
  • +2
25 Comments
 
LVL 20

Expert Comment

by:woolnoir
ID: 34083251
Can you check what IP and ports the default site is bound to? and if any host headers are used. Check these against what you are trying to access when you get the error.
0
 
LVL 5

Expert Comment

by:sabk
ID: 34083261
You should try to perform troubleshooting by looking at the IIS log file for the website and the request in question. Please report the HTTP Status/SubStatus/Win32Status associated with the failing request. The IIS log file error codes typically tell you exactly what is wrong and indicates what needs to be done to resolve the issue -- no guessing or random actions required.
0
 

Author Comment

by:TownTalk
ID: 34083271
I just found something. When I look in site bindings, and click on the browse button, it gives me some more information stating that the page is secured with SSL. How do I remove this?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 20

Expert Comment

by:woolnoir
ID: 34083279
Well you can either remove the SSL setting, or you can add an additional binding for port 80 in the bindings section, so * as the IP, port 80 as the port.
0
 
LVL 3

Expert Comment

by:thetime
ID: 34083289
Are you using sharepoint services at the moment or possibly ISA server? If yes for Sharepoint, then depending on your Sharepoint sites configuration, it may be possible that Sharepoint was set up to use http port 80 which would create a need for you to specify a port, such as 81 or so, for your default website. You would then browse to http://your-server-name-or-ip:81 after IIS is configured to use port 81.

If you are using ISA server make sure you are not blocking access to the default website.

Lastly, have you tried connecting to the IIS site from the sbs server using 'http://localhost' ?
0
 
LVL 11

Expert Comment

by:Snibborg
ID: 34083298
Go into the IIS directory on the C drive and check the permissions for the web site you are trying to access.  Should be set to "domain users" initially, you can then tighten the permissions as required.  If you have not yet uploaded any content to it you should get "under construction" as the default.

First thing is to get it working internally.  Once that is done, tighten up your access before unleashing it on the net.  To access from the net you will need a route setting on the firewall to pipe the traffic and a port opening on the firewall to access port 80 and / or 8080 to allow web and secure web access.

Snibborg
0
 

Author Comment

by:TownTalk
ID: 34083403
In the bindings there is  an http entry for the external address. I also added an http entry for the server name. Both these entries are on port 80. There are no https entries there.

I've never used sharepoint on this server. It may be running, but i've never looked at it. I am not using ISA server. This server has a single network card and is on our internal network where there is also the router to the outside world.

from the server console, http://locahost gives me "The web page cannot be found"

To make sure it's not a file level security issue, i've given the Everyone Group permission to read the folder

Heres a section from the IIS logs. Our server is called saphire. So when I try to access http://saphire/iisstart.htm, this is what is logged when I get the 403 error

#Date: 2010-11-08 11:36:51
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken
2010-11-08 11:36:51 192.168.16.2 GET / - 80 - 192.168.16.51 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) 403 4 5 139
2010-11-08 11:36:53 192.168.16.2 GET / - 80 - 192.168.16.51 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) 403 4 5 183
2010-11-08 11:38:29 192.168.16.2 GET /iisstart.htm - 80 - 192.168.16.51 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) 403 4 5 181
2010-11-08 11:39:53 fe80::291d:3640:fa0c:47fc%11 GET /selfupdate/iuident.cab - 80 - fe80::291d:3640:fa0c:47fc%11 - 200 0 0 18
2010-11-08 11:43:52 192.168.16.2 GET /iisstart.htm - 80 - 192.168.16.51 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) 403 4 5 181
2010-11-08 11:43:53 192.168.16.2 GET /iisstart.htm - 80 - 192.168.16.51 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) 403 4 5 36
0
 

Author Comment

by:TownTalk
ID: 34083420
I forgot to mention also that when I changed the binding to port 81, I get 'Page cannot be found' when I tried http://saphire/iisstart.htm:81
0
 

Author Comment

by:TownTalk
ID: 34083435
Then I realised that I would have to open port 81 in the windows firewall. When I did this, I got the 403 error again
0
 
LVL 11

Expert Comment

by:Snibborg
ID: 34083530
Is the IIS service running?  try telnetting to the server from another workstation.  using the DOS prompt, type telnet <servername> 80.  Then repeat with port 8080.  This will allow you to ascertain whether either of these ports are active.  If neither of these work then you know you need to look more closely at the IIS services themselves.

Snibborg
0
 

Author Comment

by:TownTalk
ID: 34083563
As far as I know the IIS service is running because our OWA is working normally from outside the building.

When I opened a command prompt at a workstation and tried: telnet 192.168.16.2 80 (or 8080) I get an empty black window
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 34083693
Is the site actually started ? The reason i ask is that if you have OWA running on the same box its likley to have its own bindings and i want to be sure that localhost:80 or :81 isnt being directed towards the OWA site..

0
 

Author Comment

by:TownTalk
ID: 34083742
Yes all the sites are started. I just stopped the default web site and tried to access the url. After a long delay I got page not found. When I started the site I got the 403 error again. I've attached a screen dumb of the error
403-Error.jpg
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 34083780
Ok but that indicates something ... if you stopped the default website and tried accessing it, and STILL got a 403.. that indicates at another site is answering requests NOT the default one.

What other sites are on the box ?
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 34083785
Check any of the remaining sites - specifically what they are bound to, check for any which are bound to IP *, port 80 and either no, or * host headers.
0
 

Author Comment

by:TownTalk
ID: 34083820
No you misread my previous post. When I disabled the default website, there was a long pause followed by 'page not found' It was only when I restarted it I got the 403 error again
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 34083835
if you put a text file in the default site webroot can you access it from the browser i.e http://localhost/test.txt ?
0
 

Author Comment

by:TownTalk
ID: 34083934
No I still get the 403 error. Is this not an authentication issue? I've got anonymous authentication enabled. I tried enabled the other types, but without success.
0
 
LVL 20

Accepted Solution

by:
woolnoir earned 2000 total points
ID: 34084017
do you have 'allow SSL'or 'require SSL' on the default site config ?
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 34084023
And do you have anonymous authentication on ?
0
 

Author Comment

by:TownTalk
ID: 34084089
I looked inside SSL Settings. In there I can only see 'Require SSL'. it is ticked and greyed out so I cant change it. I cannot see 'Allow SSL' anywhere. At the right of the SSL Window there is an alert stating that the site does not have an https binding and cannot accept SSL connections.  But I dont want to use SSL so it is quite right that I dont have an https binding. But it does concern me that the 'Require SSL' is ticked and greyed out.
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 34084102
You might want to consider shutting down the default site and creating your own, that way you can pick the bindings and protocols which are used - in addition to the authentication method.
0
 

Author Comment

by:TownTalk
ID: 34084117
I think I fixed it...... I added an https binding. This allowed me to untick the 'Require SSL' option in the SSL window. Then I removed the https binding and now my site seems to be working.
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 34084128
good news - we got there in the end.
0
 

Author Comment

by:TownTalk
ID: 34084156
I think when the server was set up, there was an SSL binding, but there was a conflict somewhere else which was resolved by me removing the https binding. So thats how I got into this situation.

I'll accept the response which was nearest to the solution and thank everyone for their input.

Ian
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question