OWA not functioning on new server

Posted on 2011-02-25
Last Modified: 2012-05-11
I am using Exchange 2003 in Windows 2003 Server standard with a Cisco PIX firewall.

I am migrating Exchange 2003 servers.  I believe I have cloned the setup from the old server to the new one.  I have moved all the mailboxes, and I have the internal Outlook clients and external Pop3/SMTP clients sending and receiving email.  

However I cannot get OWA to work.  If I go the from an external computer, I get the IIS under construction message, which make me believe that the port forwarding is correct.  But if I go to I get "Internet explorer cannot display the webpage".  Sometimes when I first type the complete URL is asks me to authenicate before giving me the "Internet explorer cannot display the webpage" error message.

If I use OWA on an internal client with either the internal IP address or internal FQDN, OWA works, but with a certificate error because the servernames do not match, but it has all functionality and can send and receive email.

This makes me think that the clients from outside the building and not being authenicated correctly.

RPC over HTTP seems to be working, which makes me think all the port forwarding is correct and it is an authenication problem.

Any ideas on what I should check.  The client is wanting his email working.

Thanks Jeff
Question by:dabassguy1
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 2
LVL 74

Expert Comment

by:Glen Knight
ID: 34986066
Have you redirected port 443 to the new servers IP instead of the old one?

From the server itself if you browse to https://localhost/exchange what do you get?

Have you moved all the mailboxes?

Author Comment

ID: 34986124
Thank you for your quck response.

I have redirected the port to the new server instead of the old one.

I have moved all the mailboxes.

I have been working on this by RDP and that server just quit accepting my RDP client, so I cannot try the localhost exchange thing til I go in in the morning it looks like.  Its working as the exchange server, and I can access it with a remote computer management to look at the event logs, but it will not accept my RDP session.

Guess I have to shelve this until tommorrow.


Author Comment

ID: 34988827
There was a NIC card driver issue that caused the lack of RDP, which has been fixed.  

But this situation is the same,

I get the same thing when I browse to https://localhost/exchange.  It comes up and gives  me a certificate error and then I get the "Internet explorer cannot display the webpage" message.

Since Rpc Over Http is working that means the SSL stuff has to be working as well.

When I take a browser to the external interface for the first time, it gives me the OWA login, and after entering valid login information the "cannot display the webpage" message comes up.  Any attempts to access the OWA server on again in that session immediately get the "cannot display" message.

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

LVL 74

Expert Comment

by:Glen Knight
ID: 34989318
Do you have multiple NIC's? If so then this is not a supported configuration and you will need to bind the IIS services to a single IP which is also unsupported.

Author Comment

ID: 34989436
There are two NICs in the machine, but one is disabled.

Is IIS binding still required?  How does one do that?


Author Comment

ID: 34992462
More info.

I have perused the IIS logs and found that the logins are failing (401) in the logs for the OWA logins that come from outside the buidling.

The sucessful OWA logins that come from inside start with an unsucessfull logim (401) with a re-direct (302) another failure (401) and then a success.  Both the re-direct (302) and the successful login (200) have the DOMAIN\USer in the log line and the failures do not.

Any suggestions?

Author Comment

ID: 34992922
If I enable FBA on the exchange server, and login in with DOMAIN/USER, OWA works.  We can't use FBA cause of the outlook mobile stuff, but I thought I would try.

When turning off FBA and re-booting, we are back to OWA not working.  

The mobile stuff never works.

Accepted Solution

dabassguy1 earned 0 total points
ID: 35000142
Comparing the IIS metabase between the old server and the new server the AuthFlag parameter was 6 on the new server and 2 on the old.  A change of AuthFlags and now OWA is working like a champ.

The active sync stuff is a different matter tho, but this was a OWA Question

Author Closing Comment

ID: 35042636
Decided to go poking around in Metabase explorer due to lack of responses and stumbled on the parameter that made it work.

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
In-place Upgrading Dirsync to Azure AD Connect
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question