Solved

Exchange 2010 OWA cannot access mailboxes hosted on Exchange 2003

Posted on 2011-03-14
14
1,509 Views
Last Modified: 2012-05-11
I have a Exchange server 2003 server.  I also have a front-end Exchange 2003 server for OWA setup.

I have now installed an Exchange 2010 server.  
I ran the command in Powershell on Exchange 2010.
Set-OWAVirtualDirectory <CASHUB01>\OWA ‘
-ExternalURL https://exchange2010/OWA ‘
-Exchange2003URL https://exchange2003.domain.com/exchange 

Users hosted on Exchange 2010 can access their mailbox when going to https://exchange2010/OWA.  Users hosted on Exchange2003 cannot access their mailbox when going to https://exchange2010/OWA.  Can anyone assist?

The exchange2003.domain.com is publicly available.  The https://exchange2010 is internal only.  I am trying to access it from internally only at this stage.
0
Comment
Question by:lodgingsit
  • 5
  • 5
  • 4
14 Comments
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35130581
Do you have a separate CAS server or a single Exchange 2010 server?

If you goto https://exchange2003server/exchange does it work OK?

And if you goto https://exchange2010/exchange what happens then?
0
 
LVL 1

Author Comment

by:lodgingsit
ID: 35130617
I have a single Exchange 2010 server with all roles installed on the same server.

When I go to http://exchange2003frontendserver/exchange - and try to get into a mailbox on exchange 2010, it gives me access denied (403 - Forbidden; access denied).

When I go to https://exchange2010/exchange and try to access a mailbox on Exchange 2003 then I get the following error:
Your request couldn't be completed because no server with the correct security settings was found to handle the request. If the problem continues, contact your helpdesk.
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 35130686
The problem here is that the redirection only works when coming from outside the organization. i explain:

From inside the org:
2010 users: https://exchange2010/OWA 
2003 users: https://exchange2003frontendserver/exchange

from outside the org you need 2 outside A records. one for 2010 and the other for 2003.

then you need to have forms based enabled on 2003 front end.

and you need a correct external url configured with the external name, and the other external name configured on the 2003url

hope it helps
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 74

Expert Comment

by:Glen Knight
ID: 35130758
There is no reason why it wouldn't redirect internally if the hostnames were the same.
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 35131386
you can only set one exchange2003url.. and by design you should set it with one external hostname, such as exchange2003.domain.com

if you want this url to work internally you should have a internal split dns zone domain.com to be able to resolve the exchange2003.domain.com internally, or else he is going to forward your request outside and also you will need one A record public.
0
 
LVL 1

Author Comment

by:lodgingsit
ID: 35133138
Thanks, already using a split tunnel DNS.
0
 
LVL 1

Author Comment

by:lodgingsit
ID: 35133157
P.S>  GrreatVargas - can you explain the forms based authentication.  Does that have to be enabled on the front-end server or the back-end 2003 Exchange server?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35133198
It needs to be enabled on the Front-End Server, do you get a form to fill in when logging in to the 2003 server or a pop-up box?

If a form then you already have FBA enabled.
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 35133423
Like Demazter said, it's on the front end server that has to be enabled... for single sign-on purposes. Not beeing enabled only has double authentication issues.
0
 
LVL 1

Author Comment

by:lodgingsit
ID: 35138364
Then that's not the issue with regards to the form.  As stated above, the issue is...

When I go to https://exchange2010/exchange and try to access a mailbox on Exchange 2003 then I get the following error:
Your request couldn't be completed because no server with the correct security settings was found to handle the request. If the problem continues, contact your helpdesk.

Could I have run the powershell command incorrectly?
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 35139427
dont use  https://exchange2010/exchange  to access 2003 mailboxes. use  https://exchange2010/owa to access 2010 mailboxes and use  https://exchange2003/exchange to access 2003 mailboxes.

the exchange2003url is a redirection url. to redirect 2003 mailboxes that use 2010 cas to access to that url.. that is pointing to 2003 server.

the test you must do is access https://exchange2010/OWA with a 2003 mailbox and see if you get redirected to the exchange2003url

whats the result?
0
 
LVL 1

Author Comment

by:lodgingsit
ID: 35166856
Ok, here is the story.  I've read somewhere that there could be issues having a CAS server and a mailbox server on the same box when accessing Exchange2003.  Therefore, I have created a new Exchange server with just the CAS role on it.

It sees the main Exchange 2010 server no issues.

I ran this on the new CAS server:
[PS] C:\Windows\system32>Set-OwaVirtualDirectory https://<Servername of new CAS SERVER>/OWA -ExternalURL https://<< Public DNS NAME OF NEW CAS SERVER>/OWA -Exchange2003URL http://<Public DNS Name of Exchangbe 2003 Front-end OWA server>/exchange

I got the following errror:

The operation couldn't be performed because object '<Servername of new CAS SERVER>\https://<Servername of new CAS SERVER>/OWA' couldn't be found
on 'DC.com'.
    + CategoryInfo          : NotSpecified: (0:Int32) [Set-OwaVirtualDirectory], ManagementObjectNotFoundException
    + FullyQualifiedErrorId : 2671AFC6,Microsoft.Exchange.Management.SystemConfigurationTasks.SetOwaVirtualDirectory


Any suggestions?
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 35182051
Set-OWAVirtualDirectory <CAS2010>\OWA* -Exchange2003URL https://legacy.contoso.com/exchange 

you are not typping well next to set-owavirtualdirectory

use <CAS2010>\OWA*
0
 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 35182077
the problem is because the Exchange 2003 server is not using SSL, as far as I am aware this will not work.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
This video discusses moving either the default database or any database to a new volume.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question