stevenvanheerden
asked on
Exchange Certificate and IIS Problems
hi there
i hope someone can urgently help me.
i'm looking after an sbs 2008 with exchange. everything was working up until two days ago and i cant fiigure out what the problem might be. i just know it has something to do with IIS and the security certificate.
the reason why i'm saying this is that even if i'm on the server and i go to IE and type https://127.0.0.1 it brings up the security certificate warning. one can then click on continue (not reccommended) but then nothing happens. normally you can also type in https://127.0.0.1/owa and the exchange web app will open so view mail via internet explorer but even that doesnt work.
this is causing a huge problem for people working outside the lan that connects to the exchange via http and all the people whos blackberries cant connect anymore.
please help if you can
thank you
i hope someone can urgently help me.
i'm looking after an sbs 2008 with exchange. everything was working up until two days ago and i cant fiigure out what the problem might be. i just know it has something to do with IIS and the security certificate.
the reason why i'm saying this is that even if i'm on the server and i go to IE and type https://127.0.0.1 it brings up the security certificate warning. one can then click on continue (not reccommended) but then nothing happens. normally you can also type in https://127.0.0.1/owa and the exchange web app will open so view mail via internet explorer but even that doesnt work.
this is causing a huge problem for people working outside the lan that connects to the exchange via http and all the people whos blackberries cant connect anymore.
please help if you can
thank you
Have you checked whether your exchange certificate expired? IIS manager>>Select OWA virtual directory>>Properties>>Dir
Is outlook working fine?
Is outlook working fine?
ASKER
The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.
Context: Application 'Search', Catalog 'index file on the search server Search'
--------------------------
An error has occurred. The problem may resolve itself. The service will retry the operation in 15 minutes. Message:
Unable to create Internet Information Services (IIS) directory entry. Error message is: Server execution failed
. HResult = -2146959355.
--------------------------
The start address <sts3s://devvalhot.dyndns.
Context: Application 'Search index file on the search server', Catalog 'Search'
Details:
Error in the Site Data Web Service. (0x80042616)
--------------------------
these are 3 of the application logs that i can see that look like it indicates errors
Context: Application 'Search', Catalog 'index file on the search server Search'
--------------------------
An error has occurred. The problem may resolve itself. The service will retry the operation in 15 minutes. Message:
Unable to create Internet Information Services (IIS) directory entry. Error message is: Server execution failed
. HResult = -2146959355.
--------------------------
The start address <sts3s://devvalhot.dyndns.
Context: Application 'Search index file on the search server', Catalog 'Search'
Details:
Error in the Site Data Web Service. (0x80042616)
--------------------------
these are 3 of the application logs that i can see that look like it indicates errors
ASKER
Attempting stop...
Internet services successfully stopped
Attempting start...
Restart attempt failed.
The IIS Admin Service or the World Wide Web Publishing Service, or a service dep
endent on them failed to start. The service, or dependent services, may had an
error during its startup or may be disabled.
this is what happens when i run iisreset
Internet services successfully stopped
Attempting start...
Restart attempt failed.
The IIS Admin Service or the World Wide Web Publishing Service, or a service dep
endent on them failed to start. The service, or dependent services, may had an
error during its startup or may be disabled.
this is what happens when i run iisreset
ASKER
hi
i have checked if the any of the certificates have expired, but it all seems to be fine.
the earliest one will expire June next year.
i have checked if the any of the certificates have expired, but it all seems to be fine.
the earliest one will expire June next year.
That's what I was expecting. The problem comes from IIS or any service related with it.
Have you modified Sharepoint configuration recently ? Wsus ?
You will see some red 'service control manager' events in eventlogs. There will also be the reason why W3SVC doesnt start. You want to check if a specific dependant service that can not start.
Have you renamed the server / changed admin password during these 2 days ?
Anything else RED in APPLICATIONS logs that appeared 2 days ago ?
Have you modified Sharepoint configuration recently ? Wsus ?
You will see some red 'service control manager' events in eventlogs. There will also be the reason why W3SVC doesnt start. You want to check if a specific dependant service that can not start.
Have you renamed the server / changed admin password during these 2 days ?
Anything else RED in APPLICATIONS logs that appeared 2 days ago ?
ASKER
An error has occurred. The problem may resolve itself. The service will retry the operation in 15 minutes. Message:
Unable to create Internet Information Services (IIS) directory entry. Error message is: Server execution failed
. HResult = -2146959355.
--------------------------
Process MSExchangeFDS.exe (PID=5752). Failed to read property Path from metabase object IIS://DEVONSRV.devonvalley
these are the 1st two i see...
Unable to create Internet Information Services (IIS) directory entry. Error message is: Server execution failed
. HResult = -2146959355.
--------------------------
Process MSExchangeFDS.exe (PID=5752). Failed to read property Path from metabase object IIS://DEVONSRV.devonvalley
these are the 1st two i see...
ASKER
i havent changed any passwords or the server name...
ASKER
also getting this one, it refers to asp.net
Machine name: DEVONSRV
Process information:
Process ID: 9272
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: COMException
Exception message: Access is denied.
Request information:
Request URL: https://devvalhot.dyndns.org:987/_vti_bin/sitedata.asmx
Request path: /_vti_bin/sitedata.asmx
User host address: 192.168.10.2
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 3
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at System.DirectoryServices.D
at System.DirectoryServices.D
at System.DirectoryServices.D
at System.DirectoryServices.D
at System.DirectoryServices.D
at Microsoft.SharePoint.Appli
at System.Web.HttpApplication
at System.Web.HttpApplication
at System.Web.HttpApplication
at System.Web.HttpApplication
at System.Web.HttpRuntime.Pro
Custom event details:
Machine name: DEVONSRV
Process information:
Process ID: 9272
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: COMException
Exception message: Access is denied.
Request information:
Request URL: https://devvalhot.dyndns.org:987/_vti_bin/sitedata.asmx
Request path: /_vti_bin/sitedata.asmx
User host address: 192.168.10.2
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 3
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at System.DirectoryServices.D
at System.DirectoryServices.D
at System.DirectoryServices.D
at System.DirectoryServices.D
at System.DirectoryServices.D
at Microsoft.SharePoint.Appli
at System.Web.HttpApplication
at System.Web.HttpApplication
at System.Web.HttpApplication
at System.Web.HttpApplication
at System.Web.HttpRuntime.Pro
Custom event details:
There are several points to check, but I won't be able to help you with anything related to SharePoint.
Let's stop a second on this error:
Process MSExchangeFDS.exe (PID=5752). Failed to read property Path from metabase object IIS://DEVONSRV.devonvalley
Apparently your OAB virtual directory has been changed or renamed or damaged or the data in Metabase are incorrect. File distribution service fails.
http://technet.microsoft.com/en-us/library/ff360326(EXCHG.140).aspx
what do these command return using exchange powershell ?
get-oabvirtualdirectory
get-owavirtualdirectory
Just in case, do you have a vaild recent system backup ?
Let's stop a second on this error:
Process MSExchangeFDS.exe (PID=5752). Failed to read property Path from metabase object IIS://DEVONSRV.devonvalley
Apparently your OAB virtual directory has been changed or renamed or damaged or the data in Metabase are incorrect. File distribution service fails.
http://technet.microsoft.com/en-us/library/ff360326(EXCHG.140).aspx
what do these command return using exchange powershell ?
get-oabvirtualdirectory
get-owavirtualdirectory
Just in case, do you have a vaild recent system backup ?
ASKER
hi. ok when i run the first command i get this error:
Get-OabVirtualDirectory : Unable to create Internet Information Services (IIS)
directory entry. Error message is: Server execution failed
. HResult = -2146959355.
At line:1 char:23
+ get-oabvirtualdirectory <<<<
and when i do the second one:
Get-OwaVirtualDirectory : Unable to create Internet Information Services (IIS)
directory entry. Error message is: Server execution failed
. HResult = -2146959355.
At line:1 char:23
+ get-owavirtualdirectory <<<<
Get-OabVirtualDirectory : Unable to create Internet Information Services (IIS)
directory entry. Error message is: Server execution failed
. HResult = -2146959355.
At line:1 char:23
+ get-oabvirtualdirectory <<<<
and when i do the second one:
Get-OwaVirtualDirectory : Unable to create Internet Information Services (IIS)
directory entry. Error message is: Server execution failed
. HResult = -2146959355.
At line:1 char:23
+ get-owavirtualdirectory <<<<
ASKER
ok, i have run the windows server backup wizard, to restore applications to a week ago.
it restored (Exchange and Windows Sharepoint services)
didnt help, still having the same problem
it restored (Exchange and Windows Sharepoint services)
didnt help, still having the same problem
Hello, sorry about the delay, it was night time and bed called me!
I wasnt talking about restoring Exchange or Sharepoint but only IIS Metabase.
Check if you have a valid backup of %systemroot%\inetsrv. (Do not restore yet !!)
Also check if you have history of modifications made do database in C:\Windows\System32\inetsr
If you dont have any backup of this directory, do one now
Then you will want to get the most recent versions of Metabase.XML AND MBSchema.xml in C:\WINDOWS\system32\inetsr
That wil rollback IIS configuration in a working state.
Waiting for your comments
I wasnt talking about restoring Exchange or Sharepoint but only IIS Metabase.
Check if you have a valid backup of %systemroot%\inetsrv. (Do not restore yet !!)
Also check if you have history of modifications made do database in C:\Windows\System32\inetsr
If you dont have any backup of this directory, do one now
Then you will want to get the most recent versions of Metabase.XML AND MBSchema.xml in C:\WINDOWS\system32\inetsr
That wil rollback IIS configuration in a working state.
Waiting for your comments
If you dont have any backup of this directory, do one now
Then you will want to get the most recent versions of Metabase.XML AND MBSchema.xml in C:\WINDOWS\system32\inetsrv\History them Metabase.xml and MBSchema.xml, and then copy/paste them into the C:\WINDOWS\system32\inetsr v
I know this grammatically means nothing, I moved the words and forgot to erase them in the sentence !
Correct sentence :
Then you will want to get the most recent versions of Metabase.XML AND MBSchema.xml in C:\WINDOWS\system32\inetsr
ASKER
hi Gerald
no worries - we get little sleep anyway our IT guys.
thanks for your help so far.
i went to check if i can find a directory in the system root called Inetsrv but there is nothing.
i went into Windows\system32\inetsrv\h
i do run a windows server backup which obviously backs up everything on the server and can be dated back as much as 66 days currently.
i'm not sure why i dont have a c:\inetsrv directory? i have changed the view so that we can see all system and hidden files and directories.
??
no worries - we get little sleep anyway our IT guys.
thanks for your help so far.
i went to check if i can find a directory in the system root called Inetsrv but there is nothing.
i went into Windows\system32\inetsrv\h
i do run a windows server backup which obviously backs up everything on the server and can be dated back as much as 66 days currently.
i'm not sure why i dont have a c:\inetsrv directory? i have changed the view so that we can see all system and hidden files and directories.
??
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ok, will give it a shot now...
thank you
thank you
ASKER
Gerald
great stuff! thanks so much - seems like i can access outlook via the web again.
my client will test and get back to me....really hope it stays fine now.
great stuff! thanks so much - seems like i can access outlook via the web again.
my client will test and get back to me....really hope it stays fine now.
Makes me happy to see you happy !
Try https://<netbios name> or https://<local FQDN> and warning should not appear
The problem you're facing looks like a misconfigured or messy IIS server. First try to reset IIS (cmd /IISRESET) then check the eventlogs (eventvwr) for warnings and error in applications logs.
you can turn on expert logs using this powershell command:
get-eventloglevel | set-eventloglevel -level expert
and back on standard logging with :
get-eventloglevel | set-eventloglevel -level lowest
Tell us more about the errors that appear in event logs