Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 268
  • Last Modified:

Exchange 2007 to 2003 owa

I have setup a new exchange 2007 environment along side a 2003 server as follows:

1 2003 server in place already

Added 2 new CAS/HT servers running server 2008 RS and Exchange server 2007 sp3 rollup 5.
2 mailbox servers in a CCR setup running the same version of Exchange 2007.

I have migrated my account from 2003 to 2007 for testing and everything works perfect.  If I want to access my account using outlook, phone or owa it works fine. However, the problem is access for users still on the 2003 server.  If I browse to https://ex2007.domain.com/exchange I log in with one of those accounts and then I only see red x's in boxes where all of the buttons should be.  The message list does not display.  I have removed the CAS role and IIS from both servers rebooted and then installed IIS and CAS again.  I have deleted and recreated the virtual directories.  If I connect directly to the 2003 server owa site those users work fine.  Any help is greatly appreciated.
0
lmtechs
Asked:
lmtechs
  • 8
  • 6
1 Solution
 
.Commented:
Does it work internally i.e you only have this when you access owa remotely?
0
 
e_aravindCommented:
I only see red x's in boxes where all of the buttons should be.
==> do you see this issue for all the E2k3 mailboxes via E2k7 CAS URL?

Can you try accessing the same OWA from another computer\browser...still same issue?

How is the OWA Experience for the E2k7 users? Is that good?


0
 
lmtechsAuthor Commented:
It is the same both internally and externally.

I do see this issue for all E2k3 mailboxes via E2k7 CAS URL.  For the E2k7 users everything works perfectly.  
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
e_aravindCommented:
Can you please check @ the IIS logs on the CAS server

By any-chance do we see any errors other than the 200? (at the end of the each-n-every lines)

Note:
Concentrate @ the image file access on the CAS servers


Reference:
=======
The HTTP status codes in IIS 7.0 and IIS 7.5
http://support.microsoft.com/kb/943891
0
 
lmtechsAuthor Commented:
Ok.  I looked in the logs and when I try to log into a user account that is still on the 2003 mailbox using the url: https://exchange07.domain.com/exchange I get a status code of 403 with a substatus of 0.  All other access methods have a status code of 200.
0
 
e_aravindCommented:
Ok, so when you access e2k3 directly, are you using the http or https?
> If you are having the E2k3, IIS to have just http...then the CAS might be trying to access the E2k3 MBX using https..which could be the issue

> Check if you are having the correct\valid cert. @ the E2k3 IIS

Note:
403 is just a forbidden
any clue for the sub-status in other locations


0
 
lmtechsAuthor Commented:
The next field in the log which is supposed to be substatus is 0.  We have both the 2003 and 2007 set to require SSL, however, I was starting to think it may be something with the relay that it does not ssl.  The cert on the both 2003 and 2007 are valid and work fine if you hit the boxes directly.
0
 
lmtechsAuthor Commented:
Just being curious I looked in the logs on the 2003 box.  The entries when I try to access an account on that server are 403.4 which are SSL Required.  So apparently the proxy process between 2007 and 2003 is not using SSL yet until we take the 2003 box off the public access we have to have this enabled.

I am trying to find an article that i read indicating the /exchange and /Microsoft-Activesync-Server directories on the 2003 box must have integrated windows authentication enabled.  I have done that but nothing has changed.  Not sure if I need to restart any services for this change to take full affect of not.
0
 
e_aravindCommented:
Normally for the HTTP communication, we dont have any relay which stops\removes the SSL.

What is the application which is relaying the HTTP traffic between the E2k7 and E2k3 servers

Work-around:
Try by=passing that device to get the correct behaviour.
0
 
lmtechsAuthor Commented:
The exchange 2007 server is relaying the traffic between itself and the E2k3 server.  This is a function of the CAS server.  I do not have anything that I can bypass.  
0
 
e_aravindCommented:
http://blogs.technet.com/b/exchange/archive/2007/02/07/3399727.aspx

Do you want to refer the above URL
(which example closely resembles your setup?)
0
 
lmtechsAuthor Commented:
On that URL example #3 is the one closest to my setup.
0
 
e_aravindCommented:
getting out of the crux.
https://cas-server/public --> is that working fine?

Want to check the settings @ the MBX server?
http://blogs.technet.com/b/exchange/archive/2008/02/01/3404755.aspx

Check @ the settings on the MBX servers too
0
 
lmtechsAuthor Commented:
Had to disable SSL required on the Exchange 2003 server virtual directory ExchWeb and things started working just fine.
0
 
lmtechsAuthor Commented:
Tried every suggestion that was made to no help.  This solution fixed the problem for me.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now