[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

OWA Exchange 2010 redirection to Exchange 2007 is not working

Posted on 2011-10-21
25
Medium Priority
?
1,384 Views
Last Modified: 2012-05-12
Hi,

I have added new exchange 2010 to my exchange 2007 organization. OWA for e2k10 is working ok. I run the command  "Set-OWAVirtualDirectory SERVER1\OWA* -Exchange2003URL https://legacy.domain.com/exchange and the legacy entry resolve the Exchange 2007 OWA web page but the automatic redirection is not working after I login using e2k07 mailbox from OWA 2010 form I received the warnig "outlook web app is not available if the problem continue please contact your helpdek". The command is suppose to work for exchange 2007 too but it is not working for me.

Any ideas about the issue with the redirection. I want to enable the redirection because we are no going to move all the mailbox inmediatelly.

Thanks,
Libet
0
Comment
Question by:CGNET-TE
  • 14
  • 11
25 Comments
 

Author Comment

by:CGNET-TE
ID: 37008878
I forgot to mention that exchange 2007 and new exchange 2010 are in the same domain but in different AD sites. I just found the event error below. I am thinking that maybe it is becuase I have the server in two different sites :( . Still checking any information will be apreciatte.

Additional information I am receiving the event below:

og Name:      Application
Source:        MSExchange OWA
Date:          10/21/2011 12:50:22 PM
Event ID:      41
Task Category: Proxy
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      SVSERVER.domainxx.com
Description:
The Client Access server "http://mail.domain/owa" attempted to proxy Outlook Web App traffic for mailbox "/o=Fserver/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=testadmin". This failed because no Client Access server with an Outlook Web App virtual directory configured for Kerberos authentication could be found in the Active Directory site of the mailbox. The simplest way to configure an Outlook Web App virtual directory for Kerberos authentication is to set it to use Integrated Windows authentication by using the Set-OwaVirtualDirectory cmdlet in the Exchange Management Shell, or by using the Exchange Management Console. If you already have a Client Access server deployed in the target Active Directory site with an Outlook Web App virtual directory configured for Kerberos authentication, the proxying Client Access server may not be finding that target Client Access server because it does not have an internalUrl parameter configured. You can configure the internalUrl parameter for the Outlook Web App virtual directory on the Client Access server in the target Active Directory site by using the Set-OwaVirtualDirectory cmdlet.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchange OWA" />
    <EventID Qualifiers="49152">41</EventID>
    <Level>2</Level>
    <Task>6</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-10-21T19:50:22.000000000Z" />
    <EventRecordID>12258</EventRecordID>
    <Channel>Application</Channel>
    <Computer>SVSERVER.domainxx.com</Computer>
    <Security />
  </System>
  <EventData>
    <Data>http://mail.domain.com/owa</Data>
    <Data>/o=FGI/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=testadmin</Data>
  </EventData>
</Event>
0
 
LVL 49

Expert Comment

by:Akhater
ID: 37008977
0
 

Author Comment

by:CGNET-TE
ID: 37009256
Thanks Akhater for reply my question. The external URL for the E2k07 OWA  is set so I copied highest-versioned folder from the OWA 2007 to OWA 2010 and reset the IIS and now I received this message error after I tried the login " A server configuration change is temporarily preventing access to your account. Please coles all internet Explorer windows and try again. If the problem continues, contact your helpdeks"  Any other suggestion will be appreciated :)
Thanks,
Liliana


0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 49

Expert Comment

by:Akhater
ID: 37009266
if the external url of ex2k7 is set then there is no proxying but a redirection.

what is the external url of 2k10 set to ? and the one of 2k7 ?
0
 

Author Comment

by:CGNET-TE
ID: 37009336
Both of them are the same. I mean I have the current external URL OWA http://mail.domain.com/owa and I create the legacy name for the transition with the name: legacy.domain.com
currently the exchange 2010 for OWA( default web site) at EMC exchange server configuration-> client access is this https://mail.domain.com/owa and the same  has the external url at exchange 2007.

Thanks
0
 
LVL 49

Expert Comment

by:Akhater
ID: 37009345
well this is the problem you can't have both pointing to the same or you will ending up in a loop they have to be different.

Did you read part 2 of my article ?  

is the site where the 2007 is internet facing ?
0
 

Author Comment

by:CGNET-TE
ID: 37009370
Yes I have done the redirection for environment with Exchange 2010 and 2003 several times and I prefer the proxy option :
"That 2007 CAS doesn't have the ExternalURL parameter set, then the 2010 CAS will proxy the request to the Exchange 2007 CAS in the other site.

So I removed the external URL from the exchange 2007 since it was like that initially and saved the changes but still the same error message without e2k07 with the external url :(
0
 
LVL 49

Expert Comment

by:Akhater
ID: 37009382
if you want the proxy you need

1. to remove the external url from the 2007 server (you said you did it right)
2. copy the files from the 2007 CAS server to the 2010 cas server(you also said you did that right)
3. on the 2007 you need to set the authentication to be integrated authentication on not form based
0
 

Author Comment

by:CGNET-TE
ID: 37009391
If I run  this on the current exchange 2010 "Set-OwaVirtualDirectory "owa (default Web site)" -RedirectToOptimalOWAServer:$false" Do you think it does not affect the current Exchange 2007 OWA access. We are not moving yet the mailboxes we are still in the process currently I only have one e2k10 test mailbox and testing all that we can before to change to e2k10. Also using host local test file for the testing
0
 
LVL 49

Expert Comment

by:Akhater
ID: 37009396
RedirectToOptimalOWAServer is only used if the externalURL is set, if there is no external URL then proxying is used

did you change the owa authentication to integrated authentication ?
0
 

Author Comment

by:CGNET-TE
ID: 37009420
No I can not change it :( since currently all the mailboxes in production are in exchange 2007 yet I only has one for testing and we do not want affect the users . So I think I will need to run the command.

Just curious after I removed the external URL in the 2007 the error change to the initial again."outlook web app is not available if the problem continue please contact your helpdek"

So do you think adding back the externail url to the OWA e2k07 and running the command "Set-OwaVirtualDirectory "owa (default Web site)" -RedirectToOptimalOWAServer:$false" at the exchange 2010 server does not affect the current OWA 2007.

Thanks
0
 
LVL 49

Expert Comment

by:Akhater
ID: 37009426
no matter what you do proxyng will not work unless you have integrated authentication enabled
0
 

Author Comment

by:CGNET-TE
ID: 37009476
Ohh so It mean that the automatic proxy only will work if I have the the authentication enabled? :(
So If I can not change it the only option that I have is set the OWA External URL at exchange 2007 but with something different. If I add https:\\legacy.domain.com/exchange to the external URL at exchange 2007 do you think it could affect the OWA 2007 users access in production .

Thanks so much
0
 
LVL 49

Expert Comment

by:Akhater
ID: 37009497
>Ohh so It mean that the automatic proxy only will work if I have the the authentication enabled? :(<
Yes !

>So If I can not change it the only option that I have is set the OWA External URL at exchange 2007 but with something different.<
That's true your only other option is to change the external URL of 2007 to something different and reachable from outside and set on 2010 RedirectToOptimalOWAServer to $true

> If I add https:\\legacy.domain.com/exchange to the external URL at exchange 2007 do you think it could affect the OWA 2007 users access in production<

No it will not affect 2007 users in any way but it should be something like https://legacy.domain.com/owa and not /exchange

Just pay attention to the current url used (i guess it is mail.domain.com right?) if you change the ip in external DNS to point to 2010 then it would affect all users obviously
0
 

Author Comment

by:CGNET-TE
ID: 37009528
ohh yes it is /exchange. My plan is the current production OWA URL http://mail.domain.com pointing now to Exchange 2007 wll point to the E2k2010 and legacy.domain,com will point to the E2k07 so the idea is similar to e2k10/e2k03  all the users will connect to the e2k10 Form but it will be redirect or with the link to connect to exchange 2007
0
 
LVL 49

Expert Comment

by:Akhater
ID: 37009537
This would work for sure but the external url of 2007 should be /owa and not /exchange
0
 

Author Comment

by:CGNET-TE
ID: 37009545
ohh yes it was typ error :) thanks so much for all your help I will try all the changes the weekend or Monday and let you know thanks again and have a great weekend
0
 

Author Comment

by:CGNET-TE
ID: 37018716
Hi Akhater,

I using the external OWA URL at exchange 2007 as https:\\legacy.domain.com/owa and already has copied the e2k07 OWA files to E2k10 Owa server.

I tested but still receiving the error" Outlook Web App isn't available. If the problem continues, please contact your helpdesk"

Any suggestion will be appreciated?

Thanks,

0
 
LVL 49

Expert Comment

by:Akhater
ID: 37018968
If the externalURL of 2007 is set to https://legacy.domain.com/owa then there is no need to copy the owa files since proxying will not work but redirection

is RedirectToOptimalOWAServer set to $true?
0
 

Author Comment

by:CGNET-TE
ID: 37018999
Hi Akhater,

I have added it since the first time when I tried the option without set the external URL . I think it does not hurt to have the file there but I will remove it just in case.
the current external url at e2k07 is https://legacy.domain.com/exchange

No It is false. I will change it now and let you know.

Thanks
0
 
LVL 49

Accepted Solution

by:
Akhater earned 2000 total points
ID: 37019072
yes you need to change redict option to true first and, once more, the external url should be /owa and not /exchange
0
 

Author Comment

by:CGNET-TE
ID: 37019126
You are right, Thinking in e2k03 :
0
 

Author Comment

by:CGNET-TE
ID: 37019329
Thanks so much working now :)
0
 

Author Closing Comment

by:CGNET-TE
ID: 37019332
Thanks
0
 
LVL 49

Expert Comment

by:Akhater
ID: 37019375
glad i was of help
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
This video discusses moving either the default database or any database to a new volume.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question