?
Solved

OWA and Global Catalogue Server

Posted on 2011-10-26
9
Medium Priority
?
577 Views
Last Modified: 2012-05-12
Hi,

Is it possible to change the server that an OWA server talks to for its Global Catalogue services?  We were in the process of mirgrating from 2000 DC to 2003 DC so moved the Global Catalogue Database to the new 2003 DC when doing this OWA stopped authenticating it's users.  It turns out that our OWA which is in the DMZ has a firewall rule in place to allow it to talk directly to the old Global Catalogue server so now we have put the rule in the firewall to allow it to talk to the new global catalogue server how can I tell OWA to use the new server and not continue to use the old one?

Any help most welcome :)
0
Comment
Question by:Jamie786
  • 5
  • 4
9 Comments
 
LVL 21

Expert Comment

by:snusgubben
ID: 37033629
Is it Exchange 2003?

Verify that the new DC is listed on the RUS.

http://support.microsoft.com/kb/319065

See Step 5 under: How to Configure the Default Recipient Update Service Instances
0
 

Author Comment

by:Jamie786
ID: 37036274
The Exchange server which is inside the LAN and not in DMZ works fine, the problem lies with the OWA server which was joined to the domain when first built but now lives in the DMZ were it has not Domain access so I think the problem lies with the OWA server still using the Global Catalogue server that it was first setup with when it was joined to the domain.  Because that server was no longer the Global Catalogue server it stopped working as soon as I changed it back it started working again.

So is there a way to change the Global Catalogue server address on a Windows 2003 server running OWA only?
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 37036377
Can you verify that the DMZ OWA server can reach the new DC on TCP 3268?

cmd -> telnet FQDN_New_GC 3268

(the cmd window should turn all black).

I assume both DCs are GCs. Verify:

Open Exchange System Manager
> Administrative Groups
> First Administrative Group
> Servers
> Right click the OWA DMZ server -> Properties -> Directory Access tab

Are both DCs listed as Type = GC?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:Jamie786
ID: 37037045
Yes they can telnet to the GC on 3268 but it seems to only talk to the old GC as the rule on the firewall for port 3268 pointing to the new GC has zero hits on it..
0
 

Author Comment

by:Jamie786
ID: 37037047
the old GC which I disabled is now back on line and acting as a GC and OWA is back up and working but I take it I dont have to move the OWA server back into the LAN and rejoing it to the domain so it picks up the new GC do i?
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 37037059
There is no need to move it to the LAN, but you'll have to make sure the OWA server can connect to the new DC/GC.

You should also make both DCs a GC.
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 37037071
Did you verify the other steps in http:#37036377 ?
0
 

Accepted Solution

by:
Jamie786 earned 0 total points
ID: 37037096
Yes I did all the DC's that should be listed are there.

I think the problem lies with the fact that the OWA server in the DMZ can't get AD updates as I can't login to the OWA server as an AD user because it's in the DMZ so is it possible to manually tell the OWA server to go to the new server to get the GC information?
0
 

Author Closing Comment

by:Jamie786
ID: 37643551
resolved
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question