Solved

Windows SBS 2011 / Exchange 2010, change listening port of OWA and keep autodiscover working

Posted on 2012-03-12
6
1,601 Views
Last Modified: 2012-03-29
I have a situation where i can't get my autodiscover to work for some reason.
I have a Windows Small Business Server 2011 Standard wich contains Exchange 2010 offcourse.

I need to adjust the listening port of my OWA, because the default HTTPS port is used for a primary application.

So i found wizards and read alot about it and i have managed to change the port to 3500.

When i go to the url: https://remote.companyname.com:3500/owa everything looks great and my multidomain certificate is working and it looks great.

But for some reason when i start Outlook, Outlook pops up a message about my certificate and the first 2 checkmarks are ok, but the 3rd isn't.

When i view the certificate the name corresponding in that certificate is one i can't find in my Exchange Management Console at the certificate overview and i think this one is from the company where the first SSL certificate is from, wich i used last year.

When i do a connection test in with my outlook i receive an error 0x80004005.

Anyone who has the time and would like do the effort to help me with the last piece to get this up and running?
0
Comment
Question by:RemcoVi
  • 3
  • 3
6 Comments
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 37712216
By definition, autodiscover works by using defaults so the "auto" part can kick in. By changing your setup to a manual port, you inherently broke autodiscover.

The proper solution to your issue is to run a second application server (ALWAYS recommended) and if external access is required, have two public IPs and publish the app using a reverse proxy. This keeps your configuration clean, secure, industry standard, resolves port conflicts, and if you virtualze. Actually gives you better server utilization resulting in lower overall costs in energy and performance.

-Cliff
0
 

Author Comment

by:RemcoVi
ID: 37713489
True, but in this case i have no choice. The application stealing my HTTPS is their core application and they want to use OWA for synching with their mobile 2.

Getting an internet connection with multiple IP adresses is not possible on that location, so i have no choice.

So any idea how to get this up and running?

Other solution is Port Redirection in my router, but i don't think OWA accept it when i redirect an external port 3500 to an internal 443 port and everything will still keep working.
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 37713905
It simply cannot be done. They want two contradictory goals. They might as well asks you to make their servers run MS-DOS since there are fewer viruses for that OS, but they want all their 64-bit windows 2008 R2 programs to keep working in that DOS environment.

Sometimes the hardest job of an IT pro is telling the boss/client that they have to make a choice. If you cannot build the environment they want or they are unwilling to orovide the resources for it, then they have to choose which features and functions get dropped. That is the position you now find yourself in.

-Cliff
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:RemcoVi
ID: 37714433
I think i need to make a new question or maybe you could help me.
The only solution i have is changing the external port of my Citrix Fundamentals environment.

Is this possible?

Because then i could use this internet connection for the replies above and then i can change the port 3500 back to 443.
0
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 37717649
Last I checked  that also cannot be done. The problem lies in that many mobile apps do not allow you to define the port on the client side. Apple's implementation of ActiveSync, for example, just uses 443.

Similarly  the Citrix receiver apps on Android and Apple devices make similar assumptions.

this is a trend in mobile device computing. They are making these devices to be "consumer" friendly so geek options and lots of configuration choices that can break a setup have been stripped away.

For setups such as yours, they expect you to use multiple public IPs. I'd honestly shop around. I was able to upgrade my residential ISP account to a business account last month, kept all my speeds the same, went from one dynamic IP to 5 static IPs, and costs me $5 more per month.

As IPv6 picks up steam and broadband access becomes more prevalent, even in more rural areas of developed countries, pricing for multiple IPs has plummeted in the last year. I'd strongly encourage you to revisit that option.

-Cliff
0
 

Author Closing Comment

by:RemcoVi
ID: 37781416
I though i had replied this message, but appearantly not.

Thanks for you advice and the customer is waiting for a fiber connection wich will come standard with multiple IP adresses.

Again thanks
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
Large Outlook files lead to various unwanted errors and corruption issues. Furthermore, large outlook files can also make Outlook take longer to start-up, search, navigate, and shut-down. So, In this article, i will discuss a method to make your Out…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This video discusses moving either the default database or any database to a new volume.

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question