Solved

Windows SBS 2011 / Exchange 2010, change listening port of OWA and keep autodiscover working

Posted on 2012-03-12
6
1,584 Views
Last Modified: 2012-03-29
I have a situation where i can't get my autodiscover to work for some reason.
I have a Windows Small Business Server 2011 Standard wich contains Exchange 2010 offcourse.

I need to adjust the listening port of my OWA, because the default HTTPS port is used for a primary application.

So i found wizards and read alot about it and i have managed to change the port to 3500.

When i go to the url: https://remote.companyname.com:3500/owa everything looks great and my multidomain certificate is working and it looks great.

But for some reason when i start Outlook, Outlook pops up a message about my certificate and the first 2 checkmarks are ok, but the 3rd isn't.

When i view the certificate the name corresponding in that certificate is one i can't find in my Exchange Management Console at the certificate overview and i think this one is from the company where the first SSL certificate is from, wich i used last year.

When i do a connection test in with my outlook i receive an error 0x80004005.

Anyone who has the time and would like do the effort to help me with the last piece to get this up and running?
0
Comment
Question by:RemcoVi
  • 3
  • 3
6 Comments
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 37712216
By definition, autodiscover works by using defaults so the "auto" part can kick in. By changing your setup to a manual port, you inherently broke autodiscover.

The proper solution to your issue is to run a second application server (ALWAYS recommended) and if external access is required, have two public IPs and publish the app using a reverse proxy. This keeps your configuration clean, secure, industry standard, resolves port conflicts, and if you virtualze. Actually gives you better server utilization resulting in lower overall costs in energy and performance.

-Cliff
0
 

Author Comment

by:RemcoVi
ID: 37713489
True, but in this case i have no choice. The application stealing my HTTPS is their core application and they want to use OWA for synching with their mobile 2.

Getting an internet connection with multiple IP adresses is not possible on that location, so i have no choice.

So any idea how to get this up and running?

Other solution is Port Redirection in my router, but i don't think OWA accept it when i redirect an external port 3500 to an internal 443 port and everything will still keep working.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 37713905
It simply cannot be done. They want two contradictory goals. They might as well asks you to make their servers run MS-DOS since there are fewer viruses for that OS, but they want all their 64-bit windows 2008 R2 programs to keep working in that DOS environment.

Sometimes the hardest job of an IT pro is telling the boss/client that they have to make a choice. If you cannot build the environment they want or they are unwilling to orovide the resources for it, then they have to choose which features and functions get dropped. That is the position you now find yourself in.

-Cliff
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:RemcoVi
ID: 37714433
I think i need to make a new question or maybe you could help me.
The only solution i have is changing the external port of my Citrix Fundamentals environment.

Is this possible?

Because then i could use this internet connection for the replies above and then i can change the port 3500 back to 443.
0
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 37717649
Last I checked  that also cannot be done. The problem lies in that many mobile apps do not allow you to define the port on the client side. Apple's implementation of ActiveSync, for example, just uses 443.

Similarly  the Citrix receiver apps on Android and Apple devices make similar assumptions.

this is a trend in mobile device computing. They are making these devices to be "consumer" friendly so geek options and lots of configuration choices that can break a setup have been stripped away.

For setups such as yours, they expect you to use multiple public IPs. I'd honestly shop around. I was able to upgrade my residential ISP account to a business account last month, kept all my speeds the same, went from one dynamic IP to 5 static IPs, and costs me $5 more per month.

As IPv6 picks up steam and broadband access becomes more prevalent, even in more rural areas of developed countries, pricing for multiple IPs has plummeted in the last year. I'd strongly encourage you to revisit that option.

-Cliff
0
 

Author Closing Comment

by:RemcoVi
ID: 37781416
I though i had replied this message, but appearantly not.

Thanks for you advice and the customer is waiting for a fiber connection wich will come standard with multiple IP adresses.

Again thanks
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Are you unable to connect or configure Hotmail email account in Microsoft Outlook 2010, 2007? Or Outlook.com emails are not downloading to Outlook? Lets’ see the problem and resolve Outlook Connector error syncing folder hierarchy (0x8004102A).
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now