We have an Exchange 2010 setup with 12 servers at various AD sites and geographic locations. We noticed an issue with one of the sites where we have 1 multi-role server (CAS, Mailbox, Hub Transport). This server could not update the GAL and upon inspection we could open the ExchangeOAB share on the server generating the GAL but cannot open the subfolder containing the GAL updates the explorer window appears to hang then eventually reports:
xxxxxxxx is not accessible. You might not have permision to use this network resource. Contact the administrator of this server to find out if you have access permissions.
The Specified network name no is no longer available.
It also cannot open the c$ or other admin shares on the GAL server. Non-admin shares work fine with the exception of the aforementioned address book folder. I've tried creating a new GAL but the problem is the same with the new GAL subfolder. The OABGenerator server is the only one contactable by all exchange servers so i cant move the GAL to another server.
Doing some troubleshooting the problem only crops up if i install the Mailbox role, if i remove this it works fine. For the sake of troubleshooting we also removed all AV from the server.
We don't have this issue from the DC at the same site or from any of the other Exchange servers. We also dont have this problem from the same server to other exchange server c$ shares, including other servers at the same site as the OABGenerator server.
If i try to RDP to the OAB server, i get prompted for credentials, the window opens with just a black screen (no taskbar etc then after a few seconds i get:
The Remote Desktop Session has ended.
It generates the following error on the OAB server System log:
The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: xxx.xxx.xxx.xxx
RDP also works fine without the mailbox role installed.
All Exchange Servers are running Windows 2008 R2 Enterprise with latest updates and Service Packs.