• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1432
  • Last Modified:

Exchange 2010, unable to access OWA from internal with Internet Explorer using the FQDN.

I have a single Exchange 2010 server running the mailbox, CAS and HUB transport roles.  Things have been working for about 2 months until we started adding Outlook 2010 clients.  We started getting SSL mismatch errors on the clients.  Basically that problem boils down to the fact that we are not using a SAN certificate and the internal and external FQDN's don't match.
  While trying to fix that problem we are now unable to connect to the site with Internet Explorer on the Exchange server it self with the FQDN or from other machines on the network. (Using another browser like Chrome allows us to access the site just fine?)  We can access the site externally and with clients connected to our VPN.
  In looking around I see that within IIS our Default Website has the globe with a question mark on it.  So I started looking around in IIS.  If I click on the OWAfolder under the default website and right click Authentication and choose Basic Settings, I try and click the Test Settings... button I get an error.  "There was an error while performing this operation.  Details: Invalid Application Path"
  I've been all over the place on this one and it's starting to get really frustrating.  I just want my OWA back to operational for my clients.  I can deal with the original SSL cert mismatch problem later.

Thanks for any help or points to get me moving on this.

James
0
WcsdTech
Asked:
WcsdTech
  • 2
1 Solution
 
gaurav05Commented:
Hi,

1) When you ping the name mentioned - does it resolve to the correct IP address.

2)Run Get-OwaVirtualDirectory |fl >c:\owa.txt and check what the internal url is set to

3) Run Test-OwaConnectivity - http://technet.microsoft.com/en-us/library/aa997682.aspx
0
 
Simon Butler (Sembee)ConsultantCommented:
If you have been changing the settings in IIS manager, then you should probably start by resetting the virtual directories. You can do that with the tool inside EMC.
Once you have done that, you will have to resolve the problem with the URLs. If you don't have a UC certificate with the internal name on it, then you will have to use the external URL internally. That will require a split DNS system and changes to Exchange.

http://exchange.sembee.info/2010/install/singlenamessl.asp

Simon.
0
 
WcsdTechAuthor Commented:
Update to this.  

  Last night, before any responses, I tried to reset the virtual directories with no luck so then I removed the CAS role and then re-installed it.  Still no luck.  This morning a colleague did some more investigating and found that our problem seems to stem from our proxy server and network configuration, although nothing had changed prior to our problems.  He added the external FQDN to the list of servers or domains section, instead of just a wild card and domain name, in the proxy server settings. (We have ISA server 2004 and yes we know it's old.  We inherited this network 9 months ago and are still trying to get things cleaned up and updated.)  After rebooting the clients most worked, some had to have the IE cache cleared and then they were fine.

Thank you for your input, I had tried both of those things already.

James
0
 
WcsdTechAuthor Commented:
Problem was fixed on our own.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now