?
Solved

Exchange 2010, unable to access OWA from internal with Internet Explorer using the FQDN.

Posted on 2013-01-08
4
Medium Priority
?
1,393 Views
Last Modified: 2013-01-14
I have a single Exchange 2010 server running the mailbox, CAS and HUB transport roles.  Things have been working for about 2 months until we started adding Outlook 2010 clients.  We started getting SSL mismatch errors on the clients.  Basically that problem boils down to the fact that we are not using a SAN certificate and the internal and external FQDN's don't match.
  While trying to fix that problem we are now unable to connect to the site with Internet Explorer on the Exchange server it self with the FQDN or from other machines on the network. (Using another browser like Chrome allows us to access the site just fine?)  We can access the site externally and with clients connected to our VPN.
  In looking around I see that within IIS our Default Website has the globe with a question mark on it.  So I started looking around in IIS.  If I click on the OWAfolder under the default website and right click Authentication and choose Basic Settings, I try and click the Test Settings... button I get an error.  "There was an error while performing this operation.  Details: Invalid Application Path"
  I've been all over the place on this one and it's starting to get really frustrating.  I just want my OWA back to operational for my clients.  I can deal with the original SSL cert mismatch problem later.

Thanks for any help or points to get me moving on this.

James
0
Comment
Question by:WcsdTech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 10

Expert Comment

by:gaurav05
ID: 38757772
Hi,

1) When you ping the name mentioned - does it resolve to the correct IP address.

2)Run Get-OwaVirtualDirectory |fl >c:\owa.txt and check what the internal url is set to

3) Run Test-OwaConnectivity - http://technet.microsoft.com/en-us/library/aa997682.aspx
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38758586
If you have been changing the settings in IIS manager, then you should probably start by resetting the virtual directories. You can do that with the tool inside EMC.
Once you have done that, you will have to resolve the problem with the URLs. If you don't have a UC certificate with the internal name on it, then you will have to use the external URL internally. That will require a split DNS system and changes to Exchange.

http://exchange.sembee.info/2010/install/singlenamessl.asp

Simon.
0
 

Accepted Solution

by:
WcsdTech earned 0 total points
ID: 38759206
Update to this.  

  Last night, before any responses, I tried to reset the virtual directories with no luck so then I removed the CAS role and then re-installed it.  Still no luck.  This morning a colleague did some more investigating and found that our problem seems to stem from our proxy server and network configuration, although nothing had changed prior to our problems.  He added the external FQDN to the list of servers or domains section, instead of just a wild card and domain name, in the proxy server settings. (We have ISA server 2004 and yes we know it's old.  We inherited this network 9 months ago and are still trying to get things cleaned up and updated.)  After rebooting the clients most worked, some had to have the IE cache cleared and then they were fine.

Thank you for your input, I had tried both of those things already.

James
0
 

Author Closing Comment

by:WcsdTech
ID: 38773794
Problem was fixed on our own.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses
Course of the Month12 days, 20 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question