Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 272
  • Last Modified:

Exchange 2003 - Auto Discover

I have 4 x Mail servers (Ex2003)
1 x Bridge Server (Ex2003
1 x Bridgehead Server (Ex2003) - Master Role assigned

Users are able to receive emails on mobile phone devices but cannot view email via Web Mail.

CHanges - with the OWA server located at a COLO site we moved all DMZ/COLO site servers (including OWA) to a differnet COLO site over the weekend.

Other info - we have built a couple of Mail & CAS Ex 2010 servers on the same domain in view of moving away from EX 2003. With that I am today building a CAS/HUB 2010 EX server in the COLO site which sites on the boundary (DMZ) of the business.

On the Ex 2003 OWA server why can't users now access mail over WebMail?

When running an CLient Exchange Analyser against the OWA I receive errors/failures with AutoDiscover.
Doc100.docx
0
CTCRM
Asked:
CTCRM
  • 6
  • 4
1 Solution
 
CTCRMInfrastructure EngineerAuthor Commented:
I also have 1 x OWA (Ex 2003) server sat on the internal network but in the DMZ.
0
 
Alan HardistyCo-OwnerCommented:
Autodiscover wasn't invented until Exchange 2007, so it will never work until you upgrade.
0
 
CTCRMInfrastructure EngineerAuthor Commented:
what service then in EX 2003 is used to allow clients webmail access to their mailboxes?
0
NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

 
Alan HardistyCo-OwnerCommented:
Webmail is IIS - using port 80 (without SSL) or port 443 with SSL.

The /Exchange virtual directory is the key IIS Virtual Directory that is used for OWA.

Does webmail work internally?

Activesync - which is what the phones will be using will also use port 80 or 443 (without / with SSL), so if that works, then it may be a DNS issue pointing the FQDN you are using for OWA to the wrong IP, or something similar.

Alan
0
 
CTCRMInfrastructure EngineerAuthor Commented:
Hi Alan

webmail externally or internally doesn't work ('This Webpage is not available' message on the browser).

ON the OWA server under IIS Mgmt>Web Sites there is the 'Exchange, Microsoft-Server-ActiveSync, and OMA' virtual directories. However, when the 'Exchange' and 'Activesync directory icons are clicked nothing appears in the right-hand-pane.

Is that normal? or should there be any associated info in the right-hand-pane for those 2 virtual directories?

I will check DNS now, am I looking for a SRV or A record? and is the FQDN the name of the OWA server pointing to its own IP address?
0
 
Alan HardistyCo-OwnerCommented:
Are you using SSL for OWA?
0
 
CTCRMInfrastructure EngineerAuthor Commented:
yeah, SSL for OWA
0
 
Alan HardistyCo-OwnerCommented:
And for Activesync too?
0
 
CTCRMInfrastructure EngineerAuthor Commented:
And for Activesync.

We're currently building a 2010 Exchange platform now which has been in the pipeline for a while so if all fails here we can configure the Ex CAS (2010) server to take on the OWA responsibility. However, it would be useful to understand and find what setting and stopped the webmail access on Ex 2003.
0
 
Simon Butler (Sembee)ConsultantCommented:
First:

"With that I am today building a CAS/HUB 2010 EX server in the COLO site which sites on the boundary (DMZ) of the business."

That isn't supported.

Placing any kind of Exchange 2007 or higher server in a DMZ or other boundary network is not a supported configuration for the Mailbox, Client Access and Hub Transport role.

Therefore you will need to change your network design to have it inside the firewall.

Having Exchange 2003 in a DMZ is also a very bad idea, and the only thing it does to the security of your network is make Swiss cheese of your firewall.

Exchange 2010 does not proxy OWA, it will only redirect. Therefore you will need two unique URLs for the services and then configure the legacy configuration within Exchange 2010.
ActiveSync will proxy to the older version, but again if you have the server in a DMZ then you are going to have problems.

Being blunt, you need to sort out the design of the Exchange 2003 platform first, as well as review your Exchange 2010 design.

Simon.
0
 
CTCRMInfrastructure EngineerAuthor Commented:
Upon investigation it seems that we have a dual-firewall DMZ environment and the OWA server has been sat in the DMZ for some time, way before I started. With that in mind I am now reviewing the DMZ Topology and will be removing the OWA server from that area.

Thanks Simon for pointing this out, I should have identified this after implementing Exchange Edge Transport servers for a different client some time ago.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now