it_medcomp
asked on
Exchange Issues
I am working with Exchange 2010 Enterprise running on Windows 2008 R2 standard. Our SSL Certificate expired and I installed a new one. We continued to have a name error because out internal domain is a .local. The plan was to do some more research on the effect on Outlook clients if we changed the internal URL. The next day we started to see more issues. Currently EMC, EMS and EWS are all not working. I get a message that WinRM client cannot process the request. These resolutions I have found on the web have already been tried:
1. time sync is fine
2. Kerbauth modules are correct at both the default web page level and powershell
3. SSL has been on and off
4. WinRM IIS Extension has been installed
Our issues include Mac outlook clients don't work, OWA cannot delete email, calendar busy function does not work, I cannot access either the management console or the shell
1. time sync is fine
2. Kerbauth modules are correct at both the default web page level and powershell
3. SSL has been on and off
4. WinRM IIS Extension has been installed
Our issues include Mac outlook clients don't work, OWA cannot delete email, calendar busy function does not work, I cannot access either the management console or the shell
Not 100% sure if it's the same thing but we had similar problems with an Exch 2010 system a while ago - resolved by restarting IIS services (or rebooting server could work too) - think it ended up being someone tried to alter the exchange url's through IIS rather than powershell or something like that.
What kind of certificate did you install - a Single Domain Certificate or a UCC (Multipple Domain Certificate).
You need to start with checking your Exchange 2010 URL configuration. Could you post the result of the following commands in Exchange Management Shell:
You need to start with checking your Exchange 2010 URL configuration. Could you post the result of the following commands in Exchange Management Shell:
Get-ClientAccessServer | FL *Uri
Get-EcpVirtualDirectory | FL *URL
Get-WebServicesVirtualDirectory | FL *URL
Get-ActiveSyncVirtualDirectory | FL *URL
Get-OabVirtualDirectory | FL *URL
Get-OWAVirtualDirectory | FL *ternalURL
If necessary, replace the real internal Domain Name with "MyCompany.local" and the public one with "MyCompany.com"
ASKER
Alan
Yes OWA basically works, but it does not delete email. Outlook clients basically work as well, except for the Mac client that relies on EWS which isn't working at all.
Yes OWA basically works, but it does not delete email. Outlook clients basically work as well, except for the Mac client that relies on EWS which isn't working at all.
ASKER
Morty
I have restarted the server multiple times at this point and that hasn't helped
I have restarted the server multiple times at this point and that hasn't helped
ASKER
NetoMeter,
When I try to run these commands I get a response that it is not a recognized cmdlet
When I try to run these commands I get a response that it is not a recognized cmdlet
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Lee
When I installed the new certificate, this is the TechNet I followed. At this point I can't get into the shell either.
When I installed the new certificate, this is the TechNet I followed. At this point I can't get into the shell either.
Probably you are trying to run them in PowerShell - you need to run them in Exchange Management Shell.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I see where it_medcomp says EMC & EMS do not work...
Do you have a split DNS?
Please reference the following:
http://exchangeserverpro.com/forums/exchange-server-2010/4033-split-dns-certs.html
http://social.technet.microsoft.com/Forums/exchange/en-US/c76ce856-6983-4c30-82ad-5a54ba322be9/installed-new-ssl-omitting-the-local-commonn-name-and-now-outlook-2010-client-throwing-certificate?forum=exchange2010
Do you have a split DNS?
Please reference the following:
http://exchangeserverpro.com/forums/exchange-server-2010/4033-split-dns-certs.html
http://social.technet.microsoft.com/Forums/exchange/en-US/c76ce856-6983-4c30-82ad-5a54ba322be9/installed-new-ssl-omitting-the-local-commonn-name-and-now-outlook-2010-client-throwing-certificate?forum=exchange2010
We have a starting point.
Download and run EMTshooter (Exchange Management Troubleshooter) and see what info it provides.
Download and run EMTshooter (Exchange Management Troubleshooter) and see what info it provides.
ASKER
I have been able to spin up a virtual server and install Exchange on that server. From there I am able to access Exchange Management shell and it seems to have connected to my production Exchange server.
I ran the following
Get-ClientAccessServer | FL *Uri
Get-EcpVirtualDirectory | FL *URL
Get-WebServicesVirtualDire ctory | FL *URL
Get-ActiveSyncVirtualDirec tory | FL *URL
Get-OabVirtualDirectory | FL *URL
Get-OWAVirtualDirectory | FL *ternalURL
They all pointed to my production server using the .local domain. I have reset them to my external domain that matches the certificate I recently install.
This has fixed the issue with the certificate warning when opening outlook.
This has not fixed the EWS issue which I believe is the cause of the calendar, Mac connection and not being able to delete from OWA.
I also ran the EMTShooter and it did not show any problems.
I ran the following
Get-ClientAccessServer | FL *Uri
Get-EcpVirtualDirectory | FL *URL
Get-WebServicesVirtualDire
Get-ActiveSyncVirtualDirec
Get-OabVirtualDirectory | FL *URL
Get-OWAVirtualDirectory | FL *ternalURL
They all pointed to my production server using the .local domain. I have reset them to my external domain that matches the certificate I recently install.
This has fixed the issue with the certificate warning when opening outlook.
This has not fixed the EWS issue which I believe is the cause of the calendar, Mac connection and not being able to delete from OWA.
I also ran the EMTShooter and it did not show any problems.
ASKER
Lots of good help. Not sure what the eventual solution was- it's almost a 2 year old question! I just have to accept it so I can use this account.
Does OWA work and do you see any cert errors?