Sterling Schaefer
asked on
Sbs 2011 IIS Configuration Issues - Companyweb and remote.domain.com
I am having an issue with my IIS configuration on SBS 2011
When I go to remote.domain.com, it defaults to the www.domain.com site instead of the Remote Web access.
Going to http://comanyweb/ gives HTTP Error 500.0 - Internal Server Error - Module "SharePoint14Module" could not be found
What is your internal domain? It is best if it is www.externaldomain.local and your external name should be www.externaldomain.com (or org, edu, net, gov, tw, or similar). You should then have a DNS entry of internalIPaddress for ,local defined on your internal DNS server(s). The externalIPaddress should resolve correctly to your external IP address though your external DNS primary and secondary servers.
Did this just recently go bad?
What happens if you go to https://remote.domain.com/remote does that work?
What happens if you go to https://remote.domain.com/remote does that work?
ASKER
The local domain is domain.local, and the external is domain.com. DNS is set up correctly inside the network and outside as well.
Going to https://remote.domain.com/remote gives 401 - Unauthorized: Access is denied due to invalid credentials.
The general authentication for IIS is Anonymous Auth is enabled, all others are disabled; this is the same for Default Web Site, and the application site of /Remote
Going to https://remote.domain.com/remote gives 401 - Unauthorized: Access is denied due to invalid credentials.
The general authentication for IIS is Anonymous Auth is enabled, all others are disabled; this is the same for Default Web Site, and the application site of /Remote
ASKER
The sites used to work with no issues; started to have issues a few months ago. I believe that it started after a MS Update, but can not say for sure.
I have two suggestions here....
First download and install the SBS BPA for 2011 http://www.sbslinks.com/sbsbpa.htm make sure it gets updated to 1.5 before you'll get any valuable results
While you're working on that, run the Fix My Network wizard from the SBS Console > Network > Connectivity tab
Fix everything it finds, regardless of whether you think it applies
You can also try re-running the "setup my internet address" wizard from the Getting Started list on the main page of the SBS console. Any chance this occurred when you installed Sophos on the server?
First download and install the SBS BPA for 2011 http://www.sbslinks.com/sbsbpa.htm make sure it gets updated to 1.5 before you'll get any valuable results
While you're working on that, run the Fix My Network wizard from the SBS Console > Network > Connectivity tab
Fix everything it finds, regardless of whether you think it applies
You can also try re-running the "setup my internet address" wizard from the Getting Started list on the main page of the SBS console. Any chance this occurred when you installed Sophos on the server?
ASKER
I have run the SBS BPA as suggested in other posts, and tried to run Fix My Network Wizard to no avail. This was happening prior to Sophos.
and have you tried re-running the "setup your internet" address wizard again?
ASKER
Yes
I've reviewed your two pictures that originally posted (.net version and bindings) and they match my own box, except for ID# of course and I don't have Sophos
And I get the same error as you did when I click on test button but mine is working.
Let me go back to your original posting. When you're trying to connect to remote.domain.com and it goes to www.domain.com. is this from inside the network or outside?
And I get the same error as you did when I click on test button but mine is working.
Let me go back to your original posting. When you're trying to connect to remote.domain.com and it goes to www.domain.com. is this from inside the network or outside?
ASKER
Behavior is the same both inside the network, and outside the network.
it would help to have the actual domain name (external) in order to look at a couple of things.
While not the exact cause of the issue, it appears there might be a misconfiguration of your external DNS.
doing a DNS query for all records for the domain name you provided does not return a record for remote, which should be "A" or host record of your domain. I then went and did a DNS check of remote.domainname.com and found the record and it's public IP points to the same IP address as your mail.domainname.com record.
On that "remote" folder, Make sure that the domain "users" security group has read&execute set to allow, List Folders set to allow and Read set to allow.
Make sure SYSTEM has full control
I'm not an IIS guru by any stretch. If the permissions are correct, you may have to open a support case with Microsoft, or a third party group that has an IIS person.
Does Outlook Web Access work?
doing a DNS query for all records for the domain name you provided does not return a record for remote, which should be "A" or host record of your domain. I then went and did a DNS check of remote.domainname.com and found the record and it's public IP points to the same IP address as your mail.domainname.com record.
On that "remote" folder, Make sure that the domain "users" security group has read&execute set to allow, List Folders set to allow and Read set to allow.
Make sure SYSTEM has full control
I'm not an IIS guru by any stretch. If the permissions are correct, you may have to open a support case with Microsoft, or a third party group that has an IIS person.
Does Outlook Web Access work?
ASKER
OWA does work going to https://remote.domain.com/owa/
Permissions on /remote are already set as you suggested.
Permissions on /remote are already set as you suggested.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
In IIS > Sites > Default Web Site > Remote
IIS section > Authentication > Open Feature
Do you see listed
Anonymous Authentication Enabled
ASP .NET Impersonation Disabled
Basic Authentication Disabled HTTP 401 Challenge
Digest Authentication Disabled HTTP 401 Challenge
Forms Authentication Enabled HTTP 302 Login/Redirect
Windows Authentication Disabled HTTP 401 Challenge
IIS section > Authentication > Open Feature
Do you see listed
Anonymous Authentication Enabled
ASP .NET Impersonation Disabled
Basic Authentication Disabled HTTP 401 Challenge
Digest Authentication Disabled HTTP 401 Challenge
Forms Authentication Enabled HTTP 302 Login/Redirect
Windows Authentication Disabled HTTP 401 Challenge
ASKER
Setting Forms Auth to enabled under Authentication fixed the authentication error and not the page works with https://remote.domain.com/remote/
This used to work without the /remote/, although there may be an issue with the redirect on the main page.
The http://companyweb/ still gives HTTP Error 500.0 - Internal Server Error
Module "SharePoint14Module" could not be found
This used to work without the /remote/, although there may be an issue with the redirect on the main page.
The http://companyweb/ still gives HTTP Error 500.0 - Internal Server Error
Module "SharePoint14Module" could not be found
As I indicated, not an IIS guru, so I'm not sure I can get you back to a point of not having to put in the full URL
Regarding CompanyWeb...give this a try:
You Must Manually Run PSCONFIG after Installing SharePoint 2010 Patches
http://blogs.technet.com/b/sbs/archive/2011/05/24/you-must-manually-run-psconfig-after-installing-sharepoint-2010-patches.aspx
Regarding CompanyWeb...give this a try:
You Must Manually Run PSCONFIG after Installing SharePoint 2010 Patches
http://blogs.technet.com/b/sbs/archive/2011/05/24/you-must-manually-run-psconfig-after-installing-sharepoint-2010-patches.aspx
ASKER
After running "PSConfig.exe -cmd upgrade -inplace b2b -force -cmd applicationcontent -install -cmd installfeatures" I still recieve the same error on companyweb.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The current path is C:\Program Files\Windows Small Business Server\Bin\WebApp\RemoteAc
The Application pool is SBS Web Applications application pool