SBS 2008 RWW and exchange stops functioning for approximately 1 hour then recovers .
The server has external Drives which are used for SBS backups . The drives are periodically swapped out , around the time this happens the RWW and exchange basically stops functioning for an period of time before self recovering . The drive swap is the only external factor that happens around the event but I am not sure there is any relationship .
The features of this issue are :
A person types in remote.the company.com and the browser just spins and spins with no timeout . The person just waits forever for a login screen .
Simultaneously the exchange system stops sending or receiving mail with no error messages on the clients side .
Have run Fix my network wizard and found no certificate errors .
This server is heavily used for remote access and email so I want to make sure that i am fixing this issue instead of doing anything that would break either exchange or RWW. Server downtime must be minimum .
The event logs show the following error messages during the event :
Log Name: Application
Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Date: 8/21/2015 11:18:37 AM
Event ID: 64
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: MAIN.local
Description:
Certificate for local system with Thumbprint 2d 5a 90 80 e0 59 68 09 aa a7 10 e9 bf 48 94 15 d1 c4 f0 ae is about to expire or already expired.
Log Name: Application
Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Date: 8/21/2015 11:18:37 AM
Event ID: 64
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: -MAIN.local
Description:
Certificate for local system with Thumbprint ad 4d 74 86 1b 77 d7 87 c4 07 2a 17 b9 fb 9a 7d 9f af 41 82 is about to expire or already expired.
Log Name: Application
Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Date: 8/21/2015 11:18:37 AM
Event ID: 64
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: -MAIN.local
Description:
Certificate for local system with Thumbprint 36 a2 4d af e3 ff 3e f4 81 9d 7a c1 84 49 14 87 3a 3b ee c0 is about to expire or already expired.
Log Name: Application
Source: MSExchangeTransport
Date: 8/21/2015 11:18:31 AM
Event ID: 12016
Task Category: TransportService
Level: Error
Keywords: Classic
User: N/A
Computer: -MAIN.local
Description:
There is no valid SMTP Transport Layer Security (TLS) certificate for the FQDN of remote.the.com. The existing certificate for that FQDN has expired. The continued use of that FQDN will cause mail flow problems. A new certificate that contains the FQDN of remote.the.com should be installed on this server as soon as possible. You can create a new certificate by using the New-ExchangeCertificate task.
ExchangeRemote AccessSBS
Last Comment
Andre P
8/22/2022 - Mon
Systech Admin
it seems that your certificate is expired. Is it self signed certificate or third party certificate?
Andre P
ASKER
I launched the MMC snapin and found the certificates with these thumbprints .
They expired in September and October of 2013 (2 years ago ) respectively .
They were both self signed.
The network solutions cert does not expire until march of next year.
Systech Admin
Kindly check if certificate is assigned to exchange services like IIS, SMTP
Full list of cmdlets: get-command
Only Exchange cmdlets: get-excommand
Cmdlets for a specific role: get-help -role *UM* or *Mailbox*
Get general help: help
Get help for a cmdlet: help <cmdlet-name> or <cmdlet-name> -?
Show quick reference guide: quickref
Exchange team blog: get-exblog
Show full output for a cmd: <cmd> | format-list
Tip of the day #45:
Forgot what the available parameters are on a cmdlet? Just use tab completion! T
ype:
Set-Mailbox -<tab>
When you type a hyphen (-) and then press the Tab key, you will cycle through al
l the available parameters on the cmdlet. Want to narrow your search? Type part
of the parameter's name and then press the Tab key. Type:
David Johnson
This server is running 24/7 as a remote access system .
If I run get-certificate on the server ,is there a chance it will break the remote access for the users ?
I support this server remotely . Could it then lock me out ?
I will also run Best Practices shortly .
We are currently migrating to a cloud backup system and this has become temporarily not as hot an issue .
Will be tackling it in a week .
updating certificates will not lock you out of the system under any circumstances. Especially since these certificates are invalid/expired at this time.. I can see where if a certificate expires that it could cause connection problems with clients that rely on a valid certificate
Andre P
ASKER
I will be acting on this in the beginning of the month for budgetary reasons .
I have not abandoned this thread