Solved

SBS 2011 Server won't allow clients to connect

Posted on 2016-08-28
4
54 Views
Last Modified: 2016-08-28
Windows Machines in a SBS 2011 network can't seem to connect to the Exchange. When we open outlook we are prompted for username and password. Don't think anything changed with the server. Running Exchange 2010 SP3 Update Rollup 14

I replaced the firewall last night, things were fine.
I looked this morning, people are able to login using OWA but just not with outlook.

I tried setting up a new profile for a user, it does not find the account/server. Just keeps searching over and over

Event log errors:

Event ID: 12016 MSExchangeTransport
There is no valid SMTP Transport Layer Security (TLS) certificate for the FQDN of <servername.domainname.local> The existing certificate for that FQDN has expired. The continued use of that FQDN will cause mail flow problems. A new certificate that contains the FQDN of <servername.domainname.local> should be installed on this server as soon as possible. You can create a new certificate by using the New-ExchangeCertificate task

Event ID: 12015   MSExchangeTransport
Thumbprint : ojpoj23po54j23p4oj32pj2     An internal transport certificate expired.

These warnings and errors have been coming up in the event logs for a long time.
I believe they are related to the Exchange SSL Certificate including the host name of the server which is no longer valid / supported.


Again, the mail is flowing to OWA.
I can hit https://mail.companyname.com/owa just fine. All mail is being delivered. Just can't use Outlook to connect.
0
Comment
Question by:Patrick Doman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 9

Accepted Solution

by:
bas2754 earned 500 total points
ID: 41774167
Can you confirm all the exchange services that are set for automatic as the start type or actually started? The errors you're seeing regarding the expired certificate are not causing this issue. Most of the time when I see these errors and is usually due to something going on with either the database or one of the services not started or want to service needed to be restarted. So I would start with checking to make sure all the services that are set for automatic for exchange or actually started and working. Second step to try simply restarting the server  and see if the error is corrected.  Rather than restarting the server you can also try just restarting all of the exchange services.
1
 

Author Comment

by:Patrick Doman
ID: 41774177
I checked the services. They are all looking good.

The DHCP Server wasn't happy.
That was stopped

Google Update Service is stopped
Microsoft .Net Framework NGen v4.0 is stopped (x86) is stopped
Microsoft .Net Framework NGen v4.0 is stopped (x64)  is stopped


I would usually think this is a problem with IIS.
An interesting item I noticed when setting up a brand new profile for a user is that when it prompts him for his login, it's prompting him for his full email address as the username versus the domain and username only for the domain.

Not sure if some how the authentication changed???

I am searching for anything else out of the ordinary.
2016-08-28_20h25_14.png
0
 

Author Comment

by:Patrick Doman
ID: 41774187
Yesterday, I put a Fortigate 100D in and since that point, I have noticed little intricacies on the network that have changed.

The outlook thing... slowness logging in..... DHCP (crud)

The DHCP server on the Fortgate was enabled. I know I turned it off, but there it is enabled.

The SBS server has been performing the DHCP since its inception.
I think that was the issue. May even be causing the outlook to prompt for credentials.....
I am rebooting some computers to see if the performance issues are fixed.
0
 

Author Closing Comment

by:Patrick Doman
ID: 41774189
Thank you for reminding me to check the simple things.
A service that should be started in this case like the DHCP Server had me checking the firewall (new) installed yesterday and there it was. The DHCP service on the Fortigate was running.

Things appear to be ok now.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision Office 365 tenants, synchronize your on-premise Active Directory, and implement Single Sign-On.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question