Solved

SBS 2011 Server won't allow clients to connect

Posted on 2016-08-28
4
34 Views
Last Modified: 2016-08-28
Windows Machines in a SBS 2011 network can't seem to connect to the Exchange. When we open outlook we are prompted for username and password. Don't think anything changed with the server. Running Exchange 2010 SP3 Update Rollup 14

I replaced the firewall last night, things were fine.
I looked this morning, people are able to login using OWA but just not with outlook.

I tried setting up a new profile for a user, it does not find the account/server. Just keeps searching over and over

Event log errors:

Event ID: 12016 MSExchangeTransport
There is no valid SMTP Transport Layer Security (TLS) certificate for the FQDN of <servername.domainname.local> The existing certificate for that FQDN has expired. The continued use of that FQDN will cause mail flow problems. A new certificate that contains the FQDN of <servername.domainname.local> should be installed on this server as soon as possible. You can create a new certificate by using the New-ExchangeCertificate task

Event ID: 12015   MSExchangeTransport
Thumbprint : ojpoj23po54j23p4oj32pj2     An internal transport certificate expired.

These warnings and errors have been coming up in the event logs for a long time.
I believe they are related to the Exchange SSL Certificate including the host name of the server which is no longer valid / supported.


Again, the mail is flowing to OWA.
I can hit https://mail.companyname.com/owa just fine. All mail is being delivered. Just can't use Outlook to connect.
0
Comment
Question by:mnitman
  • 3
4 Comments
 
LVL 9

Accepted Solution

by:
bas2754 earned 500 total points
ID: 41774167
Can you confirm all the exchange services that are set for automatic as the start type or actually started? The errors you're seeing regarding the expired certificate are not causing this issue. Most of the time when I see these errors and is usually due to something going on with either the database or one of the services not started or want to service needed to be restarted. So I would start with checking to make sure all the services that are set for automatic for exchange or actually started and working. Second step to try simply restarting the server  and see if the error is corrected.  Rather than restarting the server you can also try just restarting all of the exchange services.
1
 

Author Comment

by:mnitman
ID: 41774177
I checked the services. They are all looking good.

The DHCP Server wasn't happy.
That was stopped

Google Update Service is stopped
Microsoft .Net Framework NGen v4.0 is stopped (x86) is stopped
Microsoft .Net Framework NGen v4.0 is stopped (x64)  is stopped


I would usually think this is a problem with IIS.
An interesting item I noticed when setting up a brand new profile for a user is that when it prompts him for his login, it's prompting him for his full email address as the username versus the domain and username only for the domain.

Not sure if some how the authentication changed???

I am searching for anything else out of the ordinary.
2016-08-28_20h25_14.png
0
 

Author Comment

by:mnitman
ID: 41774187
Yesterday, I put a Fortigate 100D in and since that point, I have noticed little intricacies on the network that have changed.

The outlook thing... slowness logging in..... DHCP (crud)

The DHCP server on the Fortgate was enabled. I know I turned it off, but there it is enabled.

The SBS server has been performing the DHCP since its inception.
I think that was the issue. May even be causing the outlook to prompt for credentials.....
I am rebooting some computers to see if the performance issues are fixed.
0
 

Author Closing Comment

by:mnitman
ID: 41774189
Thank you for reminding me to check the simple things.
A service that should be started in this case like the DHCP Server had me checking the firewall (new) installed yesterday and there it was. The DHCP service on the Fortigate was running.

Things appear to be ok now.
0

Featured Post

The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now