Announcement

Collapse
No announcement yet.

Ex2007 Webmail access problems

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ex2007 Webmail access problems

    Setup

    This is all setup in a VMWare environment

    mail_srv01 - This is the old mail server replaced by 02, however we still keep it as it has certifcate roles, radius, DC
    mail_srv02 - This is our main mail server, DC
    mailsrvcas - This is our new Ex2007 box running Client Access, Hub Transport, Unified Messaging
    mailsrvmbx - This is our new Ex2007 box running the mailbox role
    maindc1, 2, 3 - Our DCs

    We have installed a SSL certificate issued by mail_srv01.

    The Problem

    At the moment internally users goto https://mail.domain.co.uk and get prompted for a login, if their mailbox is on mail_srv02 then they get pointed to the Ex2000 webmail page and all works ok.

    However if there mailbox is moved over onto Ex2007 then when they got to https://mail.domain.co.uk and login they will get forwarded to http://mailsrvmbx/domain.co.uk/exchange I get the error

    "500 - Internal server error.
    There is a problem with the resource you are looking for, and it cannot be displayed."

    However if I access the client access server directly at https://mailsrvcas.domain.co.uk/owa it works fine, but if I access https://mailsrvcas.domain.co.uk/exchange I will get the 2007 login then I get the same 500 error as above.

    The reason I need to get this fixed is most of our users, use webmail, and we want to move departments over one at a time and not have to worry about issuing different URL's to different departments etc

    So any help is appricated

    Many thanks

    Dave
    Last edited by Dave_Lincs; 25th January 2010, 15:53.

  • #2
    Re: Ex2007 Webmail access problems

    Hi,

    Can you provide the test results of below:-

    a) try browsing Exchange 2007 mailbox from the E2k7 MBX server try http://E2k7mbx/exchange.... in this case u will be prompted twice thats by design so dont worry abt it but i would like to see what happens..if it fails after providing the credential in the first prompt then clearly issue is with /exchange vdir on mbx server. So try recreating it.

    b) if in case it fails after 2nd attempt( in 2nd attempt u will notice the change in the URL..it will change to CAS name) that means issue is on CAS server...

    c) if it fails after step B then in case if you have any redirection set in IIS(HTTP redirect) then remove it an try..i am assuming CAS is on Windows 2008 so make sure u remove it completly meaning make it blank..dont just uncheck that option...

    d) after above test also provide me ur IIS logs.

    Rgds
    DKS
    ________
    AMC STRAIGHT-6 ENGINE HISTORY
    Last edited by Dks; 13th March 2011, 00:23.
    Rgds,

    Dks
    MCP E2K3 & MCITP E2K7
    MCITP Enterprise Win2k8

    Comment


    • #3
      Re: Ex2007 Webmail access problems

      Originally posted by Dks View Post
      Hi,

      Can you provide the test results of below:-

      a) try browsing Exchange 2007 mailbox from the E2k7 MBX server try http://E2k7mbx/exchange.... in this case u will be prompted twice thats by design so dont worry abt it but i would like to see what happens..if it fails after providing the credential in the first prompt then clearly issue is with /exchange vdir on mbx server. So try recreating it.

      b) if in case it fails after 2nd attempt( in 2nd attempt u will notice the change in the URL..it will change to CAS name) that means issue is on CAS server...

      c) if it fails after step B then in case if you have any redirection set in IIS(HTTP redirect) then remove it an try..i am assuming CAS is on Windows 2008 so make sure u remove it completly meaning make it blank..dont just uncheck that option...

      d) after above test also provide me ur IIS logs.

      Rgds
      DKS
      DKS,

      Thanks for replying. Since I made this post things have moved on.

      If i goto https://mail.domain.co.uk I am asked to login.

      If I put in the details of a user on teh Ex2000 system then they are redirected to the Ex2000 webmail. If I put in the details of a user on the Ex2007 system I am then asked to login to mailboxsrv and after that I am asked to login to the OWA site on mailsrvcas.

      Bit annoying that the creditials are not passed through from box to box.

      If I goto https://mailsrvcas/exchange and login with a 2000 user then I get their mailbox, if I login with a 2007 user I get a blank white screen and I am not forwarded onto the owa address.

      Dave

      Comment


      • #4
        Re: Ex2007 Webmail access problems

        https://mail.domain.co.uk is pointing to which server???

        b) What's the authentication mechanism set on Exchange, exchweb folder on the CAS server?

        c) Firsts lets fix why /exchange is not working from the CAS server..that sud be working...To troubleshoot that provide e the test results from my previous post.
        ________
        Cheap Airsoft 177
        Last edited by Dks; 13th March 2011, 00:24.
        Rgds,

        Dks
        MCP E2K3 & MCITP E2K7
        MCITP Enterprise Win2k8

        Comment


        • #5
          Re: Ex2007 Webmail access problems

          Originally posted by Dks View Post
          https://mail.domain.co.uk is pointing to which server???

          b) What's the authentication mechanism set on Exchange, exchweb folder on the CAS server?

          c) Firsts lets fix why /exchange is not working from the CAS server..that sud be working...To troubleshoot that provide e the test results from my previous post.
          Hi,

          https://mail.domain.co.uk is pointing at mail_srv02

          The authentication on the Exchweb folder on the CAS server is set to Basic Authentication only

          I am having problem with the IIS logs, in so much I can not find them, in the logging folder in system32 does not contain any new logs

          Dave

          Comment


          • #6
            Re: Ex2007 Webmail access problems

            First recommendation I would make is to ditch the self signed certificate. Close to useless for OWA access, unless you have control over 100% of the clients - which is unlikely unless you don't allow OWA from the Internet.

            Are you using forms based authentication? If not, why not?
            Have any customisations been made to the OWA configuration, authentication etc?
            Are both Exchange 2007 servers at the same patch level? Should be Exchange 2007 SP2 rollup 1 at the least - if not, why not?

            Simon.
            --
            Simon Butler
            Exchange MVP

            Blog: http://blog.sembee.co.uk/
            More Exchange Content: http://exchange.sembee.info/
            Exchange Resources List: http://exbpa.com/
            In the UK? Hire me: http://www.sembee.co.uk/

            Sembee is a registered trademark, used here with permission.

            Comment


            • #7
              Re: Ex2007 Webmail access problems

              Originally posted by Sembee View Post
              First recommendation I would make is to ditch the self signed certificate. Close to useless for OWA access, unless you have control over 100% of the clients - which is unlikely unless you don't allow OWA from the Internet.

              Are you using forms based authentication? If not, why not?
              Have any customisations been made to the OWA configuration, authentication etc?
              Are both Exchange 2007 servers at the same patch level? Should be Exchange 2007 SP2 rollup 1 at the least - if not, why not?

              Simon.
              No we are not using Forms based authentication, why are we not, I couldn't tell you, the secruity is out the box.
              No customisations have been made apart from a little bit of CSS tweaking to change colours
              SP2 and Rollup 1 are now installed, I thought I had done this, apparently not

              Dave

              Comment


              • #8
                Re: Ex2007 Webmail access problems

                I would suggest enabling forms based authentication to begin with.
                I also recommend that the virtual directories on the original server are reset back to the default when a new system is introduced. This is basically frontend/backend.

                Another option would be to remove the virtual directories on the Exchange 2007 server and reset them.

                Simon.
                --
                Simon Butler
                Exchange MVP

                Blog: http://blog.sembee.co.uk/
                More Exchange Content: http://exchange.sembee.info/
                Exchange Resources List: http://exbpa.com/
                In the UK? Hire me: http://www.sembee.co.uk/

                Sembee is a registered trademark, used here with permission.

                Comment


                • #9
                  Re: Ex2007 Webmail access problems

                  Originally posted by Sembee View Post
                  I would suggest enabling forms based authentication to begin with.
                  I also recommend that the virtual directories on the original server are reset back to the default when a new system is introduced. This is basically frontend/backend.

                  Another option would be to remove the virtual directories on the Exchange 2007 server and reset them.

                  Simon.
                  I have just tried to set Forms authentication on the /exchange /exchweb folders and get an error saying

                  Code:
                  "There was an error while performing this operation.
                  
                  Details:
                  
                  Filename: \\?\BackOfficeStorage\domain.co.uk\ExchWeb\web.config
                  
                  or 
                  
                  Filename: \\?\BackOfficeStorage\domain.co.uk\MBX\web.config
                  
                  Error: Cannot write to configuration file"
                  When you say reset the virtual directories on the original server, I take it you mean on the Exchange 2000 system?

                  Dave

                  Comment


                  • #10
                    Re: Ex2007 Webmail access problems

                    What exactly were you trying to do?
                    Forms Based Authentication is enabled within Exchange, no where else. If you have attempted to make changes elsewhere then you have probably screwed up the configuration.

                    To reset the virtual directories on Exchange 2000, see this article. The process is listed quite a way down under More Information.
                    http://support.microsoft.com/kb/280823

                    To reset the virtual directories on Exchange 2007 run the following commands. If that doesn't work then you will probably have to remove the CAS role and maybe IIS then reinstall both to get it to reset.

                    Remove-OwaVirtualDirectory -identity "server\exchange (Default Web Site)"
                    Remove-OwaVirtualDirectory -identity "server\exadmin (Default Web Site)"
                    Remove-OwaVirtualDirectory -identity "server\public (Default Web Site)"
                    Remove-OwaVirtualDirectory -identity "server\exchweb (Default Web Site)"
                    Remove-ActiveSyncVirtualDirectory -identity "server\Microsoft-Server-ActiveSync (Default Web Site)"


                    New-OWAVirtualDirectory -OwaVersion:Exchange2007 -Name "owa" -WebSite "Default Web Site"
                    New-OwaVirtualDirectory -OwaVersion:"Exchange2003or2000" -Name "Exchange" -WebSite "Default Web Site" -VirtualDirectoryType:Mailboxes
                    New-OwaVirtualDirectory -OwaVersion:"Exchange2003or2000" -Name "Public" -WebSite "Default Web Site" -VirtualDirectoryType:PublicFolders
                    New-OwaVirtualDirectory -OwaVersion:"Exchange2003or2000" -Name "Exadmin" -WebSite "Default Web Site" -VirtualDirectoryType:Exadmin
                    New-OwaVirtualDirectory -OwaVersion:"Exchange2003or2000" -Name "Exchweb" -WebSite "Default Web Site" -VirtualDirectoryType:Exchweb
                    New-ActiveSyncVirtualDirectory -WebSiteName "Default Web Site"
                    --
                    Simon Butler
                    Exchange MVP

                    Blog: http://blog.sembee.co.uk/
                    More Exchange Content: http://exchange.sembee.info/
                    Exchange Resources List: http://exbpa.com/
                    In the UK? Hire me: http://www.sembee.co.uk/

                    Sembee is a registered trademark, used here with permission.

                    Comment


                    • #11
                      Re: Ex2007 Webmail access problems

                      Originally posted by Sembee View Post
                      What exactly were you trying to do?
                      If a user who's mailbox is on the Exchange 2000 system, when they access https://mailsrvcas/exchange they will get the Ex2007 OWA login box, after they put in they details they are forwarded onto the exchange 2000 webmail.

                      Now if a user who's mailbox is on the Exchange 2007 system, https://mailsrvcas/exchange they will get the Ex2007 OWA login box, after they put in they details they get a white screen with the URL still showing exchange, and they have not been forward onto https://mailsrvcas/owa

                      That is one stage we are at.

                      The other way if we access https://mail.domain.co.uk which points to the exchange 2000 box the user will get the traditional pop up box asking for username and password.

                      If they are on Exchange 2000 they will get sent to the Exchange 2000 webmail, if they are Exchange 2007, they will get asked to login to mailsrvmbx then will get pointed to the CAS server and presented with the login box for OWA 2007


                      We are trying to get it so no matter which server your mailbox is on the user just logs in once

                      Dave

                      Comment


                      • #12
                        Re: Ex2007 Webmail access problems

                        That wasn't what I was referring to. My question about what you were trying to do when you were enabling forms based authentication, not the core question.

                        Simon.
                        --
                        Simon Butler
                        Exchange MVP

                        Blog: http://blog.sembee.co.uk/
                        More Exchange Content: http://exchange.sembee.info/
                        Exchange Resources List: http://exbpa.com/
                        In the UK? Hire me: http://www.sembee.co.uk/

                        Sembee is a registered trademark, used here with permission.

                        Comment


                        • #13
                          Re: Ex2007 Webmail access problems

                          Originally posted by Sembee View Post
                          That wasn't what I was referring to. My question about what you were trying to do when you were enabling forms based authentication, not the core question.

                          Simon.
                          Ah my mistake.

                          I was trying to enable form based in IIS, however when I stopped being stupid and remembered you had to do it through ESM.

                          It is already set to Forms based

                          Dave

                          Comment


                          • #14
                            Re: Ex2007 Webmail access problems

                            If you are getting the GUI based login page and not a prompt, the problem has to be with the Exchange 2000 server. I presume it is fully patched to the levels required for Exchange 2007 support. No SSL certificate or require SSL enabled on the Exchange 2000 server.

                            Basically OWA and IIS should be as close to "out of the box" as possible on the old server to allow the proxy to work correctly.

                            Simon.
                            --
                            Simon Butler
                            Exchange MVP

                            Blog: http://blog.sembee.co.uk/
                            More Exchange Content: http://exchange.sembee.info/
                            Exchange Resources List: http://exbpa.com/
                            In the UK? Hire me: http://www.sembee.co.uk/

                            Sembee is a registered trademark, used here with permission.

                            Comment


                            • #15
                              Re: Ex2007 Webmail access problems

                              Originally posted by Sembee View Post
                              If you are getting the GUI based login page and not a prompt, the problem has to be with the Exchange 2000 server. I presume it is fully patched to the levels required for Exchange 2007 support. No SSL certificate or require SSL enabled on the Exchange 2000 server.

                              Basically OWA and IIS should be as close to "out of the box" as possible on the old server to allow the proxy to work correctly.

                              Simon.
                              Simon,

                              If the user mailbox is on Exchange 2000 and they login to the GUI login then there is not a problem. My problem comes when the users mailbox is on Exchange 2007 and they are not redirected from /exchange to /owa

                              Dave

                              Comment

                              Working...
                              X