Announcement

Collapse
No announcement yet.

need help to finalize my sbs 2008 setup, too many hairs pulled out

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • need help to finalize my sbs 2008 setup, too many hairs pulled out

    Hello Guys.

    I do not have 5 posts so I could not place the screenshots with img embedded so just place http to see the screenshot, sorry about that

    I am trying since beginning of january to make a make sbs 2008 and exchange 2007 working.
    My ultimate goal is to have a dozen of blackberry devices working on blackberry enterprise server plans with blackberry server express on the top of sbs and exchange 2007.

    So I will train to explain all the steps I have done with the most details possible.

    My hardware ibm x346 server quad core xeon 74 gb in raid 1 with 6gb of ram
    software : sbs 2008 exchange 2007
    SSL certificate : digicert ssl UC certificate
    Static IP
    domain name : registered with Enom

    I have through the reading of :
    -how to cheat at configuring exchange 2007
    -windows small business server 2008 administrator companion
    -small business server 2008 installation, migration, and configuration
    -mastering windows small business server 2008

    I have successfully installed the sbs 2008 software, right now I am blocked with 2 problems I could not find a solution in any of the books or online.

    1st Question :
    what is the address I should put in the dns of my domain registrar from who I bought the domain name I have on my server ? see screenshot

    ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/IMG00002-20110325-0736.jpg
    ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/IMG00001-20110325-0736.jpg

    2nd question :
    I can not add the UC ssl certificate I bought from digicert, I did the export import process and I can see it in my mmc console but when I launch the wizard add a trusted certificate, I only see the default self issued from sbs 2008. I don t know if
    it could have a link with the the name I saved it, I saved it under mail.mydomain.com and I noticed all the name in the list start by remote.... so do you think renaming my certificate by remote.mydomain.com would solve the problem see screenshot
    the 4 domain SAN used for my certificate are :
    -mail.mydomain.com
    -remote.mydomain.com
    -autodiscover.mydomain.com
    -owa.mydomain.com


    ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/IMG00003-20110325-0737.jpg

    thank you in advance

  • #2
    Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

    Well this must be your lucky day,
    you don`t have to change the dns servers,
    what you need to change are some settings in the dns configurator
    of your host. create an mx record a record etc.
    see this article:http://www.petri.com/configure_mx_re...il_traffic.htm

    If you did this correctly after max 48 hours your second problem will be solved as well.
    in short you have to make some changes in your dns configurator.
    if you are unsure just call the helpdesk of your hosting provider explain the situation and they will do it for you.

    good luck

    Comment


    • #3
      Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

      Yea just create an A record called remote and point it to your public IP.
      Then create an MX record called remote.yourdomain.com

      If your domain is registered with godaddy or register you can let the wizard in sbs 2008 do it for you. It works great. I have setup 8 sbs 2008 servers and I used the wizard on the last one. The wizards will go out to where your domain is registered and change or create these records for you. It will also setup your send and recieve connectors for exchange.

      Be sure to go into your router and open ports, 80,25,110,1723,443, and 987.

      Also be sure that you let the server handle dhcp and not the router. It will make your life alot easier.

      Comment


      • #4
        Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

        Originally posted by Bolivar View Post
        Yea just create an A record called remote and point it to your public IP.
        Then create an MX record called remote.yourdomain.com

        If your domain is registered with godaddy or register you can let the wizard in sbs 2008 do it for you. It works great. I have setup 8 sbs 2008 servers and I used the wizard on the last one. The wizards will go out to where your domain is registered and change or create these records for you. It will also setup your send and recieve connectors for exchange.

        Be sure to go into your router and open ports, 80,25,110,1723,443, and 987.

        Also be sure that you let the server handle dhcp and not the router. It will make your life alot easier.
        I was going to rep you for this post - until I saw you say open the firewall ports 110.
        and 987, you only need to open IF you wish to publish company web.

        if you're a nazi like me, you might consider only opening port 25, 1723 and 443. And even then, locking down port 25 to the mimecast or messagelabs range...
        Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

        Comment


        • #5
          Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

          Dunno why 110 is in there, if you are still using POP3 over the internet I really have to ask why?

          However MS recommendations are for 25, 80, 443, 987 and 1723 to be open and I've seen a lot of sites still stating that 3389 is required for RWW which was the case in SBS 2003 but not 2008/11 IIRC. 80 isn't 100% required, but is for redirection purposes.

          On an aside, for us control freaks , I really dislike the SBS wizards trying to configure routers via UPnP. Horrible idea for security IMO.
          Last edited by cruachan; 1st April 2011, 10:01.
          BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
          sigpic
          Cruachan's Blog

          Comment


          • #6
            Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

            Please replace the term nazis with control freaks;>) The former doesn't go down well when you consider where the TLD of this site is registered .
            For the record: SBS 2K3 NEVER needed 3389 open for RWW - only 443 and 4125.
            See http://www.sbsfaq.com/?p=916
            TIA

            Steven Teiger [SBS-MVP(2003-2009)]
            http://www.wintra.co.il/
            sigpic
            Iím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

            We donít stop playing because we grow old, we grow old because we stop playing.

            Comment


            • #7
              Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

              Originally posted by kamiz9999 View Post


              1st Question :
              what is the address I should put in the dns of my domain registrar from who I bought the domain name I have on my server ? see screenshot

              ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/IMG00002-20110325-0736.jpg
              ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/IMG00001-20110325-0736.jpg

              2nd question :
              I can not add the UC ssl certificate I bought from digicert, I did the export import process and I can see it in my mmc console but when I launch the wizard add a trusted certificate, I only see the default self issued from sbs 2008. I don t know if
              it could have a link with the the name I saved it, I saved it under mail.mydomain.com and I noticed all the name in the list start by remote.... so do you think renaming my certificate by remote.mydomain.com would solve the problem see screenshot
              the 4 domain SAN used for my certificate are :
              -mail.mydomain.com
              -remote.mydomain.com
              -autodiscover.mydomain.com
              -owa.mydomain.com


              ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/IMG00003-20110325-0737.jpg
              First of all, THANK YOU guys ! it seems the best MS exchange forum, here to learn and hope one day I can help myself too, with your support, I successfully went through my 2 problems so here is the solution for my 2 questions :

              1st question solution
              I wanted to manage the dns myself, but not the knowledge and time ressource to make it this way, so I ran the internet connection wizard again and as my domain name is registered with Enom, one of the 3 companies who can manage it for you, so I chose Enom to manage my dns and everything got setup automatically in about 24 to 48 hours dns, sfv, txt, mx records
              Happy with that except now I am stuck at another level. I will come back on it after I answer of the second question

              2nd question solution
              it seems the name file mismatch was the problem, I saved my 4 SAN .cer file ( mail.mydomain.com , remote.mydomain.com , owa.mydomain.com , autodiscover.com ) under mail_mydomain_com.cer I could see it in the mmc console under certificate as mail.mydomain.com but I could not see it in the wizard add a certificate so I went back on digicert website and saved it under remote_mydomain_com.cer with the same 4 same SAN, installed it on sbs again, launched the wizard and TADA ! It appeared in the list and the installation of the certificate was successfull.

              Now I can send mail to administrator at mydomain.com and it goes through, and I created a testone at mydomain.com user and when i send a mail to him it goes through, but I don t know how to go in the mailbox to read them and replied to see if it OK the other way.

              when I type :
              s://remote.mydomain.com/owa

              I got :

              404 - File or directory not found.

              The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.




              when I type
              s://remote.mydomain.com:987
              from a computer outside my network I can log in as the admin and access the admin panel


              NEW QUESTIONS :
              3rd question :
              how can I access my mail and replied to it ?

              4th question :
              my server is at home, and I would like the remote control from my office to be able to make the change and speed up the setup

              thank you again

              Comment


              • #8
                Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

                3rd Question:
                Open exchange management console
                expand server configuration
                Click Client Access
                Under tab outlook web access right click the little owa folder
                and choose proporties.
                On the general tab check the internal and external URL.

                Also be sure that al the correct ports are open on your router or whatever device
                you are using

                4th Question:
                i donn`t understand it

                Comment


                • #9
                  Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

                  If it is setup correctly you should be able to just type "remote.domain.com" in the web browser. You don't need to put any port numbers on the end.
                  You then log in with your domian user and pass. The next screen will give you an option to use owa, connect to a computer including the server, or view the internal web site. You will need to install your certificate. If you used the built in cert it is located in the public/downloads.

                  Also scratch off port 110 from my list in the earlier post. I got port happy when I was typing

                  I also use logmein.com. They have a free version that works nicely.

                  Comment


                  • #10
                    Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

                    Originally posted by mhoogev View Post
                    3rd Question:
                    Open exchange management console
                    expand server configuration
                    Click Client Access
                    Under tab outlook web access right click the little owa folder
                    and choose proporties.
                    On the general tab check the internal and external URL.

                    Also be sure that al the correct ports are open on your router or whatever device
                    you are using

                    4th Question:
                    i donn`t understand it
                    thank you again

                    I took again a lot of screenshots, pictures are better than words, again sorry for the link but I should read 10 posts soon for direct picture in my thread so please add http in front to see them

                    3rd question
                    I am stuck, even from my own server I got the same error message gr.....

                    I did check and I can see the url in the general tab , see picture at :

                    ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/0401-owaurl.jpg

                    I downloaded a port scanner from petri.co.il, see picture at :

                    ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/0401-openports.jpg

                    my sbs console connectivity panel :
                    ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/0401-sbsconsoleconnectivity.jpg

                    under my sbs console, shared folders and websites. tab websites I see 2 red alerts, see picture :
                    ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/0401-sbsconsoleowa.jpg

                    when I right on the owa to enable it, I got this message :
                    ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/0401-sbsconsoleowaenablingerror.jpg

                    4rd question

                    thank you bolivar for the logmein idea, I used it 3 4 years ago but I thought there was a special app included inside sbs. I will installed log me in tomorrow.

                    Comment


                    • #11
                      Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

                      yes from the console click network and go to the list of computers, if you right click on any computer you can choose to send a request to remote to the user on any pc or you can just use terminal services. The request to remote in allows the user to watch what you are doing so you can show them something. The Terminal services will turn their screen black so that can't see what you are doing.

                      Havent had a chance to look at your screen shots yet. Will later today.

                      Comment


                      • #12
                        Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

                        still stuck at the same place, owa not working,

                        few screenshots

                        first one the 2 mailboxes setup, sergioleone at mydomain.com and testone at mydomain.com see picture :

                        ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/mailboxes.jpg

                        my main admin mailbox sergioleone properties, you can see there are few emails in my box ( I can not read them yet ) :

                        ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/sergioleoneproperties.jpg

                        my test user mailbox, with 2 emails in it :

                        ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/testoneproperties.jpg


                        I tried to use the option "fix my network" and got the same message I had at the beginning of my setup, problem with router, but all the ports needed are open as seen in my previous post, screenshot of the router problem :

                        ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/potentialnetworkissues.jpg


                        I can access my home office server from my main office with logmein with no problem at all

                        I don t know how to fix the owa access

                        thank you all in advance

                        Comment


                        • #13
                          Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

                          Have you Port Forwarded the appropriate ports to the IP of the Server?

                          Does OWA work from inside the network?
                          1 1 was a racehorse.
                          2 2 was 1 2.
                          1 1 1 1 race 1 day,
                          2 2 1 1 2

                          Comment


                          • #14
                            Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

                            Originally posted by biggles77 View Post
                            Have you Port Forwarded the appropriate ports to the IP of the Server?

                            Does OWA work from inside the network?
                            as put in my previous post the port 443 for owa is open, I forward to the ip of my server

                            ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/0401-openports.jpg

                            I will post tomorrow a screen of the port forwarding menu to proove it

                            owa not working from inside either same 404 mistake


                            the good news is I reach 5 post so now my screenshots can appear directly in my threads

                            if we go by owa issues, what could be the different reasons owa can not work ?
                            my ssl certificate is installed, I can received mails, last problem is this owa issue, I don t get it, and even in the 5 books I have it all explain how to set it up but there no troubleshooting in any of these books

                            thank you

                            Comment


                            • #15
                              Re: need help to finalize my sbs 2008 setup, too many hairs pulled out

                              Originally posted by kamiz9999 View Post
                              still stuck at the same place, owa not working,

                              few screenshots

                              first one the 2 mailboxes setup, sergioleone at mydomain.com and testone at mydomain.com see picture :

                              ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/mailboxes.jpg

                              my main admin mailbox sergioleone properties, you can see there are few emails in my box ( I can not read them yet ) :

                              ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/sergioleoneproperties.jpg

                              my test user mailbox, with 2 emails in it :

                              ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/testoneproperties.jpg


                              I tried to use the option "fix my network" and got the same message I had at the beginning of my setup, problem with router, but all the ports needed are open as seen in my previous post, screenshot of the router problem :

                              ://i138.photobucket.com/albums/q253/kamiz9999/sbs2008/potentialnetworkissues.jpg


                              I can access my home office server from my main office with logmein with no problem at all

                              I don t know how to fix the owa access

                              thank you all in advance
                              I knew the problem with my previous router, it was not UPNP supported, so I bought a cisco router wrt120n which supports UPNP so after 3 hours set up and port forwarding see screenshots :




                              so I chose the option FIX MY NETWORK in the SBS CONSOLE and I got that :




                              so problem solved for the open ports and router issue

                              I can not access OWA internally or externally, still 404 error :





                              so with my little knowledge I see only 2 places where I need to modify something to make it work

                              IIS



                              or the HOST or MX settings on ENOM.COM




                              thank you to help me finalize this nightmare

                              Comment

                              Working...
                              X