locked
Help With OWA Certificate RRS feed

  • Question

  • Hi everybody

    I need a help with publishing owa with exchange 2007:

    i've domain (abc.local) exchange server  (xyz.abc.local) and isa server member domain with two interfaces internal and external

    my owa have two links external and internal to access

    the external link is : https://mail.abc.com/owa

    the internal link is : https://xyz.abc.local/owa

    my question is when preparing the certificate is this parameters correct:

    New-ExchangeCertificate -GenerateRequest -SubjectName "DC=abc.local, DC=local, O=abc, CN=mail.abc.com -DomainName mail.abc.com, smtp.abc.local, autodiscover.abc.local, abc.local, xyz.abc.local, xyz -FriendlyName "Microsoft Exchange 2007" -Path d:\mail.req

    i think there is a problem with smtp and autodiscover !

    another question can anybody give me the default settings for iis virtual directories in exchange 2007 like (anonymouse check box or clear authentication methods basic or integrated whatever) for all directories or is there any way to reset these directories setting to default ?

    best regards

    Sunday, January 9, 2011 2:21 PM

Answers

All replies

  • For help with your first question, check out this nifty tool on Digicert’s web site:

    https://www.digicert.com/easy-csr/exchange2007.htm

    It will take your input and generate you the proper EMS command.

    Exchange 2010 has a similar GUI built-in, but Exchange 2007 does not.

     

    As for your question on virtual directories, again Exchange 2010 has a tool for this built-in, but Exchange 2007 settings are here:

    Default settings for Exchange-related virtual directories in Exchange Server 2007



    Mike Crowley
    Check out My Blog!

    • Proposed as answer by Mike Crowley Sunday, January 9, 2011 3:00 PM
    Sunday, January 9, 2011 3:00 PM
  • Thanx alot for your reply Mike I configured the exchange and the isa server rules for publishing owa

    when open Internal link(https://xyz.abc.local/owa) every thing is worked fine

    but when open the external link(https://mail.abc.com/owa)  a login page appear for owa and ask for user name and password after enter my credential its takes along time and not open

    the strange thing is when restarting IIS service (iisreset /noforce)

    and try the external link a different login window appear not a web page and ask for user name and password after inserting the user name and password I can access my account with OWA after a few minutes if I retry to access OWA the first access web page appear and cannot access

    i noticed not every time I restarted iis service i can access external owa link

    another thing :

    when testing the the publishing rules in isa server sometime successful and sometimes take along time and then failed  the error message appear about timeout period expired  without changing any settings

    sorry for my English and best regards

    • Edited by Undying01 Tuesday, January 11, 2011 12:44 PM
    Tuesday, January 11, 2011 12:38 PM
  • when test outlook web service some error appears :


    Id      : 1003
    Type    : Information
    Message : About to test AutoDiscover with the e-mail address Administrator@abc.com
             

    Id      : 1007
    Type    : Information
    Message : Testing server xyz.abc.local with the published name http
              s://xyz.abc.local/ & https://mail.abc.com/ews/ex
              change.asmx.

    Id      : 1019
    Type    : Information
    Message : Found a valid AutoDiscover service connection point. The AutoDiscover
               URL on this object is https://xyz.abc.local/Autodiscover
              /Autodiscover.xml.

    Id      : 1006
    Type    : Information
    Message : The Autodiscover service was contacted at https://xyz.abc.local/Autodiscover/Autodiscover.xml.

    Id      : 1013
    Type    : Error
    Message : When contacting https://xyz.abc.local/ received the error
               The request failed with HTTP status 405: Method Not Allowed.

    Id      : 1016
    Type    : Error
    Message : [EXCH]-Error when contacting the AS service at https://xyz.abc.local/. The elapsed time was 15 milliseconds.

    Id      : 1015
    Type    : Success
    Message : [EXCH]-Successfully contacted the OAB service at https://xyz.abc.local/. The elapsed time was 0 milliseconds.

    Id      : 1014
    Type    : Success
    Message : [EXCH]-Successfully contacted the UM service at https://xyz.abc.local/UnifiedMessaging/Service.asmx. The elapsed time was 453
              milliseconds.

    Id      : 1013
    Type    : Error
    Message : When contacting https://mail.abc.com/ews/exchange.asmx recei
              ved the error The request failed with HTTP status 401: Unauthorized.

    Id      : 1016
    Type    : Error
    Message : [EXPR]-Error when contacting the AS service at https://mail.abc.com/ews/exchange.asmx. The elapsed time was 15 milliseconds.

    Id      : 1015
    Type    : Success
    Message : [EXPR]-Successfully contacted the OAB service at https://mail.abc.com/ews/exchange.asmx. The elapsed time was 0 milliseconds.

    Id      : 1014
    Type    : Success
    Message : [EXPR]-Successfully contacted the UM service at https://mail.abc.com/UnifiedMessaging/Service.asmx. The elapsed time was 15 milli
              seconds.

    Id      : 1017
    Type    : Success
    Message : [EXPR]-Successfully contacted the RPC/HTTP service at https://mail.abc.com/Rpc. The elapsed time was 0 milliseconds.

    Id      : 1006
    Type    : Success
    Message : The Autodiscover service was tested successfully.

    Id      : 1021
    Type    : Information
    Message : The following web services generated errors.
                  As in EXCH
                  As in EXPR
              Please use the prior output to diagnose and correct the errors.

    Tuesday, January 11, 2011 12:54 PM
  • Hmm, you may want to start a new thread for the ISA publishing issue.  What does the “test rule” button produce?

    In the meantime be sure to read this great whitepaper on the topic:

    http://www.microsoft.com/downloads/en/details.aspx?FamilyID=894bab3e-c910-4c97-ab22-59e91421e022&displaylang=en



    Mike Crowley
    Check out My Blog!

    • Marked as answer by Mike Crowley Tuesday, April 5, 2011 8:45 PM
    Tuesday, January 11, 2011 3:07 PM
  • Thanx for reply I have isa 2006 standard edition and exchange 2007 i'll try to follow the same steps that you give it to me with exchange 2010 and forefront tmg but i want to ask something the autodiscover service should be :autodiscover.abc.local or autodiscover.abc.com
    Wednesday, January 12, 2011 9:02 AM
  • The steps should indeed be similiar.  Be sure to install the latest patches and service packs on the 2006 box.

    the external autodiscover record (and the name on the cert) should be autodiscover.abc.com.  however the internal name resolution (and the url used by ISA may be .local.  but if you plan to use .local between Exchange and ISA you'll need your cert to match this as well, if Exchange requires SSL.



    Mike Crowley
    Check out My Blog!

    Wednesday, January 12, 2011 3:57 PM
  • sorry for late and thanx for your reply

    I followed the steps in this threads http://www.isaserver.org/tutorials/Publishing-Exchange-2007-OWA-Exchange-ActiveSync-RPCHTTP-using-2006-ISA-Firewall-Part1.html

    everything works good but we have some problems

    owa from outside the company sometimes worked directly after inserting user name and password my inbox appear and i can work fine but sometimes after inserting user name and password and press login its takes a lot of time in loading and the error message appear

    Technical Information (for support personnel) Error Code 64: Host not available Background: The connection to the Web server was lost.

    the strange thing is when typing user name and password then press login button after 2 - 5 sec press login button again it will be logged on and view my inbox or if the error message appear Technical Information (for support personnel) Error Code 64: Host not available Background: The connection to the Web server was lost. then refresh the page the inbox will appear and i can work good

    Wednesday, January 19, 2011 6:00 PM
  • The forums have been having some issues and I didn't notice your reply.  Sorry.  What's the latest here?

    Mike Crowley
    Check out My Blog!

    Tuesday, March 22, 2011 3:18 AM