Exchange 2010 CAS Proxy not working
The internet facing CAS server has internal and external url as
https://mail.domain.com/owa
The non internet facing CAS server has internal url
https://servername.domain.com/owa, with windows integrated authenticaion set. No external url set.
When I try to use OWA to access a user's mailbox that is active on a mailbox server in the non internet AD site using
https://mail.domain.com/owa , I get the following error:
The mailbox you're trying to access isn't available
No Client Access server or front-end server with a matching version was found to handle the request.
Exception message: The CAS server is most likely not configured for SSL (it returned a 403)
However, All Exchange servers are running the same version.
If I try to access the user's mailbox using
https://servername.domain.com/owa it works fine
Anand_N
Hi,
Check the event viewer application logs.
I have seen the same issue and the resolution is given in the event logs.
I think you might have to change the SSL settings on the non-internet facing CAS or there is some regisrty settings.
AllowProxyingWithoutSSL
Also, check below link
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_26671364.html
http://www.tech-archive.net/Archive/Exchange/microsoft.public.exchange.setup/2013-02/msg00000.html
Similar Messages
-
Hello,
I've installed Exchange 2013 into Exchange 2010 infrastructure
[ single Exchange 2010 server; single AD site; AD = 2003 ],
and moved one mailbox [ Test user ] to Exchange 2013.
When I login internally through 2013 OWA to access mailboxes on 2010, then proxy works fine.
When I login internally through 2010 OWA to access mailboxes on 2013, then a message appears:
Use the following link to open this mailbox with the best performance: with link to 2013 OWA...
What is wrong ?
I've checked and changed settings by:
Get-OwaVirtualDirectory, Set-OwaVirtualDirectory
[PS] C:\work>Get-OwaVirtualDirectory -Identity 'ex10\owa (Default Web Site)' | fl server,name, *auth*,*redir*,*url*
Server : EX10
Name : owa (Default Web Site)
ClientAuthCleanupLevel : High
InternalAuthenticationMethods : {Basic, Fba, Ntlm, WindowsIntegrated}
BasicAuthentication : True
WindowsAuthentication : True
DigestAuthentication : False
FormsAuthentication : True
LiveIdAuthentication : False
AdfsAuthentication : False
OAuthAuthentication : False
ExternalAuthenticationMethods : {Fba}
RedirectToOptimalOWAServer : True
LegacyRedirectType : Silent
Url : {}
SetPhotoURL :
Exchange2003Url :
FailbackUrl :
InternalUrl : https://ex10.contoso.com/owa
ExternalUrl : https://ex10.contoso.com/owa
[PS] C:\work>Get-OwaVirtualDirectory -Identity 'ex13\owa (Default Web Site)' | fl server,name, *auth*,*redir*,*url*
Server : EX13
Name : owa (Default Web Site)
ClientAuthCleanupLevel : High
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
BasicAuthentication : True
WindowsAuthentication : True
DigestAuthentication : False
FormsAuthentication : False
LiveIdAuthentication : False
AdfsAuthentication : False
OAuthAuthentication : False
ExternalAuthenticationMethods : {Fba}
RedirectToOptimalOWAServer : True
LegacyRedirectType : Silent
Url : {}
SetPhotoURL :
Exchange2003Url :
FailbackUrl :
InternalUrl : https://ex13.contoso.com/owa
ExternalUrl :
best regards Janusz SuchHi Janusz Such,
Based on my knowledge, CAS proxy can only from later version to previous version.
Some like CAS2013 to CAS2010/2007, CAS2013 to CAS2013.
Thanks
If you have feedback for TechNet Subscriber Support, contact
[email protected]
Mavis Huang
TechNet Community Support -
Hi all , I have an exchange 2010 SP 2 environment with 2 sites , the remote site FL free busy has NEVER worked and I get this error on the remote site , is this related ?
thanks
Log Name: Application
Source: System.ServiceModel 3.0.0.0
Date: :
Event ID: 3
Task Category: WebHost
Level: Error
Keywords: Classic
User: SYSTEM
Computer: FL-CAS1.WOMBAT.LOCAL
free bust works from WITHIN the remote (FL ) site , but NEVER to the main (WASH) site , it has Never worked ,I am thing that this error is related
thanks I have no idea how to fix
Description:
WebHost failed to process a request.
Sender Information: System.ServiceModel.ServiceHostingEnvironment+HostingManager/17256489
Exception: System.ServiceModel.ServiceActivationException:
The service '/EWS/exchange.asmx' cannot be activated due to an exception during compilation. The exception message is: Could not find a base address that matches scheme http for the endpoint with binding CustomBinding. Registered base address schemes
are [https].. ---> System.InvalidOperationException:
Could not find a base address that matches scheme http for the endpoint with binding
++++Hi
This issue could be with corruption in Autodiscover and web services virtual directory
Replace Web.config file for Autodiscover and web services virtual directory from the other working site
Delete and Recreate Autodiscover and web services virtual directory
Do this only on the affected site
Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com Thanks Sathish
(MVP) -
Exchange 2010 IIS Redirect not working
Hi, this is our first time posting. Our http to https redirects in IIS seem to not want to work. Our setup before this happened consisted of the default website redirecting to "https://webmail.lsgnet.com/owa". This worked perfectly until the
installation of our new certificate. We have tried both the standard http redirect option under default website as well as a rule in the URL rewrite module. neither seem to want to work for redirecting to https. The HTTP redirect seems to *want* to work as
when its enabled, it successfully points "https://webmail.lsgnet.com" to https://webmail.lsgnet.com/owa". however it will not do the same for http (worked previously this way with old cert.) We attempted to disable the http redirect and instead
use the URL rewrite module following the instructions here: http://www.jppinto.com/2010/03/automatically-redirect-http-requests-to-https-on-iis7-using-url-rewrite-2-0/ but that doesn't work period. Bindings have been removed and re-added multiple times. Any
help would be greatly appreciated as we have scoured google and cannot find any solutions to this nor reasons why. Thanks much.Hi,
From your description, I recommend you verify the following thing for troubleshooting:
Open IIS Manager, click Default Web Site -> OWA -> SSL Settings, please make sure "Require SSL" option is unchecked.
What's more, here is a thread for your reference.
Exchange 2010 http://domain.com/owa redirect to
https://domain.com/owa
http://social.technet.microsoft.com/Forums/en-US/7326eebc-3162-4366-84a4-ba23755686e5/exchange-2010-httpdomaincomowa-redirect-to-httpsdomaincomowa?forum=exchange2010
Hope it helps.
Best regards,
Amy
Amy Wang
TechNet Community Support -
Hi
Exchange 2010 users are NOT able to connect to their mailboxes when they go through exchange 2013 OWA address. We get a message that says following ---> "Something went wrong"
Following is our URL. The address is pointing to 2013 CAS loadbalancer VIP. Outlook anywhere is working fine. What is going on?
Important: All my exchange 2010 / 2013 URIs are the same as suggested by Microsoft (Owa, ecp, activesync, ews, autodiscover): --> mail.domain.com/XXXHello Rawa,
Can you log on Exchange 2010 OWA using its localhost address?
Please make sure the intenralurl value is set to Exchange 2010’s local host name and set the Externalurl to Null.
http://technet.microsoft.com/en-us/library/bb310763(v=exchg.141).aspx
Thanks,
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Simon Wu
TechNet Community Support -
Exchange 2013 EAC will not run with Exchange 2010 CAS\HT servers shut down.
Hi Folks,
A little background - We have just migrated all our user mailboxes and public folders to Office 365 using a hybrid configuration. Now that the migration is essentially finished, I'd like to decommission our on-prem Exchange infrastructure and remove the
hybrid config. We are using dirsync with password sync to replicate our AD to the cloud.
I've read that even if you remove your hybrid configuration, it's a good idea to keep one on-prem Exchange server around so you can edit Exchange attribs (such as email addresses) in a supported manner, rather than using ASDI edit, etc.
To this end, I installed a single Exchange 2013 CA\MBX server. After installation, the EAC worked fine, and I was able to view our on-prem users, groups, etc. Last week, I shut down our two Exchange 2010 CAS\HT servers as a test to see if anything broke
prior to decommissioning them (these were the hybrid servers as well). After doing so, the Exchange 2013 EAC no longer works for some reason, and behaves in a very bizarre fashion. About once every 20 times or so, it will actually start and run. The other
times, it just has you enter your creds, then generates an HTTP 500 internal server error after entering them. It seems to make no difference if you attempt to access it by the fqdn, hostname, or localhost right on the box itself. Same behavior on Chrome or
IE.
Today as a test, I started up one of the 2010 CAS servers and lo and behold, the 2013 EAC ran without difficulty again. Any idea why this might be so? Thanks for any help,
IanHi,
From your description, I recommend you use the following URL to check if you can access EAC. I see it works for several people about this issue.
https://<Exchange 2013 CAS FQDN>/ecp?ExchClientVer=15
Hope it helps.
Best regards,
Amy Wang
TechNet Community Support -
Is it supported to connect Exchange 2013 Mailbox using Exchange 2010 CAS in Co-existence?
Hi Team,
I am in the phase of upgrading Exchange 2010 to 2013, and introduced 4 MBX and 2 CAS of 2013 servers in co-existence.
Only one production mailbox of 2010 moved to 2013. The owa of the mailbox moved to 2013, is working OK internally coz only internally configured, but when I configure outlook using 2010 settings, it got configured but when I open outlook it doesn't
open and throws an error of some "cannot open set of folders".
Is it supported to connect Exchange 2013 Mailbox using Exchange 2010 CAS in Co-existence? because I havnt configured 2013 CAS servers yet.
Kindly share some KB or tip. Any help is appreciated. Thank You.
Muhammad Nadeem Ahmed Sr System Support Engineer Premier Systems (Pvt) Ltd T. +9221-2429051 Ext-226 F. +9221-2428777 M. +92300-8262627 Web. www.premier.com.pkI'll change Adam's wording slightly - you *MUST* install a CAS 13 server into every site where there is a MBX 13 server.
Cheers,
Rhoderick
Microsoft Senior Exchange PFE
Blog:
http://blogs.technet.com/rmilne
Twitter: LinkedIn:
Facebook:
XING:
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose. -
Catalyst SLB - Exchange 2010 CAS RPC
Hi.
We're currently testing out SLB for load balancing a pair of Exchange 2010 CAS servers. The config seems straightforward enough for single port services like 'Outlook Anywhere' or 'Outlook Web Access' (all on https).
Does anyone have real life experience with getting straight MAPI Outlook load balancing to work? According to Microsoft, there's only 3 ports to be concerned with - endpoint mapper, rpc.clientaccess, and address.book. I've got the latter two set for static across both of these servers, and have 3 appropriate vservers in place pointing to the serverfarm, but a capture shows the process getting hung up on tcp135. It's as if whatever server the endpoint request is landing on doesn't know what to do with the request.
Thanks in advance for any replies.Hello Jay!
Take a look at this doc:
http://www.cisco.com/en/US/docs/solutions/Verticals/mstdcmsftex.html#wp609677
RPC requires source ip sticky in order to operate correctly through a loadbalancer. In the doc, they also walk through doing RPC over http/https - however, I have seen configurations where ACE is not L5-L7 that use RPC on port 135 as a L4 rule with sticky and it appears to work ok.
Regards,
Chris Higgins -
Exchange 2013 CAS functionality in coexistence with Exchange 2010 CAS
Hi,
I am planning to migrate Exchange 2010 to Exchange 2013 for 15000 users. We have a pool of 6 CAS 2010 servers added in a single CAS array. So my question is if we introduce a new CAS 2013 server in same site then will it affect CAS traffic anyway ? If we
point our HLB to all CAS servers including CAS 2010 and CAS 2013 so will the CAS 2010 servers wil take traffic or is it only CAS 2013 servers who will take traffic. We will be putting same URLs in CAS 2013 same as CAS 2010. I have read lot of MS articles and
all say that CAS 2013 should be enabled for CAS traffic and it will proxy request to CAS 2010. But I am not sure if we will face any CAS traffic issue whenever we will introduce CAS 2013 servers in same site and traffic will be pointed to CAS 2010 and CAS
2013 both. Is it possible to add CAS 2013 in Exchange 2010 CAS array ? Please guide. Thanks in advance.For mailbox that exist on Exchange 2010, EXCH2013 CAS will proxy the request to an Exchange 2010 Client Access servers that exists within the mailbox’s local site.
For mailboxes that exist on Exchange 2013, EXCH2013 CAS will proxy the request to the Exchange 2013 Mailbox server that is hosting the active copy of the user’s mailbox which will generate the Autodiscover response.
-->Is it possible to add CAS 2013 in Exchange 2010 CAS array ?
No. CAS Array is no longer exits in Exchange 2013. But concept of a single namespace for Outlook connectivity remains. Please check this and this. In
your case you dont need to worry as you have a HLB in place it will do the job
When a new exchange2013 is deployed Outlook Anywhere has been enabled on all Client Access servers within the infrastructure and the mail.contoso.com and autodiscover.contoso.com namespaces have been moved to resolve to Exchange 2013 Client Access server
infrastructure. In your case it is pointed to both as you have a load balancer in place but the same URL should be configured in exch2013
Make sure you have exchange2010-SP3 minimum as it is the prerequisite requirement for upgarding EXCh2010 to 2013.
Please check the exchange server deployment assistant
tool for moving mailboxes
After moving a mailbox check the URLs. Configure autodiscover,EWS,OAB URLs on exchange2013. Please check this as
well for checking URLs.
I hope you know MAPI/RPC (RPC over TCP) traffic is now replaced with RPC over HTTP/s instead in exch2013.
Thanks
MAS
Please don't forget to mark an answer if it answers your question or mark as helpful if it helps -
Best practice SSL End-to-End in Exchange 2010 CAS loadbalancing
Hi,
I was wondering if there is a best practice for deploying SSL End-to-End in Exchange 2010 CAS loadbalancing.
We have ACE modules A5(1.1) and ANM 5.1(0), although there seems to be a template available in ANM it doesn't work. It throws a error when deploying, i believe the template is corrupt.
As I am undersome pressure to deploy this asap I am looking for a sample config. I found one for SSL offloading, but I need one for End-to-End SSL.
Thanks in advance,
DionHi Dion,
You can open up a case with TAC to have that template reviewed and confirm if the problem is at the ACE or ANM side.
In the meantime here is a nice example for End-To-End SSL that can help you to get that working:
http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a00809c6f37.shtml
For CAS load balancing there's nothing special other than opening the right ports, I'd advise you to get SSL working first and take it from there, if any problem comes up you can post it here and we'll give you a hand.
HTH
Pablo -
False/True Case is not working. Please Help!
Dear all,
I attached my block diagram, one attachment refers to true case and the other refers to false case.
My program runs like this: when i run the vi , after homing the motor (there is home.vi), DAQ is collecting the values in the while loop, and according to the DAQ's value, motor should run the False/True case but it does not
As a result: true/false case is not working which is located at the outside of the loop(bottom side of the block diagram)
When i put the the True/false inside the Loop(DAQ's loop) , then it is working. But this brings lots of problem, two of them is:
1-) When the DAQ values goes below to "50" then it turns to true case again,
2-) The false case has stop.vi which cause to motor stop every iteration of the loop.
So that is why i put True/False case out of the loop but now it is not working at all.
Please answer, waiting response.
Thank you,
Have a nice day,
Kind Regards.
Attachments:
OutloopTrueMode.pdf 432 KB
OutofLoopNotWorking.pdf 443 KBSalander wrote:
Dear GerdW,
Thank you for reply, You can see my answers written with red.
"As long as the case structure is located outside the loop it will not be called before the loop stops. THINK DATAFLOW!"
- The case structure need to run same time with the loop, because as you can see from the attachments the case structure is also integrated with DAQ values.. loop is continuous till i press the stop button. So what i understand that this case structure will not work because loop is continuous?? Cant we upgrade the vi. or do smthg that it can be able to work same time with the loop??
Kind Regards.
You have to place the case structure inside the while loop ( Any significance is there on placing the case outside the loop? ).
Salander wrote:
Dear GerdW,
Btw. it would be much more useful to attach real pictures or, even better, the VI...
Because most of the people dont have my "motor controller's labview drivers" I attached as a PDF file which is very popular.
Not Really * .png file ( vi snippet ) is much more popular here in Discussion Forum
The best solution is the one you find it by yourself -
Exchange 2010 CAS Mailbox Re-direction / Proxying Not Working Properly
Hello Team
In my Exchange 2010 Lab Setup, CAS proxy is not working properly
In Site A : One DC , One HUb Server , 2 CAS Server (CAS ARRAY WIndows NLB), Mailbox Server 2 (DAG)
In Site B : One ADC one hub and CAS( Both are in same box) One Mailbox
Internal and External for SITE A on Server CASARRAY1.labbites.co.in is https://casarray1.labbites.co.in/owa and https://casarray1.labbites.co.in/owa
Internal and External for SITE A on Server CASARRAY2.labbites.co.in is https://casarray2.labbites.co.in/owa and https://casarray2.labbites.co.in/owa
DNS recory casarray.labbites.co.in is present
Internal and External for SITE B on Server INDLBGUEX01.labbites.co.in is https://indlbguex01.labbites.co.in/owa and https://indlbguex01.labbites.co.in/owa
The problem is occurs , whenever the second CAS server casarray2.labbites.co.in is down (Shutdown)
Now , when the user ifrom site A s trying to log in to the OWA with SITE B OWA LINK https://indlbguex01.labbites.co.in/owa it redirects to always https://casarray2.labbites.co.in/owa , since casarray2 server is down the OWA page
is not opening
My Question is Why the proxy re-direction is always going to second casarray2 server instead of casarray.labbites.co.in
how to correct it . please help me to over come the issueHi Albert
Thanks for you update
Get-mailboxdatabase | FT name, RPC*
Name RpcClientAccessServer
DB1 casarray.labbites.co.in
DB2 casarray.labbites.co.in
DB3 casarray.labbites.co.in
Site B Mbx -DB1 INDLBGUEX01.labbites.co.in
The user is administartor who beloings to DB1 and accesing the OWA from the SITE B CAS server link https://indlbguex01.labbites.co.in/owa
and it is redirecting to https://casarray2.labbites.co.in/owa
so as per the above
output , should i make RPCclientaccess server for Site B Mbx -DB1 as casarray.labbites.co.in -
Exchange 2010 GAL Export script working from EMS but not as a scheduled task
I have been asked to get a script together to export the GAL on an Exchange 2010 server and then email it to a manager. I have been playing it with days, and have pruned it to the very minimum to at least try and get it working before improving it. At the
moment I have the text as below:
Del c:\GALexport.csv
Get-Recipient -ResultSize unlimited | where {$_.HiddenFromAddressListsEnabled -eq $false} | Select DisplayName,PrimarySMTPAddress,sAMAccountName,alias | Export-Csv "c:\GALexport.csv"
This works just fine in Exchange Management Shell and deletes the previous report before creating a new one. However, when I set it up as a scheulded task, it does nothing.
The task is set up as follows:
Action - Start a Program
Program/ Script C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell.exe
Add arguments -version 2.0 -NonInteractive -WindowStyle Hidden -command ". 'C:\Program Files\Microsoft\Exchange Server\V14\bin\RemoteExchange.ps1'; Connect-ExchangeServer -auto; d:\Scripts\GalExportReport.ps1"
This is set to run under my administrator account with the highest privileges and I have the logon as batch right.
Unfortunately, when I run it as a scheduled task, nothing happens. The last run result is (0x0) and in the history it says 'task completed', but no report is produced. Can anyone advise please?Does it delete the c:\GALexport.csv file? If not, then its not even executing the ps1 script...
- Open cmd prompt and run below command to confirm that there isn't any typo or any other small error...
C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell.exe -version
2.0 -NonInteractive -WindowStyle Hidden -command ". 'C:\Program Files\Microsoft\Exchange Server\V14\bin\RemoteExchange.ps1'; Connect-ExchangeServer -auto; d:\Scripts\GalExportReport.ps1"
- If above works then something wrong with task scheduler configuration...
Blog |
Get Your Exchange Powershell Tip of the Day from here -
ECP Page not loading after installing SP3 on Exchange 2010 CAS&HUB Server
I have installed SP3 on my Exchange CAS Server after that OWA was not working, hence I have reset owa, ecp,ews,oab, autodiscover & active sync virtual directory from EMC. After that OWA is started working.
But While accessing ECP , content is not loading properly. I have reset virtual directory of ecp 2 times but problem is still same.
KashiDid you tested different browser?
Cheers,
Gulab Prasad
Technology Consultant
Blog:
http://www.exchangeranger.com Twitter:
LinkedIn:
Check out CodeTwo’s tools for Exchange admins
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose. -
Exchange Outlook Anywhere does not work!
Hi,
Im having issues to get the Outlook Anywhere to work.
Running Exchange 2010 SP2 with RU1 (two HT/CAS/MBX servers) + TMG + HL.
I have a Geotrust SAN certificate (autodiscover.company.com, mail.company.com, mapi.company.local, legacy.company.com + fqdn of the servers)
CASArray = mapi.comany.local = HL
Outlook Anywhere is configured: mail.company.com / basic auth
All DNS records that are included in the certificate are pointed towards TMG.
TMG should be configured accordingly aswell as our HL. (have asked our guys to verify this several times...but you never know)
from testexchangeconnectivity.com I have various results.
If running RPC/HTTP test with manual specifications it fails...
RPC proxy server: mail.company.com
Exchange Server: mail.company.com or mapi.company.local
msstd: mail.company.com
but...
If running the RPC/HTTP test with Exchange server specified as FQDN like SRV01.company.local it works?Hi again,
RPC ports is set under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy, se a bunch of 6001, 6002 and 6004 that corresponds to my mapi.company.local, netbios names and more...
these ports are only beeing used on the exchange server itself? they are capsuled in a 443 package passing through TMG and HL right?
I can telnet via the HL on port 6001, result:
ncacn_http/1.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy
Value name: ValidPorts
Value data: ExchangeServer :6001-6002; ExchangeServerFQDN
:6001-6002; ExchangeServer :6004; ExchangeServerFQDN :6004
Note: *
ExchangeServer should be the NetBIOS name of Mailbox server.
* ExchangeServerFQDN
should be the fully qualified domain name (FQDN) of Mailbox server.
When you test in testexchangeconnectivity.com, the Exchange server should be the FQDN name instead of the external URL.
So please change the registry key and reboot the server to take effert. And then try again to see if this works.
Fiona Liao
TechNet Community Support
Maybe you are looking for
-
Attempt to open Library - FCPX (not responding)
Running latest OS on my 2008 MacPro. Have been editing for weeks, no trouble opening the Library containing a 2-hour film ready to be burned to a DVD. Yesterday it opened fine, but after I closed FCPX and then, a little later, tried to open that Libr
-
I was given an ipod and it has been disabled and I have tried to hook it up to itunes and it won't sync
-
Missing dropdown list items?
I have tried the following two ways to get the string corresponding to the selected value from a dropdown box. public void dropDown1_processValueChange(ValueChangeEvent event) { financewebapp.SessionBean1 sb = (financewebapp.SessionBean1)
-
My Mac freezes all of a sudden randomly. No spinning beach balls. It just freezes and I can't even move the cursor. It happens time to time and I have no idea what's causing it. First I thought it's because of the heat, but since my mac isn't so hot
-
Titles have way too much blank time in them
After the latest update to iMovie HD 6.0.3, the titles started behaving badly. More than half of the title is just black time. It starts out normally, but before it gets half way thru the title, it fades to black. I never had this problem before. Tit