Exchange 2010 OWA and ASA5510 - Wrong URL?
I'm in the final steps of migrating my customer's Exchange server from Exchange 2003 to Exchange 2010. I've got all the mailboxes moved and am testing the OWA access. Under Exchange 2003, the internal/external users were able to access OWA thru the following URL:
http://mail.mycustomer.org/exchange
It would pop up a login box, they'd put in their domain info and get connected to their mailbox.
After migrating to Exchange 2010, the user had to change the URL to httpS://mail.mycustomer.org/exchange or httpS://mail.mycustomer.org/owa, but it worked internally. When I test it externally, I get the following page:
https://mail.mycustomer.org/+CSCOE+/wrong_url.html
I have next to no experience with Cisco devices, management, and/or maintenance, but what I've found in my research points to an issue w/ our ASA5510 and the port 443 required by the SSL connection to the Exchange server. Any help to resolve this issue so that my external users will be able to access OWA would be greatly appreciated. Thanks.
Hi,
Can you check the output of the following commands
show run http
show run webvpn
These are basically the 2 services that utilize the port TCP/443 port on the ASA.
The first commands output will show some settings related to the ASDM which is the GUI for the ASA management. The second command output will show settings related to the SSL VPN.
Both of these services can be modified to use some other port than TCP/443 which would leave the port free for your server.
I assume that you only have one public IP address at your disposal which is configured on the ASA interface and you have no extra public IP address? Otherwise this should be no problem at all.
Naturally if you change the port on ASDM or SSL VPN it will cause some inconvinience for users of those services. Ofcourse you have the option to map the local TCP/443 port of the server to some other public port like TCP/444 but again this might cause inconvinience to the users also.
- Jouni
Similar Messages
-
Securing publishing exchange 2010 OWA and ActiveSync with WAP 2012
Hello,
my client have the following environment:
Exchange 2010 sp3
AD 2003
we want to secure activesync and owa by using reverse proxy. TMG/UAG life ends 2015, then we study WAP 2012 and ADFS 3.0. the difficulties is there is not enough experience feedback, specially for this environnement.
Is there any incompatibility ?
do you know good articles and blogs which address this issue ?
Thanks in advanceAre any other options available since posting in June 2014? Specifically for securing ActiveSync connections from smartphones on the Internet. We are running Exchange 2010 in AD 2008
TMG has already transitioned from mainstream to extended support. Not only is there less support now, to my understanding there is still a licensing cost for this product. Paying for a product at EOL seems inadvisable.
Web Access Protocol (WAP) looked like the right choice, but to secure communications from domain users on unknown devices over the Internet requires Exchange 2013 which is "claims aware". Exchange 2010 is not and what we are left with is
configuring WAP in pass-thru mode, allowing unauthenticated Internet traffic into our internal network where the Exchange CAS server is.
Is there any Microsoft solution to authenticate the user before allowing the user's device to connect to our CAS server on our internal network. -
Hello All,
We are using TMG2010 (SP2, rollup4) for publishing Exchange 2010 OWA sites. The issue is that after every 10-24 hrs , the TMG server stops logging in OWA sites and start giving below error. Then we have to restart the server one two times or the problem
solves by itself.
I have also install a new server and it is also giving same behavior. On TMG server the exchange edge server and Forefront Protection for exchange is also installed.
Please help to solve this issue.
Denied Connection
-TMG05 5/21/2014 11:44:39 PM
Log type:
Web Proxy (Reverse)
Status: 12302 The server denied the specified Uniform Resource Locator (URL). Contact the server administrator.
Rule:
PRC-OWA
Source:
119.157.175.238:56971
Destination:
111.68.105.121:443
Request:
GET http://mail.parc.gov.pk/owa
Filter information:
Req ID: 0e947d98; Compression: client=Yes, server=No, compress rate=0% decompress rate=0% ; FBA cookie: exists=yes, valid=yes, updated=no, logged off=no, client type=public, user activity=yes
Protocol:
https
User:
anonymous
Additional information
Client agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)
Object source: (No source information is available.)
Cache info: 0x0
Processing time: 125 MIME type:Hi,
A similar thread:
http://social.technet.microsoft.com/Forums/forefront/en-US/e8fdc1bd-f023-4804-ad02-67899d8c7347/the-server-denied-the-specified-uniform-resource-locator-errors12302-ashttp-error-code-of-500?forum=Forefrontedgegeneral
Best Regards,
Joyce
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Exchange 2010 OWA usage in Exchange 2013
Hi,
I have Exchange 2010 with Sp3 Currently running in environment, Now we have plan to Migrate it to Exchange 2013.... Total number of mailbox is around 26000.
Before Migration we want below things to keep in mind...
1. We want to Use existing exchange 2010 OWA url ( mail.abc.com ), How to accompolish this as it will take couple of months to migrate all mailbox ?
2. Can i use my Existing Exchange certificate to get the above goal done ?
3. What will be the steps and pre-requsite to achieve the Goal ?
An Early reply would be appreciated !!
AmitHi Amit
First Change SCP of Exchange 2010 CAS VIP to Exchange 2013 CAS VIP.
Configure external DNS records accordingly.DNS entries should be pointed to Exchange 2013 CAS from Exchange 2010 CAS.
Ensure that you are having a seperate name for CAS array from external ews url
Outlook Anywhere should be enabled and Url should be external URL which points to Exchange 2013.
Authentication for OUtlook Anywhere should be - NTLM
for OWA exchange 2010 - FBA and windows
Point your new CAS server to the firewall or TMG . Now from exchange 2013 all request will be proxied to 2010 users
You cannot use the same certificate . YOu need to add seperate entries as the host name for new servers will vary
Apply a new certificate with all the required site names included in Exchange 2013 CAS.
Whats more you can refer my blog as well
http://exchangequery.com/2014/05/02/things-to-consider-before-configuring-autodiscover-in-exchange-20102013-coexistence-scenarios/
Cheers :)
Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com -
Exchange 2010 OWA login page customization does not work
Where can I post a question regarding Exchange 2010 OWA login page customization? The customization worked before running updates, now all users navigating to the OWA page see the default configuration.
Hello,
You should ask in the
Exchange Previous Versions - Administration, Monitoring, and Performance forum.
Karl
When you see answers and helpful posts, please click Vote As Helpful, Propose As Answer, and/or Mark As Answer.
My Blog: Unlock PowerShell
My Book: Windows PowerShell 2.0 Bible
My E-mail: -join ('6F6C646B61726C40686F746D61696C2E636F6D'-split'(?<=\G.{2})'|%{if($_){[char][int]"0x$_"}}) -
Exchange 2010 OWA [Change Number of items to display per page]
Hi Sir,
I have some problem and question ?
I has migrate from exchange 2007 to exchange 2010.
Exchange 2010 OWA cannot Change Number of items to display per page
Exchange 2007 can change number of items to display per page
Exchange 2010 OWA cannot Change Number of items to display per page
You can help me to solved problem and customization?
Thank you.
BoongerdHi,
This feature has been moved in Exchange 2010 OWA. However this feature is available in OWA light version. Here are steps to change the settings in OWA light version.
Log in to OWA, click the Use the light version of Outlook Web App
check box on the login page.
Select Options in the upper right hand corner of the screen.
Select Messaging from the left navigation panel.
In the section for "Message Options", change the "Number of items to display per page", select the desired number of messages.
Exchange 2010: OWA versus OWA light.
http://blogs.technet.com/b/ilvancri/archive/2010/04/07/exchange-2010-owa-versus-owa-light.aspx
New Features in Exchange 2010 OWA.
http://technet.microsoft.com/en-us/library/aa998629(v=exchg.141).aspx
Best Regards. -
Hi all,
4 Exchange Servers (2 DB + 2 CAS NLB Cluster) all Exchange 2010 SP1
Outlook work fine.
If I delete a message in OWA i became the following errors:
Internet Explorer:
Die Netzwerkverbindung ist nicht verfügbar. Wenn das Problem weiterhin auftritt, wenden Sie sich mit folgendem HTTP-Statuscode an den Helpdesk: 0.
Translation: The networkconnection is not available. If it happens again, contact the helpdesk with HTTP statuscode 0
Firefox:
Die Netzwerkverbindung ist nicht verfügbar. Wenn das Problem weiterhin auftritt, wenden Sie sich mit folgendem HTTP-Statuscode an den Helpdesk: 302.
Translation: The networkconnection is not available. If it happens again, contact the helpdesk with HTTP statuscode 302
Event ID 1006 MSExchange Mailbox Replication
Fehler: MapiExceptionNetworkError: Unable to make connection to the server. (hr=0x80040115, ec=-2147221227)
Before SP1 it worked fine.
Can somebody help me ?
Kind regards AndyHi,
First, I would like to confirm the following questions:
1. Does the issue occur on certain user mailbox via OWA or each user mailbox?
2. Which OWA folder’s email cannot be deleted, Inbox, Sent Items or each folder?
3. Which version of operating system is installed on the client machine, Windows XP, Windows Vista or Windows 7?
At this stage, I suggest you temporarily disable firewall and anti-spam for a test. If the emails still cannot be removed via OWA, please refer to the following article
and use isinteg tool to check and repair Information Store.
Description of the Isinteg utility
Thanks.
Novak Wu-MSFT -
Exchange 2013 - OWA "Something Went Wrong", Out of office in Outlook "Server unavailable"
Hi,
We have a new deployment of Exchange 2013 CU2 V2 running on a Windows 2012 server. Everything has been running without issues and then without any real clue to why, we are now getting an issue where OWA says "Something Went Wrong" after processing
your login, (it appears to process the login as if I type in incorrect details it tells me the password/username is wrong).
At the same time we have also lost the ability to run the Out Of Office in Outlook which comes back saying the server is not available and we can't seem to share calendars correctly either. (Can set Out Of Office via the Management Shell without issues).
When running a Get-Serverhealth on the OWA.Protocol it tells me the OWASelfTestMonitor is unhealthy.
I've tried re-creating the OWA, EWS Virtual Directorys and also the autodiscover but with no effect. I've also restarted the server.
Outlook 2013 and mobile phones are working fine on the server and the Exchange Admin Centre is also working without issues.
I am getting tempted to apply CU2 again to see if this sorts it but don't really like doing this on a server with 50 live users on it...
In the eventlog I can see lots of the 2 errors listed below which seems to line up. (System Log and Application Log seem to be clear of other errors or warnings.)
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 04/11/2013 11:25:00
Event time (UTC): 04/11/2013 11:25:00
Event ID: 2fcdb9112c794b63a9ea9577a23e4603
Event sequence: 2
Event occurrence: 1
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/2/ROOT/owa-411-130280378905273269
Trust level: Full
Application Virtual Path: /owa
Application Path: C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\owa\
Machine name: SERVERNAME (I altered this for post)
Process information:
Process ID: 9648
Process name: w3wp.exe
Account name: NT AUTHORITY\SYSTEM
Exception information:
Exception type: HttpException
Exception message: '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.
Lots more code.......
AND
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 04/11/2013 11:24:24
Event time (UTC): 04/11/2013 11:24:24
Event ID: 2586a044b2d74b97a1095aec478bf4ae
Event sequence: 2
Event occurrence: 1
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/2/ROOT/EWS-668-130280378564324526
Trust level: Full
Application Virtual Path: /EWS
Application Path: C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\exchweb\EWS\
Machine name: SERVERNAME (I have changed this for post)
Process information:
Process ID: 9840
Process name: w3wp.exe
Account name: NT AUTHORITY\SYSTEM
Exception information:
Exception type: HttpException
Exception message: '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.
lots more data...Hi Angela,
I can't see any re-directions on the website and have certainly not set any intentionally. I did try installing the Remote Web Gateway on the server and then found that it doesn't work on an exchange box and removed it but the server was working after
this.
The HTTP Redirect in Default Web Site is not showing anything set and the same for the Back End.
The bindings on the default site all look normal with;
http 80 127.0.0.1
https 443 127.0.0.1
http 80 *
http 443 *
The same is mirrored in the Exchange Back End site but with ports 81 and 444.
Running the Outlook auto configure just using Autodiscover all looks good with the URLs listed all pointing to (http)://mail.mydomain.co.uk/whatever... and the log says Autodiscover to (https)://mail.mydomain.co.uk/Autodiscover/Autodiscover.xml Suceeded
(0x00000000)
But, if I type in the OOF address of (https)://mail.mydomain.co.uk/EWS/exchange.asmx I get a login prompt but once user details are entered I then get;
'.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Xml.XmlException: '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[XmlException: '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.]
System.Xml.XmlTextReaderImpl.Throw(String res, String[] args) +163
System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace() +7572550
System.Xml.XmlTextReaderImpl.ParseDocumentContent() +62
System.Xml.XmlReader.ReadToFollowing(String name) +112
Microsoft.Exchange.Data.ApplicationLogic.Extension.KillBitHelper.ReadKillBitXmlContent(XmlReader reader, Int32& refreshRate) +185
Microsoft.Exchange.Data.ApplicationLogic.Extension.KillBitHelper.TryReadKillBitFile(Int32& refreshRate, DateTime& lastModifiedTime) +710
Microsoft.Exchange.Data.ApplicationLogic.Extension.KillBitTimer.Start() +202
Microsoft.Exchange.Services.Global.Application_Start(Object sender, EventArgs e) +975
[HttpException (0x80004005): '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.]
System.Web.HttpApplicationFactory.EnsureAppStartCalledForIntegratedMode(HttpContext context, HttpApplication app) +12864205
System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext context, MethodInfo[] handlers) +175
System.Web.HttpApplication.InitSpecial(HttpApplicationState state, MethodInfo[] handlers, IntPtr appContext, HttpContext context) +304
System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context) +404
System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext) +475
[HttpException (0x80004005): '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.]
System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +12880948
System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +159
System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +12722137
Really wishing I had installed Exchange 2010 at this point!! Just can't see why its not working :( -
Hi,
I have an odd issue whereby if I set "user must change password" on an AD account, the end user cannot logon, they're simply taken back to the OWA login page as if their password is incorrect.
My setup is as follows:
outer TMG -- uses a listener for email.contoso.com and is configured for no authentication.This uses a publishing rule to publish the inner TMG server. This server is not a domain member.
inner TMG - uses a listener for email.contoso.com and is configured for NLTM\kerberos negotiation with forms authentication (Windows Active Directory). This server is a domain member and use a publishing rule to publish the internal CAS. Allow users to change
password is selected in the publishing rules.
Exchange 2010 SP1 - uses integrated windows and basic authentication. Has the appropriate registry key configured to allow users to change their AD password on first logon.
I've registered an snp for "http/email.contoso.com mailserver-dc1", all SSL certificates being used are valid and my configuration used to allow users to login and change their password with "user must change password on first login"
set in AD.
If I launch a web browser on an internal server and point it to email.contoso.com I'm immediately presented with a generic Windows authentication request (similar to what's seen in ADFS) rather than the standard OWA page. No matter what I do, I cannot login
and change my password using the correct URL. However if I point my browser at
http://192.168.4.10/owa I'm prompted to login and I can change my password using the sam credentials.
The only recent changes made are:
- Disabling SSL 3.0 and enabling TLS (http://www.isaserver.org/articles-tutorials/configuration-security/improving-ssl-security-forefront-threat-management-gateway-tmg-2010-published-web-sites.html)
- Replacing the TMG listener certificates so that they now use SHA2 rather than SHA2 (certificates are trusted on each TMG server)
Looking on the outer TMG and the DC logs I can see schannel errors which I believe are related to the problem. TMG monitoring also shows "Failed connection attempt: 1907 The user'spassword must be changed before logging on for the first time"
I've checked that my inner TMG and DC are using the same certificate for server authentication and gone through this guide:
http://blogs.technet.com/b/keithab/archive/2012/02/29/setting-up-and-troubleshooting-ldaps-authentication-in-forefront-tmg-2010.aspx
If I try to use ldp.exe on the inner TMG, I get the error in the pic below
Thanks
IT Support/EverythingHi,
You could try to analyze the TMG tracing and try the troubleshoot steps in the blog below.
TMG 2010 – FBA, troubleshooting the change password feature
http://blogs.technet.com/b/isablog/archive/2012/05/07/tmg-2010-fba-troubleshooting-the-change-password-feature.aspx
Best Regards,
Joyce -
Exchange 2010 - Virtual Directory Internal & External URL's with Wildcard Cert
Hi Guys
I am trying to determine if my Exchange 2010 server Virtual Directory URL's are setup according to best practice. I'm sure anyone with good Exchange experience will instantly be able to tell me if my Virtual Directory DNS is correct or could cause issues.
Scenario:
Hosted Exchange 2010 SP1. Multiple client mail domains hosted
2x CA, 2x HT, 2x MB, 2x DC
Wildcard *.example.co.za certificate being used on CA servers
AD domain is he.example.za.net
CA Server naming example: ca1.he.example.za.net, ca2.he.example.za.net
he.example.net DNS is done by DC servers
External name used by clients: outlook.example.co.za (For Outlook setup and OWA access)
outlook.example.co.za has two A records pointing to the CA IP's
PROBLEM/CONCERN:
We have a random OWA log out issue that we believe might be due to ambiguous DNS names being used.
If I change the Virtual Directories External URL to be the FQDN of the server, we get a Certificate Error in clients (due to the .co.za Wildcard). The external URL clients use
must be on .co.za.
So are the Virtual Directory URL's causing the CA servers to loose track of who is authenticated in where (leading to OWA disconnection)? Is it fine to load balance the CA servers with the DNS the way we are doing currently? Any other issues you see?
Current Virtual Directory settings:
Note that they are identical on CA1 and CA2
[PS] C:>Get-OabVirtualDirectory -server ca2 |fl *url
InternalUrl : https://outlook.example.co.za/OAB
ExternalUrl : https://outlook.example.co.za/OAB
[PS] C:>Get-WebServicesVirtualDirectory -Server ca2 |fl *url
InternalNLBBypassUrl : https://ca2.he.example.za.net/ews/exchange.asmx
InternalUrl : https://outlook.example.co.za/ews/Exchange.asmx
ExternalUrl : https://outlook.example.co.za/ews/Exchange.asmx
[PS] C:>Get-ActiveSyncVirtualDirectory -Server ca2 |fl *url
MobileClientCertificateAuthorityURL :
InternalUrl : https://outlook.example.co.za/Microsoft-Server-ActiveSync
ExternalUrl : https://outlook.example.co.za/Microsoft-Server-ActiveSync
[PS] C:>Get-EcpVirtualDirectory -Server ca2 |fl *url
InternalUrl : https://ca2.he.example.za.net/ecp
ExternalUrl : https://outlook.example.co.za/ecp
[PS] C:>Get-OwaVirtualDirectory -Server ca2 |fl *url
Url : {}
Exchange2003Url :
FailbackUrl :
InternalUrl : https://ca2.he.example.za.net/owa
ExternalUrl : https://outlook.example.co.za/owa
[PS] C:>Get-AutodiscoverVirtualDirectory |fl *url, server
InternalUrl :
ExternalUrl :
Server : CA1
InternalUrl : https://outlook.example.co.za/
ExternalUrl : https://outlook.example.co.za/
Server : CA2
REALLY APPRECIATE SOME EXPERT ADVISE. Thanks.Hi Kane,
Why did not you use cas array to load balance client connectivity?
If you create a CAS array, you can assign an virtual IP (VIP) for the CAS array FQDN (e.g CASarray.example.za.net), and then point all the Virtual Directories internal URL to CAS array fqdn;
For external, you can point outlook.example.co.za to VIP which had been assigned to CAS array.
I recommend you refer to the following article to understand CAS array:
http://technet.microsoft.com/en-us/library/ee332317(v=exchg.141).aspx#CASarray
http://blogs.technet.com/b/ucedsg/archive/2009/12/06/how-to-setup-an-exchange-2010-cas-array-to-load-balance-mapi.aspx
http://blogs.technet.com/b/exchange/archive/2012/03/23/demystifying-the-cas-array-object-part-1.aspx
Best regards,
Niko Cheng
TechNet Community Support -
Exchange 2010: OWA Options menu
Hi all,
I am having a problem with OWA on a customer's Exchange 2010 server. With any account, including the Administrator account, when you click on "Options" after logging in, you get:
"Sorry Access denied
You don't have permission to open this page. If you're a new user or were recently assigned credentials, please wait 15 minutes and try again. If the problem persists, contact your administrator."
Screen shot of this here:
http://i51.tinypic.com/v6mc1c.jpg
URL points to this folder:
/ecp/?rfr=owa
I'm thinking this has something to do with IIS. Can someone point me in the right direction?
Thanks in advance :) .Hi,
Please try to check the RoleAssignmentPolicy attribute for the users and see if the “Default Role Assignment Policy” is assigned to the users by
running the following command:
Get-Mailbox “user” | Select-Object RoleAssignmentPolicy
If no, please run the below mentioned commang to assign the default role assignment policy:
Get-Mailbox “user”| Set-Mailbox –RoleAssignmentPolicy “Default Role Assignment Policy”
Hope it helps.
Best regards,
Serena
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Thanks for this solution. I had the same problem! -
Exchange 2010 OWA access on internal LAN login form not working as expected
hi
We have exchange 2010 sp3 installed and working. we have two sites
Site a
1 x CAS
2 X MBX
Site b
1 x cas
2x mbx
site A is the primary site we currently publish owa our through our TMG server located in the DMZ this is working as expected and carries out the forms authentication. our internal domain is company.local but our external domain is company.com
we have created split DNS so that we could use a wildcard cert and to deal with CA new rules. All URL's in Exchange are configured to use the external reference of company.com/
on the IIS server we have a redirection on the root of the site to redirect the requests through to OWA folder and we have basic Authentication enabled. on the OWA folder we have basic and windows authentication.
The problem we have is that when users try to access OWA internally we get username and password box appears once you login with this it then takes you through to the the normal login screen and you have tyo login again I'm thinking that this is the windows
authentication that is causing this but not sure?
also would be good to get an understanding as to what the Authentication, SSL and redirection setting should be set to on your CAS servers as looking at the ECP and autodiscover folder within IIS this currently has a redirect set to go to OWA surely that
cannot be right,
thanks
JHi
you are correct, the immediate concern is the double login to owa i do however want to also know what the settings/configuration for Authentication redirection and SSL should be set to on all virtual directories.
we do not have any additional OWA virtual directories just the default
These are the current live servers
Identity : ACAS01\owa (Default Web Site)
Url : {}
Exchange2003Url :
FailbackUrl :
InternalUrl : https://email.Company.com.com/owa
ExternalUrl : https://email.Company.com/owa
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
ExternalAuthenticationMethods : {Fba}
Identity : BCAS01\owa (Default Web Site)
Url : {}
Exchange2003Url : https://www.Companyt.co.uk/
FailbackUrl :
InternalUrl : https://webmail.Company.com/owa
ExternalUrl : https://webmail.Company.com/owa
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
ExternalAuthenticationMethods : {Fba}
These are the new servers which i have just installed
Identity : CAS05\owa (Default Web Site)
Url : {}
Exchange2003Url :
FailbackUrl :
InternalUrl : https://webmail.Company.com/owa
ExternalUrl : https://webmail.Company.com/owa
InternalAuthenticationMethods : {Basic, Fba, Ntlm, WindowsIntegrated}
ExternalAuthenticationMethods : {Fba}
Identity : CAS06\owa (Default Web Site)
Url : {}
Exchange2003Url :
FailbackUrl :
InternalUrl : https://webmail.Company.com/owa
ExternalUrl : https://webmail.Company.com/owa
InternalAuthenticationMethods : {Basic, Fba, Ntlm, WindowsIntegrated}
ExternalAuthenticationMethods : {Fba}
Identity : CAS04\owa (Default Web Site)
Url : {}
Exchange2003Url :
FailbackUrl :
InternalUrl : https://webmail.Company.com/owa
ExternalUrl : https://webmail.Company.com/owa
InternalAuthenticationMethods : {Basic, Fba, Ntlm, WindowsIntegrated}
ExternalAuthenticationMethods : {Fba}
I have noticed that FBA is set on the new servers does this need turning off and if so is this on IIS or in Exchange?
the link that you have provided talks about creating new Vdir for TMG we are looking at removing TMG and replacing it with KEMP load balancers would we still need to have two Vdir to make FBA work internally and externally
to make a new vdir do you need a new IP address? and what are the steps required in Exchange and IIS to get this working.
thanks
Jason -
Lync 2013\Exchange 2010 OWA Integration Problem
Hi there,
I've got a vexing issue that I haven't had much luck in researching. I am running Lync 2013 on Server 2008 R2 and Exchange 2010 SP3 on Server 2008 R2. I followed Jeff Schertz's instructions (http://blog.schertz.name/2010/11/lync-and-exchange-im-integration/)
and Lync\OWA integration is working--sort of.
We currently have a central pool (we'll call it lyncpool.contoso.com) and three pools housed on SBAs-- lyncsba-loc1, lyncsba-loc2,lyncsba-loc3. Users in our main location are housed on the central pool, whereas users in our remote locations are housed
on their respective SBA.
Following the instructions, I pointed my OWA virtual directories at lyncpool.contoso.com, and everything seemed fine at first. I could see presence in OWA, initiate an instant message...the works. However, when I asked a user homed on one of the SBAs,
he said that he could only see presence for other users in his pool\location. Everyone else had a white "unknown" presence chiclet. To verify, I temporarily moved my lync account to that branch pool, and sure enough--I saw the same thing. As
a troubleshooting measure, I re-ran the OWA configuration portion and instead of using the central pool as the instantmessagingserver value, I pointed it directly at that branch pool. At that point, he and I, being homed in that branch pool, could see
presence for EVERYONE. Problem solved, right? Well, no...because now, the central pool users could only see presence for other central pool users, and the other branches could still only see presence for their poolmates.
I've run Wireshark, CLS logging, you name it--I haven't seen anything fishy, and I'm starting to wonder if this perhaps a bug or an unsupported use-case(I hope not, since Microsoft otherwise endorses such a configuration). I've been beating my head
against this wall for almost two weeks with no change...someone, help! :)This is the only thing that seems of interest in the CLS Log:
TL_WARN(TF_DIAG) [lyncpool01\VGTLYNCFE-01]1B70.4184::06/17/2014-20:47:03.028.00001F75 (SIPStack,SIPAdminLog::WriteDiagnosticEvent:SIPAdminLog.cpp(805))
[1781536493] $$begin_record
Severity: warning
Text: Cannot process Route headers from a non-trusted source, or with first Route field in the set not matching the connection on which the request arrived
Result-Code: 0xc3e93c5e SIPPROXY_E_ROUTING
SIP-Start-Line: SUBSCRIBE sip:LyncPool01.xxx.net:5061;transport=tls;ms-fe=VGTLYNCFE-01.xxx.net SIP/2.0
SIP-Call-ID: 45c62e9edaee4252908914b37ca5ef23
SIP-CSeq: 1895 SUBSCRIBE
Source: mail.xxx.net:47892
$$end_record
The "source" here is our OWA server. I have issued a certificate from our local CA(the same one that issued the Lync certs), making sure the CN of the certificate matches the OWA url. Any ideas? -
Hi,
after updating to exchange 2010 sp 3 from sp 2 and also updating to rollup 4, users who use conditional formatting cannot see new message unless they close and reopen Outlook.
If you decide to change the font colour for unread messages, the messages do not appear in Outlook but a pop up indicates that a new message has arrived.
If you reopen Outlook, the unread messasge appears.
remove the conditional formatting and no issue with viewing unread messages as they arrive.
running Outook version 14.0.7106.5003
is this a known issue? a user who never used conditional formatting will experience this right away.
Thanks,
rudifHi rudif,
If the issue only happens to users who use conditional formatting and OWA can work well for all mailbox, I think the issue should be in client side.
Please try to reset View then set the conditional formatting back to have a try. If the issue continues, please try to recreate the Outlook profile to check whether the issue persists. Also try restarting Outlook in Safe mode by running
Outlook /safe switch.
Thanks,
Winnie Liang
TechNet Community Support -
Exchange 2010 Migration to 2013 Coexistence url's
Hello,
What exactly is required for the virtual directory url setup for Exchange 2010 coexisting with Exchange 2013? I have been searching online a lot preparing for my Exchange 2013 deployment and can't see to find a clear answer. The information
I have come across from TechNet and other sources is all over the place with some stuff saying the external url needs to be empty while others say it should match Exchange 2013's setup. Others say the internal url should be empty while
only the external should be populated. And I have even seen others say nothing on Exchange 2010 has to be touched and that Exchange 2013 will figure proxying out on its own once I configure the new url's on it.
So what is supposed to be setup for the ExternalUrl and InternalURL to in Excahnge 2010 for coexistence with 2013? Currently my
existing Exchange 2010 is internet facing with the plan of moving that to Exchange 2013 once that goes in as per Microsoft directions on implementing coexistence.Read the article below from Ross Smith. There can't be better article than this:
http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx
If exchange 2010 and 2013 are on same site, then you need to:
1. Remove External URL from Exchange 2010 CAS servers, retain the Internal URL
2. Move the SSL certificates from Exchange 2010 to Exchange 2013
3. Point the external URL to Exchange 2013 instead of Exchange 2010
4. Of course, you would need to re-configure Autodiscover, Web Services URLs on Exchange 2013 CAS servers.
Once this is done, for any mailbox that is hosted on Exchange 2010, Exchange 2013 would proxy the connections and deliver the content.
- Sarvesh Goel - Enterprise Messaging Administrator
Maybe you are looking for
-
White screen computer turns off
my macbook 2.16 intel duo running 10.6.8 has been turning itself off with a white screen, this follows weeks of fan noise that has now stopped. I have done all the basics and the hardrive is fine according to disc utility and tech tool all checks pas
-
Little tip to get the nr of elements in a local structure using RTTI
sometimes you need to know the number of elements in a structure for manpulating data for example you might need to convert the elements in an internal table to a special file format such as "field","field",......"field". instead of something like th
-
Is there any standard report available to view the loan payments for the FY
Hi Experts... Is there any standard report to view the loan payments taken by the employees in a paticular financial year. We are entering the details of loans through 0045 and through a subtype. When im using tcode pcoo_m99_cwtr... thet are showing
-
Tom sent me this a day or two ago. It is from his back door and he used a kit lens with the T4i. "The planet Venus was a wonderful site next to the crescent Moon this evening, March 22, 2015. This is a view from my backyard. The Pleiades Star Cluste
-
System/32 error when downloading
on Vista, downloading, hit "Run" and get a system/32 error indicating a missing file. Right version?