Exchange 2010 OWA and ASA5510 - Wrong URL?

Similar Messages

• Securing publishing exchange 2010 OWA and ActiveSync with WAP 2012

  Hello,
  my client have the following environment:
  Exchange 2010 sp3
  AD 2003
  we want to secure activesync and owa by using reverse proxy. TMG/UAG life ends 2015, then we study WAP 2012 and ADFS 3.0. the difficulties is there is not enough experience feedback, specially for this environnement.
  Is there any incompatibility ?
  do you know good articles and blogs which address this issue ?
  Thanks in advance

  Are any other options available since posting in June 2014?  Specifically for securing ActiveSync connections from smartphones on the Internet.  We are running Exchange 2010 in AD 2008  
  TMG has already transitioned from mainstream to extended support.  Not only is there less support now, to my understanding there is still a licensing cost for this product.  Paying for a product at EOL seems inadvisable.
  Web Access Protocol (WAP) looked like the right choice, but to secure communications from domain users on unknown devices over the Internet requires Exchange 2013 which is "claims aware".  Exchange 2010 is not and what we are left with is
  configuring WAP in pass-thru mode, allowing unauthenticated Internet traffic into our internal network where the Exchange CAS server is. 
  Is there any Microsoft solution to authenticate the user before allowing the user's device to connect to our CAS server on our internal network.

• Exchange 2010 OWA : TMG Error 12302 The server denied the specified Uniform Resource Locator (URL).

  Hello All,
  We are using TMG2010 (SP2, rollup4) for publishing Exchange 2010 OWA sites. The issue is that after every 10-24 hrs , the TMG server stops logging in OWA sites and start giving below error. Then we have to restart the server one two times or the problem
  solves by itself.
  I have also install a new server and it is also giving same behavior.  On TMG server the exchange edge server and Forefront Protection for exchange is also installed.
  Please help to solve this issue.
  Denied Connection
  -TMG05 5/21/2014 11:44:39 PM
  Log type:
  Web Proxy (Reverse)
  Status: 12302 The server denied the specified Uniform Resource Locator (URL). Contact the server administrator.
  Rule:
  PRC-OWA
  Source:
  119.157.175.238:56971
  Destination:
  111.68.105.121:443
  Request:
  GET http://mail.parc.gov.pk/owa
  Filter information:
  Req ID: 0e947d98; Compression: client=Yes, server=No, compress rate=0% decompress rate=0% ; FBA cookie: exists=yes, valid=yes, updated=no, logged off=no, client type=public, user activity=yes
  Protocol:
  https
  User:
  anonymous
  Additional information
  Client agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)
  Object source: (No source information is available.)
  Cache info: 0x0
  Processing time: 125 MIME type:

  Hi,
  A similar thread:
  http://social.technet.microsoft.com/Forums/forefront/en-US/e8fdc1bd-f023-4804-ad02-67899d8c7347/the-server-denied-the-specified-uniform-resource-locator-errors12302-ashttp-error-code-of-500?forum=Forefrontedgegeneral
  Best Regards,
  Joyce
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Exchange 2010 OWA usage in Exchange 2013

  Hi,
  I have Exchange 2010 with Sp3 Currently running in environment, Now we have plan to Migrate it to Exchange 2013.... Total number of mailbox is around 26000.
  Before Migration we want below things to keep in mind...
  1. We want to Use existing exchange 2010 OWA url ( mail.abc.com ), How to accompolish this as it will take couple of months to migrate all mailbox ?
  2. Can i use my Existing Exchange certificate to get the above goal done ?
  3. What will be the steps and pre-requsite to achieve the Goal ?
  An Early reply would be appreciated !! 
  Amit

  Hi Amit 
  First Change SCP of Exchange 2010 CAS VIP to Exchange 2013 CAS VIP.
  Configure external  DNS records accordingly.DNS entries should be pointed to Exchange 2013 CAS from Exchange 2010 CAS.
  Ensure that you are having a seperate name for CAS array from external ews url
  Outlook Anywhere should be enabled and Url should be external URL which points to Exchange 2013.
  Authentication for OUtlook Anywhere should be - NTLM
  for OWA exchange 2010 - FBA and windows 
  Point your new CAS server to the firewall or TMG . Now from exchange 2013 all request will be proxied to 2010 users 
  You cannot use the same certificate . YOu need to add seperate entries as the host name for new servers will vary
  Apply a new certificate with all the required site names included in Exchange 2013 CAS.
  Whats more you can refer my blog as well 
  http://exchangequery.com/2014/05/02/things-to-consider-before-configuring-autodiscover-in-exchange-20102013-coexistence-scenarios/
  Cheers :)
  Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com

• Exchange 2010 OWA login page customization does not work

  Where can I post a question regarding Exchange 2010 OWA login page customization? The customization worked before running updates, now all users navigating to the OWA page see the default configuration.

  Hello,
  You should ask in the
  Exchange Previous Versions - Administration, Monitoring, and Performance forum.
  Karl
  When you see answers and helpful posts, please click Vote As Helpful, Propose As Answer, and/or Mark As Answer.
  My Blog: Unlock PowerShell
  My Book: Windows PowerShell 2.0 Bible
  My E-mail: -join ('6F6C646B61726C40686F746D61696C2E636F6D'-split'(?<=\G.{2})'|%{if($_){[char][int]"0x$_"}})

• Exchange 2010 OWA [Change Number of items to display per page]

  Hi Sir,
  I have some problem and question ?
  I has migrate from exchange 2007 to exchange 2010.
  Exchange 2010 OWA cannot Change Number of items to display per page
  Exchange 2007 can change number of items to display per page
  Exchange 2010 OWA cannot Change Number of items to display per page
  You can help me to solved problem and customization?
  Thank you.
  Boongerd

  Hi,
  This feature has been moved in Exchange 2010 OWA. However this feature is available in OWA light version. Here are steps to change the settings in OWA light version.
  Log in to OWA, click the Use the light version of Outlook Web App
  check box on the login page.
  Select Options in the upper right hand corner of the screen.
  Select Messaging from the left navigation panel.
  In the section for "Message Options", change the "Number of items to display per page", select the desired number of messages.
  Exchange 2010: OWA versus OWA light.
  http://blogs.technet.com/b/ilvancri/archive/2010/04/07/exchange-2010-owa-versus-owa-light.aspx
  New Features in Exchange 2010 OWA.
  http://technet.microsoft.com/en-us/library/aa998629(v=exchg.141).aspx
  Best Regards.

• Updated: Event ID 1006 - Can not delete Mails in OWA after installing SP1 (Exchange 2010) = Outlook and OWA Light are OK

  Hi all,
  4 Exchange Servers (2 DB + 2 CAS NLB Cluster) all Exchange 2010 SP1
  Outlook work fine.
  If I delete a message in OWA i became the following errors:
  Internet Explorer:
  Die Netzwerkverbindung ist nicht verfügbar. Wenn das Problem weiterhin auftritt, wenden Sie sich mit folgendem HTTP-Statuscode an den Helpdesk: 0.
  Translation: The networkconnection is not available. If it happens again, contact the helpdesk with HTTP statuscode 0
  Firefox:
  Die Netzwerkverbindung ist nicht verfügbar. Wenn das Problem weiterhin auftritt, wenden Sie sich mit folgendem HTTP-Statuscode an den Helpdesk: 302.
  Translation: The networkconnection is not available. If it happens again, contact the helpdesk with HTTP statuscode 302
  Event ID 1006 MSExchange Mailbox Replication
  Fehler: MapiExceptionNetworkError: Unable to make connection to the server. (hr=0x80040115, ec=-2147221227)
  Before SP1 it worked fine.
  Can somebody help me ?
  Kind regards Andy

  Hi,
  First, I would like to confirm the following questions:
  1. Does the issue occur on certain user mailbox via OWA or each user mailbox?
  2. Which OWA folder’s email cannot be deleted, Inbox, Sent Items or each folder?
  3. Which version of operating system is installed on the client machine, Windows XP, Windows Vista or Windows 7?
  At this stage, I suggest you temporarily disable firewall and anti-spam for a test. If the emails still cannot be removed via OWA, please refer to the following article
  and use isinteg tool to check and repair Information Store.
  Description of the Isinteg utility
  Thanks.
  Novak Wu-MSFT

• Exchange 2013 - OWA "Something Went Wrong", Out of office in Outlook "Server unavailable"

  Hi,
  We have a new deployment of Exchange 2013 CU2 V2 running on a Windows 2012 server.  Everything has been running without issues and then without any real clue to why, we are now getting an issue where OWA says "Something Went Wrong" after processing
  your login, (it appears to process the login as if I type in incorrect details it tells me the password/username is wrong).
  At the same time we have also lost the ability to run the Out Of Office in Outlook which comes back saying the server is not available and we can't seem to share calendars correctly either.  (Can set Out Of Office via the Management Shell without issues).
  When running a Get-Serverhealth on the OWA.Protocol it tells me the OWASelfTestMonitor is unhealthy.
  I've tried re-creating the OWA, EWS Virtual Directorys and also the autodiscover but with no effect.  I've also restarted the server. 
  Outlook 2013 and mobile phones are working fine on the server and the Exchange Admin Centre is also working without issues.
  I am getting tempted to apply CU2 again to see if this sorts it but don't really like doing this on a server with 50 live users on it...
  In the eventlog I can see lots of the 2 errors listed below which seems to line up.  (System Log and Application Log seem to be clear of other errors or warnings.)
  Event code: 3005
  Event message: An unhandled exception has occurred.
  Event time: 04/11/2013 11:25:00
  Event time (UTC): 04/11/2013 11:25:00
  Event ID: 2fcdb9112c794b63a9ea9577a23e4603
  Event sequence: 2
  Event occurrence: 1
  Event detail code: 0
  Application information:
      Application domain: /LM/W3SVC/2/ROOT/owa-411-130280378905273269
      Trust level: Full
      Application Virtual Path: /owa
      Application Path: C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\owa\
      Machine name: SERVERNAME (I altered this for post) 
  Process information:
      Process ID: 9648
      Process name: w3wp.exe
      Account name: NT AUTHORITY\SYSTEM
  Exception information:
      Exception type: HttpException
      Exception message: '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.
  Lots more code.......
  AND
  Event code: 3005
  Event message: An unhandled exception has occurred.
  Event time: 04/11/2013 11:24:24
  Event time (UTC): 04/11/2013 11:24:24
  Event ID: 2586a044b2d74b97a1095aec478bf4ae
  Event sequence: 2
  Event occurrence: 1
  Event detail code: 0
  Application information:
      Application domain: /LM/W3SVC/2/ROOT/EWS-668-130280378564324526
      Trust level: Full
      Application Virtual Path: /EWS
      Application Path: C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\exchweb\EWS\
      Machine name: SERVERNAME (I have changed this for post) 
  Process information:
      Process ID: 9840
      Process name: w3wp.exe
      Account name: NT AUTHORITY\SYSTEM
  Exception information:
      Exception type: HttpException
  Exception message: '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.
  lots more data...

  Hi Angela,
  I can't see any re-directions on the website and have certainly not set any intentionally.  I did try installing the Remote Web Gateway on the server and then found that it doesn't work on an exchange box and removed it but the server was working after
  this.
  The HTTP Redirect in Default Web Site is not showing anything set and the same for the Back End.
  The bindings on the default site all look normal with;
  http     80   127.0.0.1
  https   443  127.0.0.1
  http     80    *
  http    443   *
  The same is mirrored in the Exchange Back End site but with ports 81 and 444.
  Running the Outlook auto configure just using Autodiscover all looks good with the URLs listed all pointing to (http)://mail.mydomain.co.uk/whatever...  and the log says Autodiscover to (https)://mail.mydomain.co.uk/Autodiscover/Autodiscover.xml Suceeded
  (0x00000000)
  But, if I type in the OOF address of (https)://mail.mydomain.co.uk/EWS/exchange.asmx I get a login prompt but once user details are entered I then get;
  '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.
    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
   Exception Details: System.Xml.XmlException: '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.
  Source Error:
   An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. 
  Stack Trace:
  [XmlException: '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.]
     System.Xml.XmlTextReaderImpl.Throw(String res, String[] args) +163
     System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace() +7572550
     System.Xml.XmlTextReaderImpl.ParseDocumentContent() +62
     System.Xml.XmlReader.ReadToFollowing(String name) +112
     Microsoft.Exchange.Data.ApplicationLogic.Extension.KillBitHelper.ReadKillBitXmlContent(XmlReader reader, Int32& refreshRate) +185
     Microsoft.Exchange.Data.ApplicationLogic.Extension.KillBitHelper.TryReadKillBitFile(Int32& refreshRate, DateTime& lastModifiedTime) +710
     Microsoft.Exchange.Data.ApplicationLogic.Extension.KillBitTimer.Start() +202
     Microsoft.Exchange.Services.Global.Application_Start(Object sender, EventArgs e) +975
  [HttpException (0x80004005): '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.]
     System.Web.HttpApplicationFactory.EnsureAppStartCalledForIntegratedMode(HttpContext context, HttpApplication app) +12864205
     System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext context, MethodInfo[] handlers) +175
     System.Web.HttpApplication.InitSpecial(HttpApplicationState state, MethodInfo[] handlers, IntPtr appContext, HttpContext context) +304
     System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context) +404
     System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext) +475
  [HttpException (0x80004005): '.', hexadecimal value 0x00, is an invalid character. Line 1, position 1.]
     System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +12880948
     System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +159
     System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +12722137
  Really wishing I had installed Exchange 2010 at this point!!  Just can't see why its not working :(

• TMG 2010 publishing Exchange 2010 OWA cannot change password if user must change password at first logon is set

  Hi,
   I have an odd issue whereby if I set "user must change password" on an AD account, the end user cannot logon, they're simply taken back to the OWA login page as if their password is incorrect.
  My setup is as follows:
  outer TMG -- uses a listener for email.contoso.com and is configured for no authentication.This uses a publishing rule to publish the inner TMG server. This server is not a domain member.
  inner TMG - uses a listener for email.contoso.com and is configured for NLTM\kerberos negotiation with forms authentication (Windows Active Directory). This server is a domain member and use a publishing rule to publish the internal CAS. Allow users to change
  password is selected in the publishing rules.
  Exchange 2010 SP1 - uses integrated windows and basic authentication. Has the appropriate registry key configured to allow users to change their AD password on first logon.
  I've registered an snp for "http/email.contoso.com mailserver-dc1", all SSL certificates being used are valid and my configuration used to allow users to login and change their password with "user must change password on first login"
  set in AD.
  If I launch a web browser on an internal server and point it to email.contoso.com I'm immediately presented with a generic Windows authentication request (similar to what's seen in ADFS) rather than the standard OWA page. No matter what I do, I cannot login
  and change my password using the correct URL. However if I point my browser at
  http://192.168.4.10/owa I'm prompted to login and I can change my password using the sam credentials.
  The only recent changes made are:
  - Disabling SSL 3.0 and enabling TLS  (http://www.isaserver.org/articles-tutorials/configuration-security/improving-ssl-security-forefront-threat-management-gateway-tmg-2010-published-web-sites.html)
  - Replacing the TMG listener certificates so that they now use SHA2 rather than SHA2 (certificates are trusted on each TMG server)
  Looking on the outer TMG and the DC logs I can see schannel errors which I believe are related to the problem. TMG monitoring also shows "Failed connection attempt: 1907 The user'spassword must be changed before logging on for the first time"
  I've checked that my inner TMG and DC are using the same certificate for server authentication and gone through this guide:
  http://blogs.technet.com/b/keithab/archive/2012/02/29/setting-up-and-troubleshooting-ldaps-authentication-in-forefront-tmg-2010.aspx
  If I try to use ldp.exe on the inner TMG, I get the error in the pic below
  Thanks
  IT Support/Everything

  Hi,
  You could try to analyze the TMG tracing and try the troubleshoot steps in the blog below.
  TMG 2010 – FBA, troubleshooting the change password feature 
  http://blogs.technet.com/b/isablog/archive/2012/05/07/tmg-2010-fba-troubleshooting-the-change-password-feature.aspx
  Best Regards,
  Joyce

• Exchange 2010 - Virtual Directory Internal & External URL's with Wildcard Cert

  Hi Guys
  I am trying to determine if my Exchange 2010 server Virtual Directory URL's are setup according to best practice. I'm sure anyone with good Exchange experience will instantly be able to tell me if my Virtual Directory DNS is correct or could cause issues.
  Scenario:
  Hosted Exchange 2010 SP1. Multiple client mail domains hosted
  2x CA, 2x HT, 2x MB, 2x DC
  Wildcard *.example.co.za certificate being used on CA servers
  AD domain is he.example.za.net
  CA Server naming example: ca1.he.example.za.net, ca2.he.example.za.net
  he.example.net DNS is done by DC servers
  External name used by clients: outlook.example.co.za (For Outlook setup and OWA access)
  outlook.example.co.za has two A records pointing to the CA IP's
  PROBLEM/CONCERN:
  We have a random OWA log out issue that we believe might be due to ambiguous DNS names being used.
  If I change the Virtual Directories External URL to be the FQDN of the server, we get a Certificate Error in clients (due to the .co.za Wildcard). The external URL clients use
  must be on .co.za.
  So are the Virtual Directory URL's causing the CA servers to loose track of who is authenticated in where (leading to OWA disconnection)? Is it fine to load balance the CA servers with the DNS the way we are doing currently? Any other issues you see?
  Current Virtual Directory settings:
  Note that they are identical on CA1 and CA2
  [PS] C:>Get-OabVirtualDirectory -server ca2 |fl *url
  InternalUrl : https://outlook.example.co.za/OAB
  ExternalUrl : https://outlook.example.co.za/OAB
  [PS] C:>Get-WebServicesVirtualDirectory -Server ca2 |fl *url
  InternalNLBBypassUrl : https://ca2.he.example.za.net/ews/exchange.asmx
  InternalUrl          : https://outlook.example.co.za/ews/Exchange.asmx
  ExternalUrl          : https://outlook.example.co.za/ews/Exchange.asmx
  [PS] C:>Get-ActiveSyncVirtualDirectory -Server ca2 |fl  *url
  MobileClientCertificateAuthorityURL :
  InternalUrl                         : https://outlook.example.co.za/Microsoft-Server-ActiveSync
  ExternalUrl                         : https://outlook.example.co.za/Microsoft-Server-ActiveSync
  [PS] C:>Get-EcpVirtualDirectory -Server ca2 |fl  *url
  InternalUrl : https://ca2.he.example.za.net/ecp
  ExternalUrl : https://outlook.example.co.za/ecp
  [PS] C:>Get-OwaVirtualDirectory -Server ca2 |fl  *url
  Url             : {}
  Exchange2003Url :
  FailbackUrl     :
  InternalUrl     : https://ca2.he.example.za.net/owa
  ExternalUrl     : https://outlook.example.co.za/owa
  [PS] C:>Get-AutodiscoverVirtualDirectory |fl *url, server
  InternalUrl :
  ExternalUrl :
  Server      : CA1
  InternalUrl : https://outlook.example.co.za/
  ExternalUrl : https://outlook.example.co.za/
  Server      : CA2
  REALLY APPRECIATE SOME EXPERT ADVISE. Thanks.

  Hi Kane,
  Why did not you use cas array to load balance client connectivity?
  If you create a CAS array, you can assign an virtual IP (VIP) for the CAS array FQDN (e.g CASarray.example.za.net), and then point all the Virtual Directories internal URL to CAS array fqdn;
  For external, you can point outlook.example.co.za to VIP which had been assigned to CAS array.
  I recommend you refer to the following article to understand CAS array:
  http://technet.microsoft.com/en-us/library/ee332317(v=exchg.141).aspx#CASarray
  http://blogs.technet.com/b/ucedsg/archive/2009/12/06/how-to-setup-an-exchange-2010-cas-array-to-load-balance-mapi.aspx
  http://blogs.technet.com/b/exchange/archive/2012/03/23/demystifying-the-cas-array-object-part-1.aspx
  Best regards,
  Niko Cheng
  TechNet Community Support

• Exchange 2010: OWA Options menu

  Hi all,
  I am having a problem with OWA on a customer's Exchange 2010 server.  With any account, including the Administrator account, when you click on "Options" after logging in, you get:
  "Sorry Access denied
  You don't have permission to open this page.  If you're a new user or were recently assigned credentials, please wait 15 minutes and try again.  If the problem persists, contact your administrator."
  Screen shot of this here:
  http://i51.tinypic.com/v6mc1c.jpg
  URL points to this folder:
  /ecp/?rfr=owa
  I'm thinking this has something to do with IIS.  Can someone point me in the right direction?
  Thanks in advance :) .

  Hi,
  Please try to check the RoleAssignmentPolicy attribute for the users and see if the “Default Role Assignment Policy” is assigned to the users by
  running the following command:
  Get-Mailbox “user” | Select-Object RoleAssignmentPolicy
  If no, please run the below mentioned commang to assign the default role assignment policy:
  Get-Mailbox “user”| Set-Mailbox –RoleAssignmentPolicy “Default Role Assignment Policy”
  Hope it helps.
  Best regards,
  Serena
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
  Thanks for this solution. I had the same problem!

• Exchange 2010 OWA access on internal LAN login form not working as expected

  hi
  We have exchange 2010 sp3 installed and working. we have two sites
  Site a
  1 x CAS
  2 X MBX
  Site b
  1 x cas
  2x mbx
  site A is the primary site we currently publish owa our through our TMG server located in the DMZ this is working as expected and carries out the forms authentication. our internal domain is company.local but our external domain is company.com
  we have created split DNS so that we could use a wildcard cert and to deal with CA new rules. All URL's in Exchange are configured to use the external reference of company.com/
  on the IIS server we have a redirection on the root of the site to redirect the requests through to OWA folder and we have basic Authentication enabled. on the OWA folder we have basic and windows authentication.
  The problem we have is that when users try to access OWA internally we get username and password box appears once you login with this it then takes you through to the the normal login screen and you have tyo login again I'm thinking that this is the windows
  authentication that is causing this but not sure?
  also would be good to get an understanding as to what the Authentication, SSL and redirection setting should be set to on your CAS servers as looking at the ECP and autodiscover folder within IIS this currently has a redirect set to go to OWA surely that
  cannot be right,
  thanks
  J

  Hi
  you are correct, the immediate concern is the double login to owa i do however want to also know what the settings/configuration for Authentication redirection and SSL should be set to on all virtual directories.
  we do not have any additional OWA virtual directories just the default
  These are the current live servers
  Identity                      : ACAS01\owa (Default Web Site)
  Url                           : {}
  Exchange2003Url               :
  FailbackUrl                   :
  InternalUrl                   : https://email.Company.com.com/owa
  ExternalUrl                   : https://email.Company.com/owa
  InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
  ExternalAuthenticationMethods : {Fba}
  Identity                      : BCAS01\owa (Default Web Site)
  Url                           : {}
  Exchange2003Url               : https://www.Companyt.co.uk/
  FailbackUrl                   :
  InternalUrl                   : https://webmail.Company.com/owa
  ExternalUrl                   : https://webmail.Company.com/owa
  InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
  ExternalAuthenticationMethods : {Fba}
  These are the new servers which i have just installed
  Identity                     : CAS05\owa (Default Web Site)
  Url                           : {}
  Exchange2003Url               :
  FailbackUrl                   :
  InternalUrl                   : https://webmail.Company.com/owa
  ExternalUrl                   : https://webmail.Company.com/owa
  InternalAuthenticationMethods : {Basic, Fba, Ntlm, WindowsIntegrated}
  ExternalAuthenticationMethods : {Fba}
  Identity                      : CAS06\owa (Default Web Site)
  Url                           : {}
  Exchange2003Url               :
  FailbackUrl                   :
  InternalUrl                   : https://webmail.Company.com/owa
  ExternalUrl                   : https://webmail.Company.com/owa
  InternalAuthenticationMethods : {Basic, Fba, Ntlm, WindowsIntegrated}
  ExternalAuthenticationMethods : {Fba}
  Identity                      : CAS04\owa (Default Web Site)
  Url                           : {}
  Exchange2003Url               :
  FailbackUrl                   :
  InternalUrl                   : https://webmail.Company.com/owa
  ExternalUrl                   : https://webmail.Company.com/owa
  InternalAuthenticationMethods : {Basic, Fba, Ntlm, WindowsIntegrated}
  ExternalAuthenticationMethods : {Fba}
  I have noticed that FBA is set on the new servers does this need turning off and if so is this on IIS or in Exchange?
  the link that you have provided talks about creating new Vdir for TMG we are looking at removing TMG and replacing it with KEMP load balancers would we still need to have two Vdir to make FBA work internally and externally
   to make a new vdir do you need a new IP address? and what are the steps required in Exchange and IIS to get this working.
  thanks
  Jason

• Lync 2013\Exchange 2010 OWA Integration Problem

  Hi there,
  I've got a vexing issue that I haven't had much luck in researching.  I am running Lync 2013 on Server 2008 R2 and Exchange 2010 SP3 on Server 2008 R2.  I followed Jeff Schertz's instructions (http://blog.schertz.name/2010/11/lync-and-exchange-im-integration/)
  and Lync\OWA integration is working--sort of.
  We currently have a central pool (we'll call it lyncpool.contoso.com) and three pools housed on SBAs-- lyncsba-loc1, lyncsba-loc2,lyncsba-loc3.  Users in our main location are housed on the central pool, whereas users in our remote locations are housed
  on their respective SBA.
  Following the instructions, I pointed my OWA virtual directories at lyncpool.contoso.com, and everything seemed fine at first. I could see presence in OWA, initiate an instant message...the works.  However, when I asked a user homed on one of the SBAs,
  he said that he could only see presence for other users in his pool\location. Everyone else had a white "unknown" presence chiclet. To verify, I temporarily moved my lync account to that branch pool, and sure enough--I saw the same thing.  As
  a troubleshooting measure, I re-ran the OWA configuration portion and instead of using the central pool as the instantmessagingserver value, I pointed it directly at that branch pool.  At that point, he and I, being homed in that branch pool, could see
  presence for EVERYONE.  Problem solved, right?  Well, no...because now, the central pool users could only see presence for other central pool users, and the other branches could still only see presence for their poolmates.
  I've run Wireshark, CLS logging, you name it--I haven't seen anything fishy, and I'm starting to wonder if this perhaps a bug or an unsupported use-case(I hope not, since Microsoft otherwise endorses such a configuration).  I've been beating my head
  against this wall for almost two weeks with no change...someone, help! :)

  This is the only thing that seems of interest in the CLS Log:
  TL_WARN(TF_DIAG) [lyncpool01\VGTLYNCFE-01]1B70.4184::06/17/2014-20:47:03.028.00001F75 (SIPStack,SIPAdminLog::WriteDiagnosticEvent:SIPAdminLog.cpp(805)) 
  [1781536493] $$begin_record
  Severity: warning
  Text: Cannot process Route headers from a non-trusted source, or with first Route field in the set not matching the connection on which the request arrived
  Result-Code: 0xc3e93c5e SIPPROXY_E_ROUTING
  SIP-Start-Line: SUBSCRIBE sip:LyncPool01.xxx.net:5061;transport=tls;ms-fe=VGTLYNCFE-01.xxx.net SIP/2.0
  SIP-Call-ID: 45c62e9edaee4252908914b37ca5ef23
  SIP-CSeq: 1895 SUBSCRIBE
  Source: mail.xxx.net:47892
  $$end_record
  The "source" here is our OWA server.  I have issued a certificate from our local CA(the same one that issued the Lync certs), making sure the CN of the certificate matches the OWA url.  Any ideas?

• After Exchange 2010 SP3 and rollup 4 update conditional formatting causes messages not to appear in Outlook 2010

  Hi,
  after updating to exchange 2010 sp 3 from sp 2 and also updating to rollup 4, users who use conditional formatting cannot see new message unless they close and reopen Outlook.
  If you decide to change the font colour for unread messages, the messages do not appear in Outlook but a pop up indicates that a new message has arrived.
  If you reopen Outlook, the unread messasge appears.
  remove the conditional formatting and no issue with viewing unread messages as they arrive.
  running Outook version 14.0.7106.5003
  is this a known issue?  a user who never used conditional formatting will experience this right away.
  Thanks,
  rudif

  Hi rudif,
  If the issue only happens to users who use conditional formatting and OWA can work well for all mailbox, I think the issue should be in client side.
  Please try to reset View then set the conditional formatting back to have a try. If the issue continues, please try to recreate the Outlook profile to check whether the issue persists. Also try restarting Outlook in Safe mode by running
  Outlook /safe switch.
  Thanks,
  Winnie Liang
  TechNet Community Support

• Exchange 2010 Migration to 2013 Coexistence url's

  Hello,
  What exactly is required for the virtual directory url setup for Exchange 2010 coexisting with Exchange 2013? I have been searching online a lot preparing for my Exchange 2013 deployment and can't see to find a clear answer. The information
  I have come across from TechNet and other sources is all over the place with some stuff saying the external url needs to be empty while others say it should match Exchange 2013's setup. Others say the internal url should be empty while
  only the external should be populated. And I have even seen others say nothing on Exchange 2010 has to be touched and that Exchange 2013 will figure proxying out on its own once I configure the new url's on it.
  So what is supposed to be setup for the ExternalUrl and InternalURL to in Excahnge 2010 for coexistence with 2013? Currently my
  existing Exchange 2010 is internet facing with the plan of moving that to Exchange 2013 once that goes in as per Microsoft directions on implementing coexistence.

  Read the article below from Ross Smith. There can't be better article than this:
  http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx
  If exchange 2010 and 2013 are on same site, then you need to:
  1. Remove External URL from Exchange 2010 CAS servers, retain the Internal URL
  2. Move the SSL certificates from Exchange 2010 to Exchange 2013
  3. Point the external URL to Exchange 2013 instead of Exchange 2010
  4. Of course, you would need to re-configure Autodiscover, Web Services URLs on Exchange 2013 CAS servers.
  Once this is done, for any mailbox that is hosted on Exchange 2010, Exchange 2013 would proxy the connections and deliver the content.
  - Sarvesh Goel - Enterprise Messaging Administrator