12-12-2012 06:32 AM
Hi,
I have a distributed Exchange2007 SP3 CU8 environment running EV9.0.2. There are 2 Cas, 2 Hub, 2 mailbox servers and 2 Edge servers off in the dmz. EV to the Outlook client (Outlook2010) works without issue, but I can’t get EV to work with OWA. In an effort to troubleshoot the issue I’ve ran Evort, which fails to load the Exchange Configuration correctly.
The mailbox cluster and both CAS servers report status Passed. The 2 edge servers are unreachable (as I would expect), but the two hub servers report Failed – Virtual Directory(Failed).
Looking though the trace log I see the following:
[WmiObjectBase.Connect] Trying to connect to path \\<FQDN of Hub Server>\root\MicrosoftIISV2
[WmiObjectBase.Connect] Exception raised 'Invalid namespace '
[ResultsData.GetVirtualDirectoryData] Failed to connect to server, 'Failed'
Since these are hub servers they don’t have IIS installed I’m not surprised this fails. Any ideas how I progress this?
Regards
Gary
Solved! Go to Solution.
12-20-2012 06:59 AM
Find out the URL being accessed when you get 'page not displayed' -right click and select properties in IE
Then see what that resolves to from your client.
Then check what is being done to pass that request to the correct server...
12-12-2012 06:47 AM
does EV not work with OWA internally or externally or not at all? do you have the IPs of all your exchange servers in the ExchangeServers.txt file on all your EV servers? also, you'll want to enable logging via the web.conf file on the CAS servers and see what it says when you try to connect.
12-12-2012 07:04 AM
Hi Andrew,
Thanks for replying so quickly.
Either internally or externally, it makes no difference. OWA just acts as if EV is non-existent. The ExchangeServers.txt file contains the correct IP's for both CAS servers.
I’ll enable logging and see what happens.
Regards
Gary
12-12-2012 08:02 AM
just for reference,
Article:HOWTO53225 | | | Created: 2011-05-26 | | | Updated: 2012-07-28 | | | Article URL http://www.symantec.com/docs/HOWTO53225 |
And this blurb from the Installing_and_Configuring.pdf:
When using the Enterprise Vault OWA2007 Extensions, if the mailboxes being
accessed are located on a server which is separate from the CAS computer,
and users are authenticated to OWA using Integrated Windows Authentication
(IWA), then it is necessary to configure constrained delegation. Configuring
constrained delegation requires a domain functional level of Windows Server
2003 or later.
For more information about domain functional levels, see "Domain and forest
functionality" in the Help and Support Center for Windows Server 2003.
Instructions on how to set up constrained delegation are given in the manual
Setting up Exchange Server Archiving.
12-12-2012 12:26 PM
"Virtual directory - failed" is fairly common if you just run EVORT....have you done the following on the exchange server?
Regards,
Jeff
12-12-2012 01:31 PM
Hi Jeff,
I've seen that instruction, but both hub severs on on Server2003R2 boxes so that command won't work. Is there a WS2003 equivalent? Plus, I'm not sure what it does. These are main production servers so I have to be a bit careful :)
Regards
Gary
12-12-2012 01:36 PM
Hi Andrew,
As far as I'm aware I've followed all the guidance I could find, to no avail. Hence the turning to evort to see if it could provide any clues.
Regards
Gary.
12-12-2012 04:06 PM
No, there isn't....the command installs backwards compatibility in IIS7+ for IIS6 WMI, which is a method available for querying the metabase configuration. You don't need to install backwards compatibility if you are already on the previous version!
Actually you dont need to worry about this...i re-read your question and realised you were talking about HUB servers and not CAS boxes. So dont worry. You only need to worry about CAS and MBX here. Ignore EVORT, enable the logging and post the file.
Do you even get buttons for archive explorer/search?
Do you get archived items looking like archived items?
Also, let us know what authentication method you have in place for OWA, and any other configuration you have done other than simply installing the binaries.
Regards,
Jeff
12-13-2012 05:35 AM
Hi Jeff,
Apologies if this post gets repeated.
Web.config file attached
Within OWA there is no buttons or menu items at all, though archived items are shown with the correct icon. When I try to open an archived item via Outlook Web Access, I get the following message: "The archived item is currently unavailable. If you choose reply or forward, only the content shown will be included. Click here to preview the original item." When I click here, I get a "page cannot be found" error.
We use forms based authentication via F5/Big IP to authenticate to OWA. After that things start to get a bit murky. I inherited this system, and as far as I’m aware there were no other OWA configuration changes
Regards
Gary
12-13-2012 06:04 AM
The following technote contains config info for exchange 2007 OWA for various combinations
http://www.symantec.com/docs/HOWTO37600
From the log you provided you are getting a 440 error (timeout) on the following virtual directory:
https://localhost/exchange/gary@gbsh.co.uk
Therefore the default settings are loaded, which is 'mailbox not enabled' (and you get no EV settings)
if you attempt to navigate to this (on the local server), what happens?
Regards,
Jeff
12-13-2012 06:26 AM
Hi Jeff,
Looking good J
If I try using that url directed I get presentment with a windows security log in box. Upon entering the correct details I get presented with the default OWA log in screen. After again entering the correct details I get to see OWA in all its Enterprise vault enabled glory. I’m able to retrieve both archive mails & attachments.
Regards
Gary
12-13-2012 06:37 AM
so when you go to the local CAS box all is ok....is it also the same when you go direct to the URL on the CAS...and is this ok for ALL CAS servers?
Im guessing your original attempts were through the address pointing at the F5 load balancer? In other words it is the F5 missing rules...
12-17-2012 03:37 AM
Hi Jeff,
I've had a word with the F5 guy, looks like the issue is dns/ EV server host name related.
The issue when connecting to EV externally is that the Archive Explorer / Search Archives buttons link to EV using the hostname “ev01”. This resolves internally but will not work externally due to no domain etc. If we can fix the links in Webmail to use “ev01.gbsh.co.uk” then I can add this to external DNS and provide access through F5.
Is there any where with either EV or OWA config files where I can set this?
Regards
Gary
12-17-2012 08:50 AM
Gary,
Apart from the old traditional 'split DNS' options, you have the option of defining external URLS which are used when the input IP address/domain name matches. You do this in the web.config file, and additionally you can set the external web app url in the desktop policy.
Have a read of the following tech doc - it covers multiple configuration scenarios and you should be able to find one that matches to your environment fairly closely.
http://www.symantec.com/docs/TECH63250
Regards,
Jeff
12-20-2012 01:18 AM
Hi Jeff,
We’re getting there.
We’ve managed to get the OWA extensions working externally by adding a couple of keys to the web.config file on the CAS servers. I’m now able to retrieve an archived mail with attachment. The only remaining issues are with the ‘Search Archives’ and ‘Archive Explorer’ buttons. When these are clicked the resultant popup windows just displays page cannot be displayed.
Regards
Gary
12-20-2012 06:58 AM
Likely you are going to have to add rules to the F5 to point directly at the EV server when the requests are made. Archive explorer and search try and make a direct request to EV rather the request coming from OWA
Regards,
Jeff
12-20-2012 06:59 AM
Find out the URL being accessed when you get 'page not displayed' -right click and select properties in IE
Then see what that resolves to from your client.
Then check what is being done to pass that request to the correct server...
01-07-2013 06:56 AM