• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Owa access server with multiple roles

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2010] >> Outlook Web Access >> Owa access server with multiple roles Page: [1]
Login
Message << Older Topic   Newer Topic >>
Owa access server with multiple roles - 2.Aug.2012 8:08:56 AM   
moraes

 

Posts: 37
Joined: 13.May2003
From: SP/Brazil
Status: offline
Hi

I've trying to look for a explanation or solution to the issue mentioned above. I'm makeing some tests and I have two domains A & B. Domain A has access to Internet, domain B don't. Servers is domain A are splitted (2 MBX, 2 CAS, 1PF, etc) and in DOmain B I have 2 servers with MBX, CAS, HUB in each one.
I can access via OWA (2010) e-mails located in Domain A, but in domain B don't.
I read somewhere that servers with multiple roles cannot be accessed by OWA (externally)
Is that true? Any clue?

:-)
Regards
Post #: 1
RE: Owa access server with multiple roles - 2.Aug.2012 3:32:30 PM   
de.blackman

 

Posts: 3542
Joined: 4.Apr.2005
From: Toronto, Canada
Status: offline
quote:

I read somewhere that servers with multiple roles cannot be accessed by OWA (externally)


This is not true and I am sorry but i'm having a hard time understanding exactly what it is you are trying to accomplish. Are Domain A and Domain B in the same AD forest?

_____________________________

Ibrahim Benna - Microsoft Exchange MVP
Forum Moderator
Navantis
@IbrahimBenna

(in reply to moraes)
Post #: 2
RE: Owa access server with multiple roles - 3.Aug.2012 6:07:55 AM   
moraes

 

Posts: 37
Joined: 13.May2003
From: SP/Brazil
Status: offline
Hi

Same forest with two domains. Domain A (cas Internet facing), domain B don't. Domain B can send/receive e-mails from internet (Using domain A as a gateway) CAS, MBX and HUB roles are installed in the same server. I can't access using OWA an account from domain B. No matter if I set externalurl as $Null, externalurl with the OWA address e.g https://mail.domain.com/owa.

(in reply to de.blackman)
Post #: 3
RE: Owa access server with multiple roles - 3.Aug.2012 9:01:04 AM   
de.blackman

 

Posts: 3542
Joined: 4.Apr.2005
From: Toronto, Canada
Status: offline
What happens when you try to log into a mailbox in domain B? Do you receive an error? Are these servers in the same AD site? Can you confirm the authentication on the OWA and ECP virtual directories on the domain B CAS server(s) are set to basic and integrated instead of forms-based? Please provide us with as much details as possible.

http://technet.microsoft.com/en-us/library/bb310763.aspx

< Message edited by de.blackman -- 3.Aug.2012 9:02:12 AM >


_____________________________

Ibrahim Benna - Microsoft Exchange MVP
Forum Moderator
Navantis
@IbrahimBenna

(in reply to moraes)
Post #: 4
RE: Owa access server with multiple roles - 6.Aug.2012 6:42:08 AM   
mmoraes

 

Posts: 5
Joined: 28.Apr.2003
From: Brasil
Status: offline
quote:

ORIGINAL: de.blackman

What happens when you try to log into a mailbox in domain B? Do you receive an error? Are these servers in the same AD site? Can you confirm the authentication on the OWA and ECP virtual directories on the domain B CAS server(s) are set to basic and integrated instead of forms-based? Please provide us with as much details as possible.

http://technet.microsoft.com/en-us/library/bb310763.aspx


Hi

Two domains in different sites, no error to log on internally. Auth method, usign the mentioned by you, and still receiving error:

"Your mailbox appears to be unavailable. Try to access it again in 10 seconds. If you see this error again, contact your helpdesk."

(in reply to de.blackman)
Post #: 5
RE: Owa access server with multiple roles - 7.Aug.2012 7:17:02 AM   
de.blackman

 

Posts: 3542
Joined: 4.Apr.2005
From: Toronto, Canada
Status: offline
Can you access a domain B mailbox directly by using a CAS server in that Domain/Site (eg: https://domainB_CAS.domain.com/OWA and use the credentials of a domainB user)?

Can you confirm that the external URLs for OWA and ECP on all domainB CAS servers is empty?

_____________________________

Ibrahim Benna - Microsoft Exchange MVP
Forum Moderator
Navantis
@IbrahimBenna

(in reply to mmoraes)
Post #: 6
RE: Owa access server with multiple roles - 7.Aug.2012 12:55:09 PM   
mmoraes

 

Posts: 5
Joined: 28.Apr.2003
From: Brasil
Status: offline
Hi

used to work, as far I remember internally was working :-(
Now I tested don't. the same error....
The external url is empty

Regards

(in reply to de.blackman)
Post #: 7
RE: Owa access server with multiple roles - 7.Aug.2012 1:05:41 PM   
de.blackman

 

Posts: 3542
Joined: 4.Apr.2005
From: Toronto, Canada
Status: offline
Can you create a brand new mailbox on DomainB server and then try again please?

_____________________________

Ibrahim Benna - Microsoft Exchange MVP
Forum Moderator
Navantis
@IbrahimBenna

(in reply to mmoraes)
Post #: 8
RE: Owa access server with multiple roles - 8.Aug.2012 12:27:18 PM   
mmoraes

 

Posts: 5
Joined: 28.Apr.2003
From: Brasil
Status: offline
I'll try and post here
;-)

(in reply to de.blackman)
Post #: 9
RE: Owa access server with multiple roles - 8.Aug.2012 1:42:37 PM   
mmoraes

 

Posts: 5
Joined: 28.Apr.2003
From: Brasil
Status: offline
Error when log on in OWA

Request
Url: https://mail.server.com:443/owa/ev.owa?oeh=1&ns=HttpProxy&ev=ProxyRequest
User host address: xx.xx.xx.xx
User: Account Test
EX Address: /o=Domain/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=account test
SMTP Address: AccountTest@domain.com
OWA version: 14.2.283.3
Second CAS for proxy: https://server1.domainB.Forest.net/owa

Exception
Exception type: Microsoft.Exchange.Clients.Owa.Core.OwaAsyncOperationException
Exception message: ProxyProtocolRequest async operation failed

Call stack

Microsoft.Exchange.Clients.Owa.Core.ProxyProtocolRequest.EndSend(IAsyncResult asyncResult)
Microsoft.Exchange.Clients.Owa.Core.ProxyEventHandler.ProxyLogonCallback(IAsyncResult asyncResult)

Inner Exception
Exception type: Microsoft.Exchange.Clients.Owa.Core.OwaInvalidOperationException
Exception message: Invalid user context cookie found in proxy response

Call stack

Microsoft.Exchange.Clients.Owa.Core.ProxyUtilities.UpdateProxyUserContextIdFromResponse(HttpWebResponse response, UserContext userContext)
Microsoft.Exchange.Clients.Owa.Core.ProxyProtocolRequest.GetResponseCallback(IAsyncResult asyncResult)

=========================================================

I Find this article
http://social.technet.microsoft.com/Forums/en-US/exchangesvrclients/thread/ea7f2a48-4590-4958-86c2-83dac457c0d7/

< Message edited by mmoraes -- 8.Aug.2012 2:03:01 PM >

(in reply to mmoraes)
Post #: 10
RE: Owa access server with multiple roles - 16.Aug.2012 8:20:45 AM   
mmoraes

 

Posts: 5
Joined: 28.Apr.2003
From: Brasil
Status: offline
Working:

All CAS servers must use only as authentication method (integrated Windows Auth) for OWA and ECP
After this change reset iis in each cas
If you try to access OWA and receive and error “Bad Request”
You’ll have to delete/create new OWA and ECP Virtual directory by Powershell cmdlet (In the internet facing server only)

Remove-OwaVirtualDirectory -Identity "owa (default Web site)"
Remove-ECPVirtualDirectory -Identity "ecp (default Web site)"

Then

New-OwaVirtualDirectory
New-ECPVirtualDirectory

Reset IIS again (only on facing internet server)

(in reply to mmoraes)
Post #: 11

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2010] >> Outlook Web Access >> Owa access server with multiple roles Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter