SBS2003 and OMA
|
From: Marc on 3 Jun 2010 05:37 Hello all, Thanks for the answers. I use a selfsignd certificate made by the SBS 2003 server. The things that I described are done on the server itself. On other SBS2003 servers that a I service I can type in explorer: https://servername/oma and the login window pops up. when I do this on the "problem server" https doesn't work, http works. I want a ssl connection for OMA over the air. I checked the settings with http://blogs.technet.com/asksbs/archive/2008/08/12/default-settings-of-default-website-virtual-directories-under-default-website-and-companyweb-on-a-sbs-2003-server.aspx still no go. can someone point me in a direction getting this running?? Why does OMA http works and https not (on the server itself)? regards Marc > > > Hello Marc, > > Thanks for your post and others' suggestions. > > In addition, have you ever tried set the Exchange-oma directory to default > settings which NOT use SSL? If you don't use it, you don't need "https" but > should be "http://server.mydomain.com/oma". So please use > <http://server.mydomain.com/oma> to access the OMA. Also, please check and > make sure your mobile device is NOT set to use SSL as well. Please refer to > the below article for related information: > > Deploying Windows Mobile 6 with Windows Small Business Server 2003 > http://technet.microsoft.com/en-us/library/cc747419(WS.10).aspx > > Windows Small Business Server 2003: Mobile Access - Frequently Asked > Questions > http://www.microsoft.com/windowsserver2003/sbs/evaluation/faq/mobileaccess.mspx > > Overview of mobile devices that are supported by Outlook Mobile Access in > Exchange Server 2003 http://support.microsoft.com/kb/821835/en-us > > Default settings of ��Default Website��, Virtual Directories under Default > Website and Companyweb on a SBS 2003 Server > http://blogs.technet.com/asksbs/archive/2008/08/12/default-settings-of-default-website-virtual-directories-under-default-website-and-companyweb-on-a-sbs-2003-server.aspx > > > Hope this helps. > > > > Best regards, > Robbin Meng(MSFT) > Microsoft Online Newsgroup Support
From: "Robbin Meng [MSFT]" on 4 Jun 2010 06:04 Hello Marc, Thanks for your response with more information. For the OMA option, the component will modify the permissions for the directories as follows: " /oma - require SSL if selected " /Microsoft-Server-ActiveSync - require SSL if selected " /Exchange-oma - make sure SSL is never required. (If SSL is required on this virtual directory, it will break the site. SSL can be used, it just cannot be required.) Also, please double check the "ISAPI Filters" tab of Default Web Site properties, make sure you have the exact settings as below picture: "ISAPI Filters" tab configurations: http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/clip_image014_2.jpg Double confirm the settings of EVERY tab in OMA virtual directory properties: http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/clip_image078_2.jpg http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/clip_image080_2.jpg(note Document tab) http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/clip_image082_2.jpg http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/image_8.png http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/image_12.png BTW, please open your IE options, and reset all IE settings, make sure the https://server/oma is in Trusted sites and not in Restricted site under Security tab. Hope this helps. Best regards, Robbin Meng(MSFT) Microsoft Online Newsgroup Support
From: Marc on 4 Jun 2010 10:57 Hello Robin, Thanks for posting the links and info. The ISAPI filters was not complete, OwaLogon was missing. I added this one by clicking add and browse to the location D:\Program Files\Exchsrvr\exchweb\bin\auth\owaauth.dll the only thing is that the priority is *unknown* how can I change that?? The rest of the screens are exact as below. Reseting the IE and adding the https://server/oma trusted sites didn't help also. Is the problem a ISAPI problem? regards Marc > > Hello Marc, > > Thanks for your response with more information. > > For the OMA option, the component will modify the permissions for the > directories as follows: > > " /oma - require SSL if selected > " /Microsoft-Server-ActiveSync - require SSL if selected > " /Exchange-oma - make sure SSL is never required. (If SSL is required on > this virtual directory, it will break the site. SSL can be used, it just > cannot be required.) > > Also, please double check the "ISAPI Filters" tab of Default Web Site > properties, make sure you have the exact settings as below picture: > > "ISAPI Filters" tab configurations: > http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/clip_image014_2.jpg > > Double confirm the settings of EVERY tab in OMA virtual directory properties: > > http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/clip_image078_2.jpg > http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/clip_image080_2.jpg(note > Document tab) > http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/clip_image082_2.jpg > http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/image_8.png > http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/image_12.png > > BTW, please open your IE options, and reset all IE settings, make sure the > https://server/oma is in Trusted sites and not in Restricted site under > Security tab. > > Hope this helps. > > > Best regards, > Robbin Meng(MSFT) > Microsoft Online Newsgroup Support
From: Marc on 4 Jun 2010 11:06 Robin, is it possible that in IIS all traffic to HTTPS sites is routed to another server/site? There is another server wich I can reach by https://servername/program marc > Hello Robin, > Thanks for posting the links and info. > > The ISAPI filters was not complete, OwaLogon was missing. > I added this one by clicking add and browse to the location > D:\Program Files\Exchsrvr\exchweb\bin\auth\owaauth.dll > the only thing is that the priority is *unknown* > how can I change that?? > > The rest of the screens are exact as below. > > Reseting the IE and adding the https://server/oma trusted sites didn't help > also. > > Is the problem a ISAPI problem? > > regards Marc > >> >> Hello Marc, >> >> Thanks for your response with more information. >> >> For the OMA option, the component will modify the permissions for the >> directories as follows: >> >> " /oma - require SSL if selected >> " /Microsoft-Server-ActiveSync - require SSL if selected >> " /Exchange-oma - make sure SSL is never required. (If SSL is required on >> this virtual directory, it will break the site. SSL can be used, it just >> cannot be required.) >> >> Also, please double check the "ISAPI Filters" tab of Default Web Site >> properties, make sure you have the exact settings as below picture: >> >> "ISAPI Filters" tab configurations: >> http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/clip_image014_2.jpg >> >> Double confirm the settings of EVERY tab in OMA virtual directory >> properties: >> >> http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/clip_image078_2.jpg >> http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/clip_image080_2.jpg(note >> Document tab) >> http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/clip_image082_2.jpg >> http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/image_8.png >> http://blogs.technet.com/blogfiles/asksbs/WindowsLiveWriter/Test_DC57/image_12.png >> >> BTW, please open your IE options, and reset all IE settings, make sure the >> https://server/oma is in Trusted sites and not in Restricted site under >> Security tab. >> >> Hope this helps. >> >> >> Best regards, >> Robbin Meng(MSFT) >> Microsoft Online Newsgroup Support
From: "Robbin Meng [MSFT]" on 7 Jun 2010 03:31 Hi Marc, Thanks for your prompt replies. In my opinion, since it works for HTTP to access OMA website, and the website contents are hosted/stored on this server, we should still use this server for HTTPS access. But I think it can be done to redirect/route certain website from one IIS server to other server or site. If you have interest I suggest you raise the IIS related question in the official IIS forums to get better responses, http://forums.iis.net , thanks. The ISAPI filter can redirect the request to a secure channel to ensure that all communications through are encrypted. The ISAPI dll files filter will automatically redirect you from HTTP to HTTPS. So please check if other HTTPS website works normally now. If so, this should not be a ISAPI filter issue. Regarding the owaauth.dll *unknown* status in Priority box, I would like to explain that ISAPI Filters that do not register with either High, Medium, or Low priority are marked as Unknown in the Microsoft Management Console (MMC), this is normal. Filters marked as Unknown are called before all filters with any of the three priorities that have registered for the same notification. Please open CMD window and run "IISreset" command after you load the "owaauth.dll" DLL file. Then check if the staus is still *unknown*. ISAPI Filters Marked as Unknown Are Called before Filters with Priority http://support.microsoft.com/kb/237471 At this point, I would like to ask can you open other HTTPS website normally on the server besides the OMA ? Hope this helps. Best regards, Robbin Meng(MSFT) Microsoft Online Newsgroup Support
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 Prev: VB Script to update users desktop short-cuts when migrating Next: SBS2003 and office 2010 |