Jan 8 2015

Outlook Web Access stops working after renewing 3rd party Certificate

We had an interesting issue this week. We renewed our Exchange certificate with a 3rd party vendor. Installed the certificate on Exchange and ISA Server.

OWA access from the internet stopped working after we installed the certificates. We tested OWA internally and it worked which pointed to something on the ISA server. After a long investigation we found the issue to be ISA running on Windows 2003 which is not compatible with the Secure Hash Algorithm 2 (SHA2) family of hashing algorithms that the certificates from our 3rd party cert provider issues.

Microsoft has a hotfix available to get around this. We were able to access OWA from the internet after installing this hotfix on the ISA server running Windows 2003 Server.

The Microsoft article can be found below. You will find more technical detail within this article and have the opportunity to download the hotfix. Note that you need to restart your Windows 2003 Server after installing the hotfix.

Microsoft KB938397

May 18 2013

Outlook Web Access not displaying correctly when using IE 10 and Exchange 2003

Tonight I was busy patching my servers for the monthly scheduled patch cycle and tested Outlook Web Access from my home PC. I received the results below.




owa error with IE10





After almost having a miniature heart attack, I tested Outlook Web Access from my work laptop (IE 8) and home PC using Chrome. OWA displayed and functioned correctly as expected. I then checked the IE versions.
Home PC = IE 10 (Recently upgraded)
Work Laptop = IE 8

After a quick search on the internet I found an article by Pete Long who posted a work around on his blog. It seems like IE 10 is not compatible with OWA 2003. The work around needs to be done within Internet Explorer 10.
Here’s the link to Pete Long’s article: http://www.petenetlive.com/KB/Article/0000718.htm

My personal opinion: Time to migrate to Exchange 2010 or even consider 2013 as the benefits and improvements over 2003 is worth every Rand, Dollar, Pound, Pula etc. Not to even talk about the support costs to support 2003 and the ancient out of warranty hardware that it’s  probably running on.


Jun 27 2012

How to reset IIS folders on an Exchange 2003 server

Sometimes IIS or IIS permissions go corrupt or just leave the planet for different reasons. When you need to delete and recreate these folders do the following…

  • Back up the IIS Metabase on your Exchange Server:
  • Start IIS Manager.
  • Right click the Default Website, choose All Tasks, and click Save Configuration to a File

Now delete the OWA virtual directories:
 Right click Exadmin and click Delete. When prompted if you are sure click Yes.

Now delete the below listed virtual directories:

    • Exchange
    • ExchWeb
    • Microsoft-Server-ActiveSync
    • OMA
    • Public
  • Close the IIS Manager.
  • Open the command prompt.
  • Change to (driveletter:)inetpubadminscripts
  • Type adsutil, and hit Enter.
  • Click Yes when prompted to register CScript as your default host for VBscript and then click OK.
  •  Click start, then run and type services.msc. Hit enter.
  • Right click on Microsoft Exchange System Attendant and choose restart.
  • Note that the MS Information Store and MTA Stacks will also restart. This will cause users to lose temporary connection to Exchange.
  • Make sure that all services (Microsoft System Attendant, Microsoft Information Store, MTA Stacks) have started.
  • I have found that a few times that restarting the System Attendant did not create the virtual directories but a server reboot did.
  • Now start the IIS Manager, right click on the ExchWeb virtual directory, click on properties and click on Directory Security.
  • Click on Authentication and Access Control then click Edit and then verify that Enable anonymous access is checked.
  • Check Integrated Windows Authentication, click OK, click Apply.
  • When the Permission Inheritance box appears, click on select all and then OK.
  • Now open Authentication and Access Control again. Click Edit and uncheck Integrated Windows Authentication.
  • Click OK twice.

Now your IIS Virtual Directories have been recreated. Test OWA. If OWA does not work reboot the server and after you logged in try OWA again as it should work like expected.

Dec 8 2011

Reporting on OWA for Exchange 2003

I recently received a request to report on OWA for a 2003 Exchange environment.

Needless to say without any 3rd party tools you are kind of left in the dark. However, I found the below website that assisted me with pulling some stats from the IIS logs using Log Parser 2.2 and 2 SQL scripts.

First browse to this website and follow the instructions. The site will give you 99% of the information you need to pull the reports. There was one issue that they failed to mention though. How do I export the data to CSV???

Here is a screenshot of how the command looks like: (you need to add -o:CSV to export the data to CSV format)

Other things to keep in mind:

1. I had to copy the log files to c:publicLogs for Log Parser to run against the logs
2. Add -o:CSV before the SQL Script path to export the output to CSV
3. The CSV file is found in C:PublicLogParserOutput
4. Open the CSV in Excel and panel beat the report to your heart’s desire

This article was very helpful and there’s some other commands that you might want to use.
Lastly I could not get the 2nd script to work for exporting the data to a pie graph.

Hope you found this useful.

May 11 2011

Outlook Web Access is not showing the same content as in Outlook

I had a very interesting problem today that I’ve never experienced before with Exchange 2003 and OWA.

Some users advised that when in OWA the mail shown is a month old and no new mail is shown in OWA newer than the previous month. All e-mail is visible and accessible in Outlook though.
I logged onto OWA using the user’s credentials and noted the same. I then saw that the view in OWA is set to messages (which should show all messages) as per below:

I then chose unread messages (which shows unread mail but not necessarily all or recent mail) as per below:

This showed all unread mail but not the results we wanted. I then chose messages again and all mail was shown as we expected it in the first place. All read, unread, most recent and old mail as per the Outlook client was visible.

This however is a quick fix and the first time that I’ve personally seen it. I’m sure with some more investigation there will be a patch or config that will resolve this.