Archive for Exchange 2003

How to reset exchange 2003 default virtual directories

How to reset the default virtual directories that are required to provide Outlook Web Access, Exchange ActiveSync, and Outlook Mobile Access services in Exchange Server 2003

SUMMARY

This article describes how to re-create the Microsoft Exchange Server-related virtual directories in Internet Information Services (IIS). Microsoft Exchange Server 2003 supports Microsoft Outlook Web Access, Exchange ActiveSync, and Outlook Mobile Access. These services are enabled through six virtual directories that are created by default in IIS when you install Exchange Server 2003. If the virtual directories become corrupted, or if any one of the related services fail, you may want to remove these virtual directories. However, these virtual directories are not automatically re-created.

In this scenario, you must use one of the following methods to remove and then re-create the virtual directories in IIS:

Method 1. Use Metabase Explorer from the IIS 6.0 Resource Kit Tools
Method 2. Use Adsutil.vbs
Method 3: Edit the Metabase.xml file

Back to the top

INTRODUCTION

Sometimes you must re-create the Microsoft Internet Information Services (IIS) virtual directories when you experience problems with Microsoft Outlook Web Access or other mobility services on your Microsoft Exchange Server 2003 computer. By default, Exchange Server 2003 creates the following six IIS virtual directories: Exadmin, Exchange, ExchWeb, Microsoft-Server-ActiveSync, OMA, and Public.

However, if you delete the IIS virtual directories that are used by Outlook Web Access and by other mobility services, the virtual directories are not automatically re-created when you restart the Exchange System Attendant service. This article describes two methods that you can use to delete and to re-create the virtual directories that are used by Outlook Web Access.

Note In Microsoft Exchange 2000 Server, after you delete the virtual directories for Outlook Web Access, the virtual directories are re-created when you restart the Exchange System Attendant service.

For more information about the virtual directories for Outlook Web Access in Exchange Server 2003, click the following article number to view the article in the Microsoft Knowledge Base:

821898 (http://support.microsoft.com/kb/821898/) Virtual Internet Information Services (IIS) directories that are used by Outlook Web Access in Exchange Server 2003

Back to the top

MORE INFORMATION

To delete and to re-create the virtual directories for Outlook Web Access, use one of the following methods.

Back to the top

Method 1: Use Metabase Explorer from the IIS 6.0 Resource Kit Tools

1.

Install the IIS 6.0 Resource Kit Tools. To obtain the IIS 6.0 Resource Kit Tools, visit the following Microsoft Web site:

http://www.microsoft.com/downloads/details.aspx?FamilyID=56FC92EE-A71A-4C73-B628-ADE629C89499&displaylang=en (http://www.microsoft.com/downloads/details.aspx?FamilyID=56FC92EE-A71A-4C73-B628-ADE629C89499&displaylang=en)

Note If you do not want to install all the IIS tools on your computer, you can install only the Metabase Explorer 1.6 component. To do this, follow these steps:

a.

Double-click iis60rkt.exe, and then follow the instructions that are on your screen until you reach the Setup Type page of the IIS 6.0 Resource Kit Tools Setup Wizard.

b.

On the Setup Type page, click Custom, and the click Next.

c.

Click to clear all the IIS Resource Kit Tools and components check boxes except the Metabase Explorer 1.6 check box.

d.

Click Next, and then click Finish.

2.

Back up your IIS metabase. To do this, follow these steps:

a.

Start IIS Manager.

b.

Right-click Default Web Site, point to All Tasks, and then click Save Configuration to a File.

c.

In the Save Configuration to a File dialog box, type a configuration name in the File name input box, and then click OK.

3.

Delete the virtual directories for Outlook Web Access. To do this, expand the Default Web Site in the left pane of IIS Manager, right-click Exadmin, and then click Delete. Click Yes when you are prompted with the question of whether you want to delete this item.

Repeat this step for the following virtual directories:

Exchange

ExchWeb

Microsoft-Server-ActiveSync

OMA

Public

4.

Quit IIS Manager.

5.

Click Start, point to All Programs, point to IIS Resources, point to Metabase Explorer, and then click Metabase Explorer.

6.

Expand LM, right-click DS2MB, and then click Delete. Click Yes when you are prompted with the question of whether you want to delete this key and all subkeys.

7.

Quit IIS Metabase Explorer.

8.

Click Start, point to All Programs, point to Administrative Tools, and then click Services.

9.

To restart the Microsoft Exchange System Attendant service, follow these steps:

a.

Click Start, click Run, type services.msc, and then click OK.

b.

Right-click Microsoft Exchange System Attendant, and then click Restart.

c.

When you are prompted to restart the dependant Exchange Server services, click Yes.

Note When you restart the Microsoft Exchange System Attendant service, the Microsoft Exchange Information Store service is also restarted. In this scenario, your Exchange Server users lose connectivity to their Exchange Server mailboxes.

The virtual directories are re-created. To verify that the virtual directories are re-created, start IIS Manager, and then view the Default Web site folder.

Important If the virtual directories are not re-created after 15 minutes, restart your computer.

10.

Reset the access permissions to Anonymous. To do this, follow these steps:

a.

Start IIS Manager, right-click ExchWeb, click Properties, and then click the Directory Security tab.

b.

Under Authentication and access control click Edit, and then verify that the Enable anonymous access check box is turned on.

c.

Click to select the Integrated Windows authentication check box, click OK, and then click Apply.

d.

If you an Inheritance Overrides dialog box appears, click Select All, and then click OK.

e.

Under Authentication and access control, click Edit, and then click to clear the Integrated Windows authentication check box.

f.

Click OK two times, and then quit IIS Manager.

Use a Web browser to verify that you can connect to your Outlook Web Access server. If you are also running other mobility services, verify that you can connect to these services by using an appropriate client.

Back to the top

Method 2: Use Adsutil.vbs

1.

Back up your IIS Metabase. To do this, follow these steps:

a. Start IIS Manager.
b. Right-click Default Web Site, point to All Tasks, and then click Save Configuration to a File.

2. Delete the virtual directories for Outlook Web Access. To do this, right-click Exadmin in the left pane of IIS Manager, and then click Delete. Click Yes when you are prompted with the question of whether you want to delete this item.

Repeat this step for the following virtual directories:

Exchange
ExchWeb
Microsoft-Server-ActiveSync
OMA
Public

3. Quit IIS Manager.
4. Click Start, click Run, type cmd, and then press ENTER.
5. Change to the following folder. In this example, Drive is the hard disk drive where Windows is installed:

Drive:\inetpub\adminscripts

6. Type adsutil, and then press ENTER.

Important By default, CScript is not the default scripting host for Windows Server 2003. To run the adsutil command, CScript must be configured as the default scripting host. To do this, click Yes if you are prompted to register CScript as you default host for VBscript, and then click OK.

Note If you receive a list of adsutil command options, CScript is already configured as the default scripting host for VBscript.

7. Type adsutil delete ds2mb, and then press ENTER.

Note To set the default scripting host to WScript, type WScript //H:WScript at the command prompt, press ENTER, and then click OK.

8. Click Start, point to All Programs, point to Administrative Tools, and then click Services.
9. To restart the Microsoft Exchange System Attendant service, follow these steps:

a. Click Start, click Run, type services.msc, and then click OK.
b. Right-click Microsoft Exchange System Attendant, and then click Restart.
c. When you are prompted to restart the dependant Exchange Server services, click Yes.

Note When you restart the Microsoft Exchange System Attendant service, the Microsoft Exchange Information Store service is also restarted. In this scenario, your Exchange Server users lose connectivity to their Exchange Server mailboxes.

The virtual directories are re-created. To verify that the virtual directories are re-created, start IIS Manager, and then view the Default Web site folder.

Important If the virtual directories are not re-created after 15 minutes, restart the computer.

10. Reset the access permissions to Anonymous. To do this, follow these steps:

a. Start IIS Manager, right-click ExchWeb, click Properties, and then click the Directory Security tab.
b. Under Authentication and access control click Edit, and then verify that the Enable anonymous access check box is turned on.
c. Click to select the Integrated Windows authentication check box, click OK, and then click Apply.
d. If an Inheritance Overrides dialog box appears, click Select All, and then click OK.
e. Under Authentication and access control, click Edit, and then click to clear the Integrated Windows authentication check box.
f. Click OK two times, and then quit IIS Manager.

Use a Web browser to verify that you can connect to your Outlook Web Access server. If you are also running other mobility services, verify that you can connect to these services by using an appropriate client.

Back to the top

Method 3: Edit the Metabase.xml file

To resolve this issue, you must modify the Metabase.xml file. The modified Metabase.xml file causes the Exchange Server-related virtual directories to be re-created when the Microsoft Exchange System Attendant service is restarted. To do this, follow these steps.

Warning If you edit the metabase incorrectly, you can cause serious problems that may require you to reinstall any product that uses the metabase. Microsoft cannot guarantee that problems that result if you incorrectly edit the metabase can be solved. Edit the metabase at your own risk.

Note Always back up the metabase before you edit it.

1.

Configure IIS to enable real-time editing of the metabase. To do this, follow these steps:

a.

Click Start, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.

b.

Right-click ServerName (local computer) , and then click Properties.

Note Replace ServerName with the name of the computer that is running IIS.

c.

Click to select the Enable Direct Metabase Edit check box, and then click OK.

2.

Modify the Metabase.xml file. The metabase is a database that resides in memory on the computer that is running IIS. When the computer shuts down, all the metabase settings are written to a file that is named Metabase.bin. You can modify the Metabase.xml file to cause the Exchange Server-related virtual directories to be re-created in IIS when the Microsoft Exchange System Attendant service restarts. To do this, follow these steps:

a.

Open the Metabase.xml by using a text editor such as Notepad. By default, the Metabase.xml file is located in the following folder:

%windir%\System32\Inetsrv

b.

On the Edit menu, click Find.

c.

In the Find what box, type 61472, and then click Find Next to locate the following area in this file:

<IIsConfigObject Location=”/LM/DS2MB/HighWaterMarks/{79F81D41-A652-4375-85F0-41A16037CC85}”>
<Custom
Name=”UnknownName_61472″
ID=”61472″
Value=”207778″
Type=”STRING”
UserType=”IIS_MD_UT_SERVER”
Attributes=”NO_ATTRIBUTES”
/>

d.

In this area of the Metabase.xml file, replace the Value entry with 0. For example, modify this area of the Metabase.xml file so that it appears similar to the following:

<IIsConfigObject Location=”/LM/DS2MB/HighWaterMarks/{79F81D41-A652-4375-85F0-41A16037CC85}”
>
<Custom
Name=”UnknownName_61472″
ID=”61472″
Value=”0″
Type=”STRING”
UserType=”IIS_MD_UT_SERVER”
Attributes=”NO_ATTRIBUTES”
/>

e.

Save your changes to the Metabase.xml file. Then, quit Notepad.

Note You can also use the Metabase Editor tool (MetaEdit.exe) to modify this value in the metabase. For more information about how to obtain MetaEdit, click the following article number to view the article in the Microsoft Knowledge Base:

232068 (http://support.microsoft.com/kb/232068/) How to download, install, and remove the IIS MetaEdit 2.2 utility

3.

To restart the Microsoft Exchange System Attendant service, follow these steps:

a.

Click Start, click Run, type services.msc, and then click OK.

b.

Right-click Microsoft Exchange System Attendant, and then click Restart.

c.

When you are prompted to restart the dependant Exchange Server services, click Yes.

Note When you restart the Microsoft Exchange System Attendant service, the Microsoft Exchange Information Store service is also restarted. In this scenario, your Exchange Server users lose connectivity to their Exchange Server mailboxes.

4.

Restore the default IIS setting to disable real-time editing of the metabase. To do this, follow these steps:

a.

Click Start, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.

b.

Right-click ServerName (local computer) , and then click Properties.

c.

Click to clear the Enable Direct Metabase Edit check box, and then click OK.

The virtual directories are re-created. To verify that the virtual directories are re-created, start IIS Manager, and then view the Default Web site folder.

Important If the virtual directories are not re-created after 15 minutes, restart the computer.

Use a Web browser to verify that you can connect to your Outlook Web Access server. If you are also running other mobility services, verify that you can connect to these services by using an appropriate client.

 

 

original post http://support.microsoft.com/kb/883380

Advertisements

Leave a Comment

Exchange ActiveSync support code: 0x85010001

We have a SBS 2003 server, without SSL on exchange site, when users tried to sync there mailbox from windows mobile they get error

“ActiveSync encountered a problem on the server support code: 0x85010001”
This usually comes because by default ActiveSync over mobile try to search for SSL Enabled virtual directory, to work around this issue, you can follow these steps

A)  Creating a secondary virtual directory for ActiveSync and OMA access

1. Start Internet Information Services (IIS) Manager from Administrative Tools.
2. Locate the Exchange virtual directory, for example, Web Sites\Default Web Site\Exchange
3. Right-click the Exchange folder click All Tasks, and then click Save Configuration to a File.
4. In the File name box, type a name. For example, type ExchangeVDir. Click OK.
5. Right-click the root of this Web site. Typically, this is Default Web Site. Click New, and then click Virtual Directory (from file).
6. In the Import Configuration dialog box, click Browse, locate the file that you created in step 4, click Open, and then click Read File.
7. Under Select a configuration to import , click Exchange, and then click OK.
   A dialog box will appear that states that the “virtual directory already exists.”
8. In the Alias box, type a name for the new virtual directory that you want Exchange ActiveSync and Outlook Mobile Access to use. In our case, it is exchange-oma. Click OK. 
9. Right-click the new virtual directory. In this example, click exchange-oma. Click Properties.
10. Click the Directory Security tab.
11. Under Authentication and access control, click Edit. 
12. Make sure that only the following authentication methods are enabled, and then click OK:
• Integrated Windows authentication
• Basic authentication
13. Under Secure communications, click Edit. Make sure that Require secure channel (SSL) is not enabled, and then click OK. 
14. Click OK, and then close the IIS Manager.
 
B) Add/modify a registry value to point to the exchange-oma

1. Click Start, click Run, type regedit, and then click OK.
2. Locate the following registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MasSync\Parameters

3. On the right panel, make sure ExchangeVDir points to /exchange-oma. If the value of ExchangeVDir is ExchDAV, you should change it to /exchange-oma.

Note: the ExchangeVDir and exchange-oma are case sensitive. In the Value data box, you must enter a forward slash (/) following by exchange-oma. Click OK.

4. If there is not ExchangeVDir, you need to create it. Right-click Parameters, click to New, and then click String Value.
Type ExchangeVDir, and then press ENTER. Right-click ExchangeVDir, and then click Modify.
5. Quit Registry Editor.
6. Restart the IIS Admin service. To do this, follow these steps:
    a. Click Start, click Run, type services.msc, and then click OK.
    b. In the list of services, right-click IIS Admin service, and then click Restart.

If this will not solve your problem then you need to recreate the exchange virtual directories and follow the above steps again.

How to reset the default virtual directories that are required to provide Outlook Web Access, Exchange ActiveSync, and Outlook Mobile Access services in Exchange Server 2003

see this http://support.microsoft.com/kb/883380

Comments (1)

prevent users from sending or receiving Internet e-mail in Exchange Server 2003 or in Exchange 2000 Server

INTRODUCTION
Business logic may require that you selectively control who can send or receive Internet e-mail in a Microsoft Exchange Server 2003 organization or in a Microsoft Exchange 2000 Server organization. This article describes how to selectively prevent users from sending or receiving Internet e-mail in Exchange 2003 or in Exchange 2000.

MORE INFORMATION

Typically, all users who have mailboxes in an Exchange 2003 organization or in an Exchange 2000 organization can send and receive e-mail internally and externally. However, in several circumstances, business logic may require that certain users be restricted from sending or receiving e-mail outside the organization.


Prerequisites

The solution that this article describes does not apply to a single Exchange server deployment, but only to a scenario in which the following conditions are true:
• There are no user mailboxes on the SMTP gateway server
• The Sender Filter is enabled on all SMTP gateway servers.
For more information about delivery restrictions in a single-server deployment, click the following article number to view the article in the Microsoft Knowledge Base:
277872 (http://support.microsoft.com/kb/277872/) Connector delivery restrictions may not work correctly

How to restrict users

To prevent selected users from sending or receiving Internet e-mail, follow these steps:
1. Identify the respective mailboxes.
2. Use a recipient policy to stamp the mailboxes by using an invalid SMTP address.
3. Configure a Sender Filter in the Global Settings for Exchange.
Recipient policies cannot be applied to organizational units. Therefore, you must identify the individual mailboxes. To do this, you must add a keyword in the properties of the user object in the Active Directory directory service.

In the solution that this article describes, the Description field is used to include this keyword. The recipient policy will use a primary SMTP address that represents an invalid, nonexistent SMTP domain. This primary SMTP address is used to stamp the user objects that contain the chosen keyword in the Description field. All other SMTP addresses are removed in the properties of these users. Because these users are now configured to receive e-mail only from this invalid SMTP address, they cannot receive any Internet e-mail.

This invalid SMTP address is also used to prevent users from sending Internet e-mail by using the Sender Filter feature in Exchange.

To prevent users from receiving Internet e-mail

To prevent users from receiving Internet e-mail, follow these steps.
Step 1: Add a keyword in the Description field of the user object
a. Start the Active Directory Users and Computers snap-in, and then connect to the appropriate domain controller.
b. Expand Your_Domain.Root_Domain.
c. Click the container that contains the user accounts that you want to restrict.
d. In the right-pane, press CTRL, and then click all the users whom you want to restrict.
e. Right-click one of the selected users, and then click Properties.
f. On the General tab, click to select the Description check box. The box to the right becomes active.
g. In the active box, type an appropriate descriptive term. For example, type Restricted.
h. Click OK.

Step 2: Add a new recipient policy

a. Start Exchange System Manager, and then connect to the appropriate Exchange server.
b. Expand Recipients, right-click Recipient Policies, point to New, and then click Recipient Policy.
c. Click to select the E-mail addresses check box, and then click OK.
d. In the Name box, type an appropriate name for the policy.
e. Click Modify, and then click the Advanced tab.
f. Click Field, point to User, and then click Description.
g. In the Condition box, click Is (exactly).
h. In the Value box, type the text that you added in the Description field in step 1g. For example, type Restricted.
i. Click Add, and then click Find Now. After the search is completed, click OK.
j. Click OK to accept the warning message.
k. Click the E-mail addresses (Policy) tab.
l. Click New, click SMTP Address, and then click OK.
m. In the Address box, type the at symbol (@) followed by an SMTP address that is not valid in the Domain Name System (DNS). For example, type @no.smtp.mail in the Address box.
n. Click to select the smtp check box in the new entry that you just added, and then click Set as Primary.
o. Click to clear all other smtp check boxes.

Note Do not click to clear the smtp check box for the newly added entry.

p. Click Yes in the warning message box.
q. Start the Active Directory Users and Computers snap-in.
r. In the properties of one of the selected users, verify that the E-mail box contains the newly added SMTP address. For example, the E-mail box should contain the following address:
user1@no.smtp.mail
s. Click the E-mail addresses tab.
t. Remove all valid SMTP addresses from the E-mail addresses list, and then click OK.
u. Repeat steps 2r through 2t for other users as appropriate for your situation.

To prevent users from sending Internet e-mail

1. Start Exchange System Manager.
2. Expand Global Settings, right-click Message Delivery, and then click Properties.
3. Click the Sender Filtering tab, and then click Add.
4. In the Sender box, type the at symbol (@) followed by the invalid SMTP address that you added in the new recipient policy. For example, type @no.smtp.mail.
5. Click OK two times.
6. In Exchange System Manager, expand Administrative Groups, expand Your_Administrative_Group, and then expand Servers.
7. Expand the Server_Name object that represents the SMTP gateway server to the Internet.
8. Expand Protocols, expand SMTP, right-click the Default SMTP Virtual Server, and then click Properties.
9. On the General tab, click Advanced.
10. In the Address list, click the required IP address entry, and then click Edit.
11. Click to select the Apply Sender Filter check box, and then click OK three times.
12. Repeat steps 7 through 11 on all other SMTP gateway servers as appropriate for your situation.
13. Exit Exchange System Manager.

Original Post : http://support.microsoft.com/kb/924635
Another useful Article : http://www.msexchange.org/tutorials/MF009.html

Leave a Comment