Video Screencast Help

Error running Evort - Virtual Directory (Failed)

Created: 12 Dec 2012 • Updated: 07 Jan 2013 | 17 comments
This issue has been solved. See solution.

Hi,

I have a distributed Exchange2007 SP3 CU8 environment running EV9.0.2. There are 2 Cas, 2 Hub, 2 mailbox servers and 2 Edge servers off in the dmz. EV to the Outlook client (Outlook2010) works without issue, but I can’t get EV to work with OWA. In an effort to troubleshoot the issue I’ve ran Evort, which fails to load the Exchange Configuration correctly.

The mailbox cluster and both CAS servers report status Passed. The 2 edge servers are unreachable (as I would expect), but the two hub servers report Failed – Virtual Directory(Failed).

Looking though the trace log I see the following:

 [WmiObjectBase.Connect] Trying to connect to path \\<FQDN of Hub Server>\root\MicrosoftIISV2

 [WmiObjectBase.Connect] Exception raised 'Invalid namespace '

 [ResultsData.GetVirtualDirectoryData] Failed to connect to server, 'Failed'

 

Since these are hub servers they don’t have IIS installed I’m not surprised this fails. Any ideas how I progress this?

Regards

Gary

Comments 17 CommentsJump to latest comment

AndrewB's picture

does EV not work with OWA internally or externally or not at all? do you have the IPs of all your exchange servers in the ExchangeServers.txt file on all your EV servers? also, you'll want to enable logging via the web.conf file on the CAS servers and see what it says when you try to connect.

Andy Becker | Authorized Symantec Consultant | Trace3 | Symantec National Partner | www.trace3.com

Ain&#039;t No Sunshine's picture

Hi Andrew,

Thanks for replying so quickly.

Either internally or externally, it makes no difference. OWA just acts as if EV is non-existent. The ExchangeServers.txt file contains the correct IP's for both CAS servers.

I’ll enable logging and see what happens.

Regards

Gary

 

AndrewB's picture

just for reference,

Configuring Enterprise Vault for Anonymous Connections

Article:HOWTO53225  |  Created: 2011-05-26  |  Updated: 2012-07-28  |  Article URL http://www.symantec.com/docs/HOWTO53225

And this blurb from the Installing_and_Configuring.pdf:

When using the Enterprise Vault OWA2007 Extensions, if the mailboxes being
accessed are located on a server which is separate from the CAS computer,
and users are authenticated to OWA using Integrated Windows Authentication
(IWA), then it is necessary to configure constrained delegation. Configuring
constrained delegation requires a domain functional level of Windows Server
2003 or later.
For more information about domain functional levels, see "Domain and forest
functionality" in the Help and Support Center for Windows Server 2003.
Instructions on how to set up constrained delegation are given in the manual
Setting up Exchange Server Archiving.

Andy Becker | Authorized Symantec Consultant | Trace3 | Symantec National Partner | www.trace3.com

Ain&#039;t No Sunshine's picture

Hi Andrew,

As far as I'm aware I've followed all the guidance I could find, to no avail. Hence the turning to evort to see if it could provide any clues.

 Regards

Gary.

Jeff Shotton's picture

"Virtual directory - failed" is fairly common if you just run EVORT....have you done the following on the exchange server?

  1. Start powershell as an administrator
  2. Run: ServerManagerCMD –I Web-WMI
  3. Close powershell and re-run EVORT

Regards,

Jeff

Jeff Shotton

Principal Consultant

Adept-tec Ltd

Website: here

Ain&#039;t No Sunshine's picture

Hi Jeff,

I've seen that instruction, but both hub severs on on Server2003R2 boxes so that command won't work. Is there a WS2003 equivalent? Plus, I'm not sure what it does. These are main production servers so I have to be a bit careful :-)

Regards

Gary

 

 

Jeff Shotton's picture

No, there isn't....the command installs backwards compatibility in IIS7+ for IIS6 WMI, which is a method available for querying the metabase configuration. You don't need to install backwards compatibility if you are already on the previous version!

Actually you dont need to worry about this...i re-read your question and realised you were talking about HUB servers and not CAS boxes. So dont worry. You only need to worry about CAS and MBX here. Ignore EVORT, enable the logging and post the file.

Do you even get buttons for archive explorer/search?

Do you get archived items looking like archived items?

Also, let us know what authentication method you have in place for OWA, and any other configuration you have done other than simply installing the binaries.

Regards,

Jeff

 

Jeff Shotton

Principal Consultant

Adept-tec Ltd

Website: here

Ain&#039;t No Sunshine's picture

Hi Jeff,

Apologies if this post gets repeated.

Web.config file attached

Within OWA there is no buttons or menu items at all, though archived items are shown with the correct icon. When I try to open an archived item via Outlook Web Access, I get the following message: "The archived item is currently unavailable. If you choose reply or forward, only the content shown will be included. Click here to preview the original item." When I click here, I get a "page cannot be found" error.

We use forms based authentication via F5/Big IP to authenticate to OWA. After that things start to get a bit murky. I inherited this system, and as far as I’m aware there were no other OWA configuration changes

Regards

Gary

AttachmentSize
EVOwaLog_gary@gbsh.co_.uk_20121213_Tf7yA3THBkSIKiliayD7cb1Vz4WmrM9IBLf1-NqV4yWZPVGX8mGL9YkrOLU0g38lMwYbD6mfERc..txt 57 KB
Jeff Shotton's picture

The following technote contains config info for exchange 2007 OWA for various combinations

http://www.symantec.com/docs/HOWTO37600

From the log you provided you are getting a 440 error (timeout) on the following virtual directory:

https://localhost/exchange/gary@gbsh.co.uk

Therefore the default settings are loaded, which is 'mailbox not enabled' (and you get no EV settings)

if you attempt to navigate to this (on the local server), what happens?

Regards,

Jeff

 

Jeff Shotton

Principal Consultant

Adept-tec Ltd

Website: here

Ain&#039;t No Sunshine's picture

Hi Jeff,

Looking good J

If I try using that url directed I get presentment with a windows security log in box. Upon entering the correct details I get presented with the default OWA log in screen. After again entering the correct details I get to see OWA in all its Enterprise vault enabled glory. I’m able to retrieve both archive mails & attachments.

Regards

Gary

 

Jeff Shotton's picture

so when you go to the local CAS box all is ok....is it also the same when you go direct to the URL on the CAS...and is this ok for ALL CAS servers?

Im guessing your original attempts were through the address pointing at the F5 load balancer? In other words it is the F5 missing rules...

 

Jeff Shotton

Principal Consultant

Adept-tec Ltd

Website: here

Ain&#039;t No Sunshine's picture

Hi Jeff,

I've had a word with the F5 guy, looks like the issue is dns/ EV server host name related.

The issue when connecting to EV externally is that the Archive Explorer / Search Archives buttons link to EV using the hostname “ev01”. This resolves internally but will not work externally due to no domain etc. If we can fix the links in Webmail to use “ev01.gbsh.co.uk” then I can add this to external DNS and provide access through F5.

Is there any where with either EV or OWA config files where I can set this?

Regards

Gary

 

Jeff Shotton's picture

Gary,

Apart from the old traditional 'split DNS' options, you have the option of defining external URLS which are used when the input IP address/domain name matches. You do this in the web.config file, and additionally you can set the external web app url in the desktop policy.

Have a read of the following tech doc - it covers multiple configuration scenarios and you should be able to find one that matches to your environment fairly closely.

http://www.symantec.com/docs/TECH63250 

Regards,

Jeff

Jeff Shotton

Principal Consultant

Adept-tec Ltd

Website: here

Ain&#039;t No Sunshine's picture

Hi Jeff,

We’re getting there. smiley

We’ve managed to get the OWA extensions working externally by adding a couple of keys to the web.config file on the CAS servers. I’m now able to retrieve an archived mail with attachment. The only remaining issues are with the ‘Search Archives’ and ‘Archive Explorer’ buttons. When these are clicked the resultant popup windows just displays page cannot be displayed.

Regards

Gary

 

 

 

Jeff Shotton's picture

Likely you are going to have to add rules to the F5 to point directly at the EV server when the requests are made. Archive explorer and search try and make a direct request to EV rather the request coming from OWA

Regards,

Jeff

Jeff Shotton

Principal Consultant

Adept-tec Ltd

Website: here

Jeff Shotton's picture

Find out the URL being accessed when you get 'page not displayed' -right click and select properties in IE

Then see what that resolves to from your client.

Then check what is being done to pass that request to the correct server...

Jeff Shotton

Principal Consultant

Adept-tec Ltd

Website: here

SOLUTION
Ain&#039;t No Sunshine's picture

Sorted :-)

A few changes have now been made to the F5 rules and we now have external access.

Thanks Jeff for your help with this.

Regards
Gary