Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

EV buttons in OWA broken after migrating EV to 64-bit hardware

Created: 14 Mar 2013 • Updated: 01 Apr 2013 | 17 comments
This issue has been solved. See solution.

I am running EV 9.0.2. I migrated EV from a physical 32-bit Windows 2003 server to a virtual 64-bit Windows 2008 R2 server using the Server Migration Wizard. Everything works fine except for access to EV from Outlook Web Access.

As far as I can tell nothing changed in the web.config file on my two exchange hub transport servers and I have been told that there were no changes on our ISA server.

Below are entries in the web.config files

<appSettings>
<add key="ConnectionCacheSize" value="100"/>
<add key="MaximumIdentityArraySize" value="100"/>
<add key="ShowDebugInformation" value="true"/>
<add key="EnableEmailReports" value="false"/>
<add key="MailboxLoggingAddress" value="your email administrator"/>
<add key="EnterpriseVault_WebDAVRequestProtocol" value="http"/>
<add key="EnterpriseVault_LogEnabled" value="true"/>
<add key="EnterpriseVault_RestoreWaitMaxIterations" value="30"/>
<add key="EnterpriseVault_HttpWebRequestTimeout" value="60000"/>
<add key="EnterpriseVault_ExternalIPAddresses" value="172.24.40.77;172.24.40.78"/> [THIS IS THE IP ADDRESSES OF MY ISA SERVER]
<add key="EnterpriseVault_LogFolder" value="H:\Enterprise Vault\OWA 2007\Logs"/>
<add key="EnterpriseVault_ResourceVersion" value="v9.0.2.1061"/>
</appSettings>

In EV Admin the Default Exchange Desktop Policy \ Advanced OWA \ ExternalWebAppURL value is <https>/enterprisevault

The Client Connection value is set to Use Proxy, but I read that this does not matter in Exchange 2007, the connection uses Direct regardless of this setting

Web Application alias value is set to EVAnon. This virtual directory existed in my old server bit not the new one. I created it, but it did not fix the problem.

The Archive Explorer and Search Archives buttons show up in OWA, but when I click them I get and error.

I also get an "archvied item is unavailable" error when I open an EV stub. (see attached screenshots)

What did I miss during the migration?

Any help is appreciated. Thank you.

Operating Systems:

Comments 17 CommentsJump to latest comment

jaj's picture

If nothing has changed on exchange end then there must be something missing on EV Server. More logging might help, such as I can see LogEnabled = True in web.config which would have created log on your exchange server

TonySterling's picture

So how did you create the EVAnon directory?

Did you run the OWAUser.wsf script with appropriate parameters?

If not, you need to run that.

SOLUTION
Leonardo Fernandez 2's picture

I created EVAnon manually :)

I totally forgot about owauser.wsf. I have since deleted EVAnon and ran owauser.wsf. The directory has been recreated successfully. I am now waiting for off-production hours to restart EV services ans sync mailboxes.

TonySterling's picture

Good deal!  wink  Make sure you set all the CAS IP's in the ExchangeServers.txt file and you should be good to go.

Best,

Leonardo Fernandez 2's picture

Running the owauser.wsf script fixed the problem with opening archived emails, but the Archive Explorer and Search Archives buttons still don't work.

Rob.Wilcox's picture

What happens with Search and Archive Explorer?  Have you still got the ExternalIP's line in the web.config, and the correct IPs in there?

Leonardo Fernandez 2's picture

These are my web.config file entries. they are the same as they were on the old server. And the buttons worked just fine. Is there a setting in EVAnon that affects the buttons? EVAnon is the only thing that was missing on the new server. I've been told there have been no changes in our ISA box.

<appSettings>

<add key="ConnectionCacheSize" value="100"/>
<add key="MaximumIdentityArraySize" value="100"/>
<add key="ShowDebugInformation" value="true"/>
<add key="EnableEmailReports" value="false"/>
<add key="MailboxLoggingAddress" value="your email administrator"/>
<add key="EnterpriseVault_WebDAVRequestProtocol" value="http"/>
<add key="EnterpriseVault_LogEnabled" value="true"/>
<add key="EnterpriseVault_RestoreWaitMaxIterations" value="30"/>
<add key="EnterpriseVault_HttpWebRequestTimeout" value="60000"/>
<add key="EnterpriseVault_ExternalIPAddresses" value="172.24.40.77;172.24.40.78"/>
<add key="EnterpriseVault_LogFolder" value="H:\Enterprise Vault\OWA 2007\Logs"/>
<add key="EnterpriseVault_ResourceVersion" value="v9.0.2.1061"/>
</appSettings>

The ExternalWebAppURL setting in the Default Exchange Desktop Policy is <https>/enterprisevault. Same as always.

Leonardo Fernandez 2's picture

I found this entry in my OWA log

[RequestProcessor::ProcessEVAction] Redirecting client to: http://atl01vault01/EnterpriseVault/ArchiveExplore...

This link works internally, but not externally. So I'm guessing somewhere in the EV settings I have to redirect the external call to this link?

Leonardo Fernandez 2's picture

We don't use TMG yet, we are still using ISA and I've been told there were no changes to the firewall recently, so if everything worked befoer the EV migration, the problem with the buttons has to be a setting in EV or IIS no?

Leonardo Fernandez 2's picture
Archive explorer does this:
 
1.       Click Archive Explorer button – client sends “GET https://webmail.umamer.lendlease.com/owa/?EVAction=AE”
2.       OWA responds: 
  a.       HTTP/1.1 302 Found (this means I’m going to redirect you to another location)
  b.      Location: http://USEVVault01/EnterpriseVault/ArchiveExplorer... (this is where I’m sending you)
3.       DNS Lookup for "USEVVault01" failed – (this is an internal only address)
 
Search archives does this:
 
1.       Click Archive Search button – client sends “GET /owa/?EVAction=Search”
2.       OWA responds:
  a.       Tells the client to “/EnterpriseVault/Searcho2k.asp?”
  b.      Location: http://USEVVault01/EnterpriseVault/Searcho2k.asp?vaultid=1FAF399FF211592458A39CAC9E19C08941110000USVAULT01&mbx=Leo@mydomain.com&server=USEXCHANGESERVER&usebrowserview=True&OWA2007=1
3.       DNS Lookup for "USEVVault01" failed – (this is an internal only address)
 
So apparently the external OWA connection is trying to access an internal link for the archive explorer and search vaults buttons.
 
Leonardo Fernandez 2's picture

Unless anyone has any ideas, I guess I'll put in a service call to Symantec and open a case.

TonySterling's picture

I still think you need to look at your ISA firewall rules to make sure they are set correctly but outside of that a call to support would be the next step.

Cheers,

Advisor's picture

Is it possible for you to post OWA log created on CAS Server?

Are you sure the IP addresses listed in web.config file under ExternalIPAddresses from which request is received by CAS? You can confirm this by checking the IIS log on CAS Server, log will show you the search/AE access request and source/client IP in the call. If its different that the above listed IP's in web.config then EV extensions will not consider that request as External and they will redirect call to internal EV Server FQDN.

And the last but not least, in EV rule on ISA, check "To" tab and make sure the ISA IP forwards the request to CAS Server.

Leonardo Fernandez 2's picture
172.24.40.77 and 172.24.40.78 do not show up anywhere in my IIS logs or OWA logs. What shows up is 172.24.40.13 and 14. 
 
My IIS admin tells me that 172.24.40.77 and 78 are the IP addresses of the OWA listeners themselves on ISA. 172.24.40.13 and 14 are the management interfaces on the ISA.
 
So my web.config is correct in having the 77 and 78 IPs listed rather than the 13 and 14 IPs.
Advisor's picture

Exactly thats the reason why EV extensions do not consider it as External request. So what happens if you add these IP's 172.24.40.13 and 14 into web.config for a test?