Topic Last Modified: 2010-01-28

The Microsoft Exchange Server 2010 Management Pack for System Center Operations Manager monitors the Windows Application log on computers running Exchange 2010 and generates this alert when the events specified in the following Details table are logged.

To learn more about this alert, in Operations Manager, do one or more of the following:

Details

Product Name

Exchange

Product Version

14.0 (Exchange 2010)

Event ID

42

Event Source

MSExchange OWA

Alert Type

Error

Rule Path

Microsoft Exchange Server/Exchange 2010/Client Access/Outlook Web Access

Rule Name

The Outlook Web App proxy failed because of SSL configuration issues on the destination Outlook Web App virtual directory.

Explanation

This Error event indicates the computer that is running the Client Access server role could not proxy a Microsoft Office Outlook Web App request from one Client Access server to a Client Access server that is located in a different Active Directory site. A symptom of this error is that the user referenced in the event description could not use Outlook Web App to log on to their mailbox through the Client Access server in a different site. This event may be caused by one or more of the following:

  • The Outlook Web App virtual directory InternalURL of the target Client Access server does not use HTTPS as the prefix for the address.

  • HTTP 403 status code was returned by the Internet Information Services (IIS) of the target Client Access server.

For more information about this and other IIS status codes, see Microsoft Knowledge Base article 318380, IIS Status Codes.

For more information about Outlook Web App proxying and redirection, see Understanding Proxying and Redirection.

User Action

To resolve this error, take one or more of these steps:

  • Make sure that the InternalUrl address matches the fully qualified domain name (FQDN) of the Client Access server. For example, if you are using HTTPS, the InternalUrl should be in the format https://<InternalFQDN>/owa.

  • Make sure that you have correctly configured the prefix of the InternalUrl. For example, if the Client Access server is configured to proxy the traffic using HTTPS, make sure that the InternalUrl of the Outlook Web App virtual directory starts with the prefix HTTPS. If the Client Access server is configured to proxy the traffic using HTTP, configure the InternalUrl to use HTTP as the address prefix.

  • Make sure that the Outlook Web App virtual directory of the target Client Access server is configured to allow the incoming request to InternalUrl. You configure this setting using Internet Information Services (IIS).

    Note   It is highly recommended that you proxy the traffic between Client Access servers by using secure HTTPS. HTTPS is the default setting.

To proxy traffic using unsecured HTTP, do the following:

Caution:
Incorrectly editing the registry can cause serious problems that may require you to reinstall your operating system. Problems resulting from editing the registry incorrectly may not be able to be resolved. Before editing the registry, back up any valuable data.
  1. In Registry editor, locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchange OWA.

  2. On the Edit menu, point to New, and then click Dword Value.

  3. Type AllowProxyingWithoutSsl, and then press Enter.

  4. Double-click AllowProxyingWithoutSsl.

  5. Under Value data, type 1.

  6. Under Base, click Decimal.

  7. Close Registry Editor.

  8. Restart Internet Information Services (IIS) by using the command iisreset/noforce.

For information about how to modify the properties of Outlook Web App virtual directories using the Set-OwaVirtual Directory cmdlet, see Set-OwaVirtualDirectory.

  • Contact a Microsoft Support professional to resolve this issue. To contact a Microsoft Support professional, visit the Exchange Server Solutions Center. In the navigation pane, click Assisted Support Options and use one of the assisted support options to contact a Microsoft Support professional. Because your organization may have a specific procedure for directly contacting Microsoft Technical Support, be sure to review your organization's guidelines first.

For More Information

If you are not already doing so, consider running the Exchange tools created to help you analyze and troubleshoot your Exchange environment. These tools can help make sure that your configuration aligns with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. To run these tools, go to the Toolbox node of the Exchange Management Console. To learn more about these tools, see Managing Tools in the Toolbox.