Topic Last Modified: 2010-01-28
The Microsoft Exchange Server 2010 Management Pack for System Center Operations Manager monitors the Windows Application log on computers running Exchange 2010 and generates this alert when the events specified in the following Details table are logged.
To learn more about this alert, in Operations Manager, do one or more of the following:
- From the Operations Console, double-click this alert, and then
click the General tab. Review the description of the alert
that includes the variables specific to your environment.
- From the Operations Console, double-click this alert, and then
click the Alert Context tab. Review the logged events that
meet the criteria of this Operations Manager alert.
Details
Product Name |
Exchange |
Product Version |
14.0 (Exchange 2010) |
Event ID |
42 |
Event Source |
MSExchange OWA |
Alert Type |
Error |
Rule Path |
Microsoft Exchange Server/Exchange 2010/Client Access/Outlook Web Access |
Rule Name |
The Outlook Web App proxy failed because of SSL configuration issues on the destination Outlook Web App virtual directory. |
Explanation
This Error event indicates the computer that is running the Client Access server role could not proxy a Microsoft Office Outlook Web App request from one Client Access server to a Client Access server that is located in a different Active Directory site. A symptom of this error is that the user referenced in the event description could not use Outlook Web App to log on to their mailbox through the Client Access server in a different site. This event may be caused by one or more of the following:
- The Outlook Web App virtual directory
InternalURL of the target Client Access server does not use
HTTPS as the prefix for the address.
- HTTP 403 status code was returned by the Internet Information
Services (IIS) of the target Client Access server.
For more information about this and other IIS status codes, see Microsoft Knowledge Base article 318380, IIS Status Codes.
For more information about Outlook Web App proxying and redirection, see Understanding Proxying and Redirection.
User Action
To resolve this error, take one or more of these steps:
- Make sure that the InternalUrl address matches the fully
qualified domain name (FQDN) of the Client Access server. For
example, if you are using HTTPS, the InternalUrl should be
in the format https://<InternalFQDN>/owa.
- Make sure that you have correctly configured the prefix of the
InternalUrl. For example, if the Client Access server is
configured to proxy the traffic using HTTPS, make sure that the
InternalUrl of the Outlook Web App virtual
directory starts with the prefix HTTPS. If the Client Access server
is configured to proxy the traffic using HTTP, configure the
InternalUrl to use HTTP as the address prefix.
- Make sure that the Outlook Web App virtual directory
of the target Client Access server is configured to allow the
incoming request to InternalUrl. You configure this setting
using Internet Information Services (IIS).
Note It is highly recommended that you proxy the traffic between Client Access servers by using secure HTTPS. HTTPS is the default setting.
To proxy traffic using unsecured HTTP, do the following:
Caution: |
---|
Incorrectly editing the registry can cause serious problems that may require you to reinstall your operating system. Problems resulting from editing the registry incorrectly may not be able to be resolved. Before editing the registry, back up any valuable data. |
- In Registry editor, locate and then click the following
registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchange
OWA.
- On the Edit menu, point to New, and then click
Dword Value.
- Type AllowProxyingWithoutSsl, and then press
Enter.
- Double-click AllowProxyingWithoutSsl.
- Under Value data, type 1.
- Under Base, click Decimal.
- Close Registry Editor.
- Restart Internet Information Services (IIS) by using the
command iisreset/noforce.
For information about how to modify the properties of Outlook Web App virtual directories using the Set-OwaVirtual Directory cmdlet, see Set-OwaVirtualDirectory.
- Contact a Microsoft Support professional to resolve this issue.
To contact a Microsoft Support professional, visit the Exchange Server Solutions Center. In the navigation
pane, click Assisted Support Options and use one of the
assisted support options to contact a Microsoft Support
professional. Because your organization may have a specific
procedure for directly contacting Microsoft Technical Support, be
sure to review your organization's guidelines first.
For More Information
If you are not already doing so, consider running the Exchange tools created to help you analyze and troubleshoot your Exchange environment. These tools can help make sure that your configuration aligns with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. To run these tools, go to the Toolbox node of the Exchange Management Console. To learn more about these tools, see Managing Tools in the Toolbox.