Why is Exchange OMA broken?

[Mercutio]

I have one Exchange Server left in my life. It belongs to one of my least favorite human beings, a man who hates Google Apps Premier and enjoys making my life miserable.

His public facing IP recently changed, and when it did, Exchange OMA (the thingy that does ActiveSync, the whole reason he wants a local Exchange Server) stopped working. The rest of Exchange works. There haven't been any other configuration changes on the server.

On his iphone, he gets continually prompted for a password.
On my Evo, I get a message that says "ActiveSync cannot be configured at this time."

When I hit the Exchange OMA URL (http://servername/oma) on a browser I get "A System error has occurred while processing your request. Please try again. If the problem persists, contact your administrator. "

The regular servername/exchange URL works fine. In fact, all the web sites on that machine use the same IP. The other web sites work fine.

No events are being logged. I'm not sure if that's because some part of logging is also borked or what.

 

[Howell]

Do any of the working websites use SSL?

 

[Mercutio]

No.

I have Godaddy-assign SSL certificate in place because he was talking about doing Ecommerce, but the stuff he's doing redirects to another server now for shopping cart crap.

The /OMA is set to use Basic authentication. /Exchange uses NTLM. Most everything else is just plain to IUSR-blah anonymous access. Everything else works but OMA.

The DNS A records all resolve properly to the new IP, too.

 

[Mercutio]

Restoring the Metabase seems to have fixed it, but I'll be damned if I could see a problem with what was there.

 

[Mercutio]

The more I think about it, the more it really pisses me off that troubleshooting this was so difficult. Direct Metabase editing was supposed to be similar to editing httpd.conf for people who didn't want to bother with the IIS admin console (which sucks in and of itself, because that's what I was doing almost the whole time), but on top of that I was trying to troubleshoot Exchange components that apparently don't do much, if any logging. Nor is there a list anyplace of what the default settings should be.

It annoys the piss out of me that it's almost always easier on a Windows system to restore a backup of something than to actually see what's wrong and fix it.

 

[ddrueding]

Nothing helpful to say besides thanks for reminding me why I don't do Exchange servers any more.

 

[timwhit]

Slightly OT, but, when you setup an office without Exchange do you still use Active Directory?

 

[ddrueding]

Yup. Only for login and file share permissions. If I knew more Linux/Samba stuff I would be doing that, but I don't.

 

[timwhit]

Yup. Only for login and file share permissions. If I knew more Linux/Samba stuff I would be doing that, but I don't.

Can you even use Samba as a replacement for AD/Domain Controller with Windows clients?

 

[ddrueding]

Yup. From what I understand, it works pretty well.

 

[Chewy509]

Can you even use Samba as a replacement for AD/Domain Controller with Windows clients?

SAMBA can mimic a NT4 domain controller nearly 100%, and for Active Directory it's also nearly there.

I know Sun had documentation that let you use a Solaris Server w/Samba and OpenLDAP to act as a Active Directory server, but from memory it could only hold the FSMO roles, when those roles were pushed to the server by a geniune Win2K+ server (you couldn't build the AD domain from scratch, you needed at least one Windows box to build the domain initially).. That was a few years ago, and I'm sure it's only goten better since then.

 

[Mercutio]

I have Samba acting as NT4-type domain controllers out in the world, almost entirely to sync passwords across workstations. It's great for that. I played with Active Directory on Samba for a while but in the end I got annoyed when weird things didn't work, and I couldn't really convince anybody who already had Server 2000/2003 to give it a try.