Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: steve288 on July 07, 2010, 06:35:26 PM
-
This is one of those, I'm not sure whether to put in the original link or start a new one. Some one can move it if they like.
I have followed the instructions at http://forums.contribs.org/index.php/topic,40075.0.html for ProxyPass for Exchange / Outlook Web Access. This has worked fine for some time. However recently we upgraded the computer and the server that is doing exchange from the name “exchange” to “xch”. The IP address for this computer has changed also to 10.1.0.4 from .2 .
Internally we get to the OWA by typing in https://xch/exchange. From the outside however the web access of course does not work now since the changes.
I went to the file ,
etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
And changed all the references from 10.1.0.2 to 10.0.4
I then went to
\\10.1.0.17\primary\html\index.htm (this is the sme box accessible from internal network.)
.and made changes to the web page that people will get to when they go to mail.myserver.com so that it automatically takes people to https://xch/exchange after 3 seconds, (remember it use to be https://exchange/exchange )
then ran,
expand-template /etc/httpd/conf/httpd.conf
then ran
sv restart httpd-e-smith
I have verified that the changes were made to the /etc/httpd/conf/httpd.conf file.
It is my belief that I have to make some changes to the proxy pass settings to match the new name XCH, but I'm not sure where I need to make changes to the httpd.conf file.
Eg currently it looks like this snippet …
OWA % character in email subject fix
RewriteEngine On
RewriteMap percentsubject int:escape
RewriteCond $1 ^/exchange/.*\%.*$
RewriteRule (/exchange/.*) ${percentsubject:$1} [P]
#OWA
ProxyPass /exchange https://10.1.0.4/exchange
ProxyPassReverse /exchange https://10.1.0.4/exchange
ProxyPass /Exchange https://10.1.0.4/exchange
ProxyPassReverse /Exchange https://10.1.0.4/exchange
ProxyPass /exchweb https://10.1.0.4/exchweb
ProxyPassReverse /exchweb https://10.1.0.4/exchweb
ProxyPass /public https://10.1.0.4/public
ProxyPassReverse /public https://10.1.0.4/public
ProxyPass /iisadmpwd https://10.1.0.4/iisadmpwd
ProxyPassReverse /iisadmpwd https://10.1.0.4/iisadmpwd
But I think I have to change one or more the “exchange” strings to "xch" I have tried to read up on proxy pass it’s a bit over me.
Can anyone tell me what I need to change, or perhaps where I’m wrong.
Thank you.
-
But I think I have to change one or more the “exchange” strings to "xch" I have tried to read up on proxy pass it’s a bit over me.
No, AFAICT you do not need to as the exchange hostname changed to xch, but you are referencing it using IP numbers from the post above.
Can anyone tell me what I need to change, or perhaps where I’m wrong.
I think you need to have a look in your web server logfiles (/var/log/httpd/access_log and /var/log/httpd/error_log). Most likely clues are in there. You did restart your web server after regenerating the configuration file as that is the only way to make it re-read the configuration file.
-
Well following your advice and sticking with just changing the IP address, I looked at the log files. They kept saying things like.
[Wed Jul 07 16:10:05 2010] [warn] Proxy client certificate callback: (mydomian.com:443) downstream server wanted client certificate but none are configured
So we created a certificate for the server. (we had done this before but did it again) Now it basically works in Opera and in Firefox. (Yay) We can get into our mail. However (there always is isnt there) its not taking us to the normal OWA screen, with our logo etc but just a login screen. So we are mostly there. But Im not sure why its not finding the logo screen. Its like its finding the outlook but not the index.htm from the iis server? I don’t know much about these things.
However, secondly MSIE is NOT working. We get page cannot be displayed error. When I look at the error_log when I connect with MSIE I see no error but In the Access_error I see the error
Mydomain.com 21.111.111.111 - - [07/Jul/2010:16:15:59 -0400] "GET /exchange HTTP/1.1" 401 83 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322)"
Then “The page cannot be displayed”
Odd that the error says Mozilla in it despite the fact that its not Mozilla but MSIE (perhaps something I dont understand)
Anyway any thoughts ?
-
However (there always is isnt there) its not taking us to the normal OWA screen, with our logo etc but just a login screen. So we are mostly there. But Im not sure why its not finding the logo screen. Its like its finding the outlook but not the index.htm from the iis server?
No, most likely you are seeing the proper page, but the stylesheets are not found. Can you view the source of the webpage in your server window? Try and see if you can find references to .css files and see how the path to them is contstructed. Is this an absolute path or a relative path?
However, secondly MSIE is NOT working. We get page cannot be displayed error. When I look at the error_log when I connect with MSIE I see no error but In the Access_error I see the error
Mydomain.com 21.111.111.111 - - [07/Jul/2010:16:15:59 -0400] "GET /exchange HTTP/1.1" 401 83 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322)"
Then “The page cannot be displayed”
Odd that the error says Mozilla in it despite the fact that its not Mozilla but MSIE (perhaps something I dont understand)
MSIE is not the best browser, certainly not MSIE6. Microsoft seems to have a habbit of interpreting the standards in web design in a different manor than all other major browser vendor, however they have improved this significantly in IE7 and IE8 (which is the current release). Can you try with a more recent MSIE version?
-
At this point I still have not solved my problems.
IE 7 or 8 does not work for me. I cannot seem to even find where the original web page came from on the old server. I belive however that you are probably correct and that it is a path thing.
Anyway I will continute to persever. Your answer is probably right I just have to find the right pages. If I find an answer I will come back and put it here.
Thanks again.
-
At this point I still have not solved my problems.
IE 7 or 8 does not work for me. I cannot seem to even find where the original web page came from on the old server. I belive however that you are probably correct and that it is a path thing.
Anyway I will continute to persever. Your answer is probably right I just have to find the right pages. If I find an answer I will come back and put it here.
Thanks again.
-
ahem.. double post? :-)
-
ahem.. there seems to be no way to remove it once its there. At lest for me ahem ... a simple user. ahem.
-
I have resolved getting MSIE working with OWA, previously only Firefox, Non MS browers worked.
I added a port forward from the SME computer to the inside new exchange server. I forwarded port 443 from SME to new Exchange.
This got the MSIE working again. Perhaps this was set by hand for old exchange ip it didnt show up in gui so I didnt see it. Not sure. Still have not got custom login screen back. But I think this is more an exchagne issue.
thanks.
-
And I think the file "masq" is the file where some settings show up to see the ports forwarded.
............................
# Create a new PortForwarding chain
PFC=$(/sbin/iptables --table nat --numeric --list PortForwarding |\
sed -n '3s/ .*//p')
/sbin/iptables --table nat --new-chain PortForwarding_$$
/sbin/iptables --table nat --append PortForwarding_$$ --protocol tcp \
--destination-port 110 -j DNAT --to-destination 10.1.0.2:110
adjust_tcp_in 110 ACCEPT ForwardedTCP_$$ 10.1.0.2/32
/sbin/iptables --table nat --append PortForwarding_$$ --protocol tcp \
--destination-port 443 -j DNAT --to-destination 10.1.0.4:443
adjust_tcp_in 443 ACCEPT ForwardedTCP_$$ 10.1.0.4/32
/sbin/iptables --table nat --replace PortForwarding 1 --destination $OUTERNET --jump PortForwarding_$$
/sbin/iptables --table nat --flush $PFC
/sbin/iptables --table nat --delete-chain $PFC
if [ $trace = "enabled" ]; then
# Toggle trace back on.
$0 trace
fi
.......................
Also "iptables -L" command seems to have some info regarding ports forwarded.
...........
Chain ForwardedTCP_18946 (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere pc-00002.mydomain.com tcp dpt:pop3
ACCEPT tcp -- anywhere pc-00004.mydomain.com tcp dpt:https
............
as does the command iptables-save