blog Microsoft Windows

Recreate Exchange 2003 OWA Virutal Directories

Lately I have had a few client servers that needed this done for various reason. usually it has something to do with troubleshooting Windows Mobile 5 and 6 devices getting email via the OMA portion of Outlook Web Access on Exchange 2003. Some of them were getting the error, “ActiveSync encountered a problem on the server support code: 0×85010001″ or similar on the hand held devices. In all of the cases the following fix resolved each client’s particular problem.

Exchange 2003 has 6 total virtual directories. They are as follows:

Exchange | Exchweb | Exadmin | OMA | Public | Microsoft-Server-ActiveSync

For more information on the function of each virtual directory please visit this Daniel Petri’s website which is where I normally go to get the how-to for this function.

Now that we have identified the virtual directories associated with OWA, we need to backup the configuration and then delete them. I know, this seems like a really huge step, it was for me the first time I did it but now I do it on a regular basis. You will need to backup the configuration from IIS Manager by right clicking on the Default Web Site and going to “Save Configuration to a File”. I don’t think I need to walk you through the rest of the dialog boxes, you’ll figure it out.

Now that the configuration is backed up, delete the 6 virtual directories mentioned above. You may also, depending on OS version, have a virtual directory “exchange-oma”. Leave it alone for right now, we will get to it in a bit. Before we recreate the virtual directories, we need to delete a key out of the IIS Metabase. For this you will need to download the IIS 6.0 Resource Kit from here. Go ahead and install the package and navigate to “Metabase Explorer” which is part of the resource kit you just installed. In Metabase Explorer you will have some keys on the left hand side, LM being one of them. Expand the LM key and you will find the first one (ususally) to be DS2MB. Delete it the key DS2MB. DS2MB stands for Directory Service to Metabase. It’s purpose is to transfer configuration information from AD to IIS. It’ll get recreated during the next process.

Now that the virtual directories and the DS2MB keys are deleted, you can restart the “Microsoft Exchange System Attendant” service. That will recreate what we have deleted.

For some reason when the virtual directories are recreated you still have to fix a permissions issue to get it to function. Do this by going into IIS Manager and right clicking on the virtual directory “Exchweb” and select properties. Then go to the Directory Security tab and click Edit under Authentication and Access control. Ensure that Anonymous and Integrated Authentication are checked. An Inheritance Override dialog box will appear, make sure you click Select All. Click OK to finish. After you have completed that, go back into Authentication and Access control and uncheck Integrated Windows Authentication. (Yes I know, seems odd). Ok out and you are finished.

That pretty much sum’s the fix up. You will need to redo your SSL stuff but other than that you should have a fully functional OWA configuration.

Now, this is where the support code stuff and the exchange-oma virtual directory I mentioned earlier comes in. There are a number of mobile devices that are capable of connecting to Exchange to get email, contacts, calendar and tasks from their account. Some of them work with SSL / Forms Based Authentication and some don’t. To fix the ones that don’t support it, follow the steps below to get your non SSL Windows Mobile devices to connect to Exchange.

First delete the virtual directory (if you have it) exchange-oma. Now to finish this we will need to create a second virtual directory for OMA access. First, open IIS Manager and right click on the Exchange virtual directory and select “Save Configuration to File”.  Name is something like exchange-oma. Now, right click on “Default Website” and select new virtual directory from file.  Find the file you just saved (i.e. exchange-oma).  You will get a dialog box saying the virtual directory already exists.  In the alias box, type exchange-oma (or similar).

Lets, make it non SSL bound now.  Right click on the virtual directory you just created and go to the Directory Security Tab and then Authentication and Access control.  Make sure that Integrated and Basic authentications are enabled. Ok out and then under Secure communications click edit and uncheck “require SSL”.  Ok out and close IIS Manager.

To get IIS and Exchange to use the new virtual directory correctly we need to make a slight registry change.  Open the Registry Editor and find “HKLMSYSTEMCurrentControlSetServicesMasSyncParameters” If it does not exist, in the right pane right click and create a new String Value.  Name it ExchangeVDir and press Enter.  Modify the value of the key and put /exchange-oma in that field.

You are almost done now, quit the registry editor and restart the IIS Admin Service.  You can also use iisrestart from the run line or command prompt.

Here are some of the links I used to put this post together and have used in the past successfully.

Petri IT Knowledgebase | Dev IT Weblog | Microsoft

Leave a Reply

Your email address will not be published. Required fields are marked *