ActiveSync, OWA, EMC and IIS stopped working in Exchange Server 2010

When ActiveSync in Exchange Server 2010 becomes inoperable due to unknown reason, other applications that are linked up with Active Sync may become non-functional as well. In my case, I have stumbled upon where smart devices stopped synchronizing to Exchange Server 2010, Outlook Web App (OWA), Exchange Management Console (EMC) and Internet Information Services (IIS) also became inoperable.  Note that Microsoft Outlook is fully operational.

Resolution:

  • Navigate to C:\Windows\System32\inetsrv\config, locate applicationHost.config and rename to applicationHost.config.old

applicationhost location

 

  • Replace the file C:\Windows\System32\Inetsrv\Config\Applicationhost.config from a backup.
  • Open a command prompt and run iisreset to Reset the IIS Service.

iisreset command

Now, test the email flow from a smartphone. Access the OWA, open up EMC and IIS. They should all start working and be fully functional.

HTTP Error 503. The Service is unavailable – SharePoint 2010

Note:  This Tutorial is based on SBS 2011 Server – Sharepoint 2010 and it will also work on Windows Server 2008.

Have you seen the HTTP Error 503 in your browser when you’re trying to access your SharePoint site?

Here are the possible resolutions:

Option 1:  Make sure that all SBS Sharepoint application pools are “Started” and not “Stopped”.

To do this, locate Information Services (IIS) Manager (click on Start then Administrative Tools) from the Windows Server (SBS 2011 or 2008). Select Application Pools, then locate all SharePoint application pools, if they need to be Started, go to the Application Pool Tasks pane and select Start.

Application Pools - Services

If Option 1 didn’t help resolve the issue…… proceed to the next Option.

Option 2:  In the Application Pools Properties, select SBS Sharepoint AppPool, select Advanced Settings….

Error 503 pic1

In the Advanced Settings properties, go to Process Model, go to Identity and click on

Advanced Settings

In the Application Pool Identity properties, go to Custom account then Set… then change the Username and Password.

Application Pool Identity

Now, try to access your SharePoint site on any browsers and see if error 503 has disappeared.

 

SSL Error: “The security certificate presented by this website was not issued by a trusted certificate authority.”

Installing a 3rd party SSL Certificate can be very frustrating, tedious process and things can go haywire unexpectedly. Have you tried re-keying/generating the Certificate Signing Request (CSR) then installing the SSL Certificate many times and was wondering why your server is rejecting it? I have experienced this annoying process and will not go through with this process again.

I found a great utility to alleviate my irritation in installing a SSL Certificate. DigiCert is a one stop shop to do repair, test and export your SSL certificate.

When you download DigiCertUtil simply open up the compressed file (DigiCertUtil.zip) and double-click on the executable file (DigiCertUtil.exe) then you’ll see the list of all the Certificates, some with the yellow exclamation mark or a red X.

Image 1 – Click on the SSL padlock icon, select the Certificate that needs to be repaired then choose Repair Certificate
digicert 1

Image 2 – Once the Certificate has been repaired, click on the Export Certificate.

digicert 2

Image 3 – Other Tools that might help you to ensure that the Certificate is valid and successfully installed – DigiCert Chain Manager, Certificate Installation Checker, Proxy Settings and Windows Automatic Root Update

digicert 3

Now that you are aware on how to troubleshoot your SSL Certificate by using a DigiCert utility, this great utility will save you a lot of work and headaches. I’m quite impressed with the outcome.

Creating a Mobile Device Policy in Exchange Server

You may create a mobile device policy thru Exchange ActiveSync Mailbox Policy in Exchange Server 2010. In this Tutorial we will enforce a password policy on the mobile device.

On the Exchange Management Console, expand Microsoft Exchange On Premises, click on Client Access. From the Actions pane click on New Exchange ActiveSync Mailbox Policy

Image 1

On the New Exchange ActiveSync Mailbox Policy, type the name in the Mailbox policy name. Put a check mark on applicable policies then click on New to continue.

New Exch ActiveXynx Policy

Click on Finish to complete the New Exchange ActiveSync Mailbox Policy wizard.

completion

The new policy should now appear on the Exchange ActiveSync Mailbox Policies Tab.

Mobile Password Policy

Test the new policy on a mobile device to ensure that it works.

How to perform a remote wipe on a mobile phone from Exchange Server 2010

There’s a neat tool in Exchange Server 2010 that you may utilize in case a company phone (e.g. Droid, iPhone, etc) has been misplaced, lost or stolen. You may perform a remote wipe of the data from the mobile phone from Exchange Server without having to do a physical mobile data wipe out.

On Exchange Management Console, expand Microsoft Exchange On Premises, expand Recipient Configuration, click on Mailbox, from the Actions pane, select the Mobile User that you wish to do a remote data wipe out, click on Manage Mobile Phone…

image 1

On the Manage Mobile Phone properties select the Perform a remote wipe to clear mobile phone data in the Action section then click on Clear.

Perform remote wipe of mobile phone data

How to Allow or Block a Website or URL by using GPO in Windows Server 2008

Requirements: Windows Server 2003 R2 or above versions (Windows 2008 & Windows Server 2012) Domain Controller

In this Tutorial we will be using Windows Server 2008 server, the procedure that you are about to read will be similar to Windows Server 2003 R2 and Windows Server 2012.

Open up the Group Policy Management Editor and locate the Organizational Unit (OU), expand User Configuration, expand Windows Settings, expand Internet Explorer then click on Security and double click Security Zones and Content Ratings.

gp-mgmt-editor
On the Security and Privacy Settings properties, under Content Ratings select Import the current Content Ratings settings, then click on Modify Settings then click OK.

Security Zones Content Ratings

On Content Advisor properties, click on Approved Sites tab, in Allow this website you may select Always, to Allow a website then click OK.

Allow site

Allow Website

or  choose Never to block a website then click OK.

Content Advisor pic1

Content Advisor

How to Customize the Appearance of Remote Web Access in SBS 2011

If you get tired of the RWA appearance, it is quite simple to change and customize it.

On the Windows Small Business Server 2011 Standard Console, click on Shared Folders and Web Sites, click on the Web Sites Tab, select Remote Web Access then click on Manage permissions.

Shared Folders and Web sites

On the Remote Web Access Properties verify that Customization is selected, you may change the Organization Name if you wish. In the Background image, click on Choose and select the image that you wish to use. In Organization logo, click on Choose and select the image that you wish to use. Click on Apply then OK.

Customize RWA

You may now compare the Before & After Customization.

Before Customization

Dedault look

After Customization:

Customized look

How to Add or/and Modify Users & Groups Permission in Internal Web site from SBS Server 2011

On the Windows Small Business Server 2011 Standard Console, click on Shared Folders and Web Sites, click on the Web Sites Tab, select Internal Web site then click on Manage permissions.

Shared Folders and Website

On the Internal Web site Properties, make sure Permissions is selected then from the drop down menu of Select the Web site role to change, select the Group, in this Tutorial we will select Windows SBS SharePoint_Visitors Group, then click on Modify to continue.

Internal WEb site properties

On the Change Group Membership page you may add the Users and Groups, from this tutorial we will add Biller-Temp then click on OK to continue.

Add or Remove Users

Change Grp Membership

Click Apply then OK, you have successfully changed a User’s Permission in Internal Web Site.

user added - final

Note:  For advanced permission, you may do this from SharePoint 2010 (version may vary) Central Administration. See this Tutorial.

Remote Web Access (RWA) ‘Use the easy file upload tool’ in SBS 2011

Here’s a neat tool and option in RWA for easy uploading of the file that you wish to share in your network. Log on to your RWA Account and navigate to Home>Shared Folders>Users>Upload then click on Install the easy file upload tool.

Install the easy file upload tool

This next image will appear and you may now begin uploading files by using the drag and drop option with a limit of 2GB.

Drop files here

You may also choose the standard upload method, then click on Browse to locate then upload the files to be shared to the Users.

Standard upload method

Assigning User Permission in SharePoint 2010

If you are a Network Administrator in your company and would like to give a limited access or proper permission to the Intranet Users, I have prepared this Tutorial to walk you through the process of assigning the proper permission to the Users, whether you wish to grant a Full Control, Full Read, Deny Write, Deny All or a Customized permission.

To begin, open SharePoint 2010 Central Administration, click on Central Administration, click on Application Management then click on Manage web applications.

Central Administration

In the Web Applications Tab, click on the SharePoint site name (SBS SharePoint).

Web App Mgmnt

In the Web Applications Tab, click on the User Policy, then click on Add Users.

Web App Mgmnt 2

In the Add Users page, select the Zone, in this tutorial we will select Intranet, click on Next to Continue.

Add Users

In the Add Users page, type the Active Directory User that you wish to give the proper permission to, then click on Finish.

Add Users-Read Access

This concludes the Tutorial in Assigning User Permission in SharePoint 2010.

Note: You may to go back from the Policy for Web Application page to edit the User’s permission if needed.