ActiveSync, OWA, EMC and IIS stopped working in Exchange Server 2010

When ActiveSync in Exchange Server 2010 becomes inoperable due to unknown reason, other applications that are linked up with Active Sync may become non-functional as well. In my case, I have stumbled upon where smart devices stopped synchronizing to Exchange Server 2010, Outlook Web App (OWA), Exchange Management Console (EMC) and Internet Information Services (IIS) also became inoperable.  Note that Microsoft Outlook is fully operational.

Resolution:

  • Navigate to C:\Windows\System32\inetsrv\config, locate applicationHost.config and rename to applicationHost.config.old

applicationhost location

 

  • Replace the file C:\Windows\System32\Inetsrv\Config\Applicationhost.config from a backup.
  • Open a command prompt and run iisreset to Reset the IIS Service.

iisreset command

Now, test the email flow from a smartphone. Access the OWA, open up EMC and IIS. They should all start working and be fully functional.

HTTP Error 503. The Service is unavailable – SharePoint 2010

Note:  This Tutorial is based on SBS 2011 Server – Sharepoint 2010 and it will also work on Windows Server 2008.

Have you seen the HTTP Error 503 in your browser when you’re trying to access your SharePoint site?

Here are the possible resolutions:

Option 1:  Make sure that all SBS Sharepoint application pools are “Started” and not “Stopped”.

To do this, locate Information Services (IIS) Manager (click on Start then Administrative Tools) from the Windows Server (SBS 2011 or 2008). Select Application Pools, then locate all SharePoint application pools, if they need to be Started, go to the Application Pool Tasks pane and select Start.

Application Pools - Services

If Option 1 didn’t help resolve the issue…… proceed to the next Option.

Option 2:  In the Application Pools Properties, select SBS Sharepoint AppPool, select Advanced Settings….

Error 503 pic1

In the Advanced Settings properties, go to Process Model, go to Identity and click on

Advanced Settings

In the Application Pool Identity properties, go to Custom account then Set… then change the Username and Password.

Application Pool Identity

Now, try to access your SharePoint site on any browsers and see if error 503 has disappeared.

 

SSL Error: “The security certificate presented by this website was not issued by a trusted certificate authority.”

Installing a 3rd party SSL Certificate can be very frustrating, tedious process and things can go haywire unexpectedly. Have you tried re-keying/generating the Certificate Signing Request (CSR) then installing the SSL Certificate many times and was wondering why your server is rejecting it? I have experienced this annoying process and will not go through with this process again.

I found a great utility to alleviate my irritation in installing a SSL Certificate. DigiCert is a one stop shop to do repair, test and export your SSL certificate.

When you download DigiCertUtil simply open up the compressed file (DigiCertUtil.zip) and double-click on the executable file (DigiCertUtil.exe) then you’ll see the list of all the Certificates, some with the yellow exclamation mark or a red X.

Image 1 – Click on the SSL padlock icon, select the Certificate that needs to be repaired then choose Repair Certificate
digicert 1

Image 2 – Once the Certificate has been repaired, click on the Export Certificate.

digicert 2

Image 3 – Other Tools that might help you to ensure that the Certificate is valid and successfully installed – DigiCert Chain Manager, Certificate Installation Checker, Proxy Settings and Windows Automatic Root Update

digicert 3

Now that you are aware on how to troubleshoot your SSL Certificate by using a DigiCert utility, this great utility will save you a lot of work and headaches. I’m quite impressed with the outcome.

Creating a Mobile Device Policy in Exchange Server

You may create a mobile device policy thru Exchange ActiveSync Mailbox Policy in Exchange Server 2010. In this Tutorial we will enforce a password policy on the mobile device.

On the Exchange Management Console, expand Microsoft Exchange On Premises, click on Client Access. From the Actions pane click on New Exchange ActiveSync Mailbox Policy

Image 1

On the New Exchange ActiveSync Mailbox Policy, type the name in the Mailbox policy name. Put a check mark on applicable policies then click on New to continue.

New Exch ActiveXynx Policy

Click on Finish to complete the New Exchange ActiveSync Mailbox Policy wizard.

completion

The new policy should now appear on the Exchange ActiveSync Mailbox Policies Tab.

Mobile Password Policy

Test the new policy on a mobile device to ensure that it works.

How to perform a remote wipe on a mobile phone from Exchange Server 2010

There’s a neat tool in Exchange Server 2010 that you may utilize in case a company phone (e.g. Droid, iPhone, etc) has been misplaced, lost or stolen. You may perform a remote wipe of the data from the mobile phone from Exchange Server without having to do a physical mobile data wipe out.

On Exchange Management Console, expand Microsoft Exchange On Premises, expand Recipient Configuration, click on Mailbox, from the Actions pane, select the Mobile User that you wish to do a remote data wipe out, click on Manage Mobile Phone…

image 1

On the Manage Mobile Phone properties select the Perform a remote wipe to clear mobile phone data in the Action section then click on Clear.

Perform remote wipe of mobile phone data

How to Allow or Block a Website or URL by using GPO in Windows Server 2008

Requirements: Windows Server 2003 R2 or above versions (Windows 2008 & Windows Server 2012) Domain Controller

In this Tutorial we will be using Windows Server 2008 server, the procedure that you are about to read will be similar to Windows Server 2003 R2 and Windows Server 2012.

Open up the Group Policy Management Editor and locate the Organizational Unit (OU), expand User Configuration, expand Windows Settings, expand Internet Explorer then click on Security and double click Security Zones and Content Ratings.

gp-mgmt-editor
On the Security and Privacy Settings properties, under Content Ratings select Import the current Content Ratings settings, then click on Modify Settings then click OK.

Security Zones Content Ratings

On Content Advisor properties, click on Approved Sites tab, in Allow this website you may select Always, to Allow a website then click OK.

Allow site

Allow Website

or  choose Never to block a website then click OK.

Content Advisor pic1

Content Advisor

How to Customize the Appearance of Remote Web Access in SBS 2011

If you get tired of the RWA appearance, it is quite simple to change and customize it.

On the Windows Small Business Server 2011 Standard Console, click on Shared Folders and Web Sites, click on the Web Sites Tab, select Remote Web Access then click on Manage permissions.

Shared Folders and Web sites

On the Remote Web Access Properties verify that Customization is selected, you may change the Organization Name if you wish. In the Background image, click on Choose and select the image that you wish to use. In Organization logo, click on Choose and select the image that you wish to use. Click on Apply then OK.

Customize RWA

You may now compare the Before & After Customization.

Before Customization

Dedault look

After Customization:

Customized look