IIS Error: An error occurs when you configure the Exchange, Exchweb, or Public virtual directories in an Exchange Server 2010 environment (kb2633193) (Network Steve Forum)

Remote Support Software

Provide instant remote support to customers and employees:

Click here for a free trial

IIS Error: An error occurs when you configure the Exchange, Exchweb, or Public virtual directories in an Exchange Server 2010 environment (kb2633193)

8 weeks after migration form Exchange 2003, no issues.
Installed TMG end of last week and started getting authentication prompts from users on internal network.
I think what's happened is that in the process of making changes with TMG, IIS got corrupted as per
http://support.microsoft.com/kb/2633193

Looks like some of the entries made were completed and some not. I have a call open with MS about this as I have no idea what would cause above. Right now only clients running cached mode are affected.

Some output:

[PS] C:\Windows\system32>Get-OABVirtualDirectory | fl InternalURL

InternalUrl :
http://fsesxexh01.company.local/OAB

[PS] C:\Windows\system32>Get-AutodiscoverVirtualDirectory | fl InternalURL

InternalUrl :

[PS] C:\Windows\system32>Get-ClientAccessServer | fl AutodiscoverServiceInternalUri

AutoDiscoverServiceInternalUri :
https://fsesxexh01.company.local/Autodiscover/Autodiscover.xml

[PS] C:\Windows\system32>Get-WebservicesVirtualDirectory | fl InternalURL

InternalUrl :
https://fsesxexh01.company.local/EWS/Exchange.asmx

[PS] C:\Windows\system32>Get-OWAVirtualDirectory | fl InternalURL

InternalUrl :
https://fsesxexh01.company.local/owa

[PS] C:\Windows\system32>Get-ECPVirtualDirectory | fl InternalURL

InternalUrl :
https://fsesxexh01.company.local/ecp

[PS] C:\Windows\system32>Get-ActiveSyncVirtualDirectory | fl InternalURL

InternalUrl :
https://fsesxexh01.company.local/Microsoft-Server-ActiveSync

=======================

[PS] C:\Windows\system32>get-autodiscovervirtualdirectory |fl

RunspaceId : 346475dc-400d-43f8-9a09-4d7a29d9a14a
Name : Autodiscover (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
LiveIdSpNegoAuthentication : False
WSSecurityAuthentication : True
LiveIdBasicAuthentication : False
BasicAuthentication : True
DigestAuthentication : False
WindowsAuthentication : True
MetabasePath : IIS://FSESXEXH01.company.local/W3SVC/1/ROOT/Autodiscover
Path : E:\Exchange 2010\ClientAccess\Autodiscover
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
Server : FSESXEXH01
InternalUrl :
ExternalUrl :
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=Autodiscover (Default Web Site),CN=HTTP,CN=Protocols,CN=FSESXEXH01,CN=Servers
xchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative
Groups,CN=METAL
Microsoft Exchange,CN=Services,CN=Configuration,DC=company,DC=local
Identity : FSESXEXH01\Autodiscover (Default Web Site)
Guid : 2dde32f9-79fe-4b5e-8fde-cb5c9eac88d7
ObjectCategory : company.local/Configuration/Schema/ms-Exch-Auto-Discover-Virtual-Director
ObjectClass : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualDirectory}
WhenChanged : 4/24/2012 12:47:45 PM
WhenCreated : 4/24/2012 12:47:27 PM
WhenChangedUTC : 4/24/2012 6:47:45 PM
WhenCreatedUTC : 4/24/2012 6:47:27 PM
OrganizationId :
OriginatingServer : fsesxadd03.company.local
IsValid : True

Need to support users over the internet? click here try our remote control online beta

June 11th, 2012 11:40am

TMG shouldn't corrupt IIS.
Do you have a split-brain DNS? You should so you can use the same URLs, allowing outside users will connect through TMG while inside users will connect directly to the Exchange CAS servers. It will greatly simplify your InternalURL and ExternalURL
settings and help you eradicate the nuisance authentication prompts.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

There is an amazing pack of free network admin tools. click here to download it

June 11th, 2012 2:37pm

TMG shouldn't corrupt IIS.
Do you have a split-brain DNS? You should so you can use the same URLs, allowing outside users will connect through TMG while inside users will connect directly to the Exchange CAS servers. It will greatly simplify your InternalURL and ExternalURL
settings and help you eradicate the nuisance authentication prompts.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Need to support users over the internet? click here try our remote control online beta

June 11th, 2012 2:45pm

This topic is archived. No further replies will be accepted.