Tom Decaluwé

Yesterday evening we patched a number of servers as we where running behind on our normal patch cycle. Everything went well but this morning I got a call from our UK users that their OWA system was not working.

Our infrastructure is running exchange 2003 with one Front-End in our central datacenter and two back-end’s one in each country UK / BE.

The exchange servers are all members of the root domain but the UK users are still part of a child domain.

Belgian users where having no problem accessing there OWA, syncing the Windows mobiles,… But I got a call from UK telling me they couldn’t logon to the webmail.

1. My first reaction was to review all patches and to check if Front-End and Back-End where all running at the same patch levels,… This didn’t seem to be a problem.

2. My second thing to check was if i could actually reach the back-end OWA interface from the front-end server. To my surprise this was also giving me the auth prompt’s and ending in an Access denied.

3. My third step was to access OWA on the Back-End from a local UK client, this was working without a problem :-(

4. After checking the firewall rules between front-end / back-end I decided to fire up my trusted Wireshark and see what the f*ck was going one. And yes within seconds I had my answer.

Packet 360 gave me what I needed to know => there was a +10 minutes time skew between the Front-End and the Back-End server that was causing Kerberos to error out.

6. After updating the firewall rules to allow NTP traffic a quick net time update and kazaaam, everything was back to normal

grtz

Tom

If you are interested in TMG and the Forefront product, don’t forget to register for Thursday’s 18-02-2010 online event:

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032439027&EventCategory=2&culture=nl-BE&CountryCode=BE

This session will be presented by MVP Paul Loonen a security specialist.

IT-Talks, Pro-Exchange & Winsec are teaming up to bring you the first every Belgian IT-Pro Chalk Talk session, on Thursday 4 March 2010, the the Microsoft België offices.

During this event we will be bringing a panel of MVP’s and other leading industry experts together to answer any and all of your technical questions in a live and interative environment.

The purpose of this session is to show you how the panel thinks and analyses problems from there expertise and where possible formulate answers or research options to help you solve your real world issues.

The technologies that we will be covering during this event are:

· Exchange Server

· Office Communications Server

· Active Directory

· Security

· General networking TCP/IP

· Group policies

We offer you the option to send your questions / problems upfront by email or bring them in and ask them live.

· info@pro-exchange.be

· info@it-talks.be

· chalktalk@winsec.be

Pre-registration for this event is required at http://itprochalktalk.eventbrite.com/.

If you can’t physically make it to this event you will have the opportunity to join in through a live meeting. The details will be emailed to all registered users.

IT-Talks, Pro-Exchange & Winsec

Registratie via http://itprochalktalk.eventbrite.com/