Subscribe to Jim's Junk
Jun
25

The Honeymoon is over…

Posted under Church IT by Jim

Well, I knew it wouldn’t last forever, but the honeymoon with my “nearly flawless and perfect” migration from Exchange 2003 to 2007 is officially over. I’m now going on day three of multi-hour support calls to Microsoft in an attempt to resolve a really ugly problem.

It all started when I followed this technet article on how to remove the last Exchange 2003 server from the Organization. Things went reasonably well as I followed the steps, and all looked good as I shut down the old Exchange box for the last time (or so I thought.)

Within a few hours of decommissioning the box I started to get complaints of “extra” authentication prompts in Outlook 2007. The weird part is that Outlook was authenticating to Exchange just fine, but was prompting for credentials over and over and over for who-knows-what.

Long story short, after two 4+ hour phone calls to Microsoft over the last two days (and waiting for a third call as I type) we have narrowed it down to these simple facts, though we are still no where near a solution:

  1. Restart IIS on the Exchange box
  2. Things will work perfectly for a couple of hours
  3. Outlook 2007 clients start prompting for an additional login, apparently because it cannot authenticate to the Offline Address Book URL (https://server/OAB)
  4. Reset IIS and things work again for a couple of hours until it breaks.

For whatever reason, the Windows Authentication on the OAB virtual directory works “for a while” and then inexplicably fails. MS has no clue at this point. I’ve even tried enabling Anonymous Authentication on the OAB directory, which makes things instantly work again, so I’m pretty darn confident in the symptoms and cause at this point… the only missing piece is a FIX! Because this box was working perfectly prior to my removal of the Exchange 2003 box, I have to assume something in that process is what screwed things up, but WHAT, I have no idea… we’ve completely wiped out the old OAB generation entries and recreated them, and recreated the OAB virtual directory, yet it still works-then-breaks.

More when I finally get this fixed…

Add A Comment