RE: Exchange 2003 SP2 Cluster Hardening
- From: Roy T <RoyT@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 21 Apr 2008 20:56:00 -0700
Moreover, some other users failed to open their Outlook profile(2000, XP,
2003) after the hardening, a new Outlook profile must be created before they
can be connected back to Exchange. Users would like to know the reason
behind it, which I don't have. Anyone any idea?
Thanks
"Roy T" wrote:
Hi Everyone,.
Does anyone ever experience any problem with Exchange Server 2003 Hardening?
I am having problem with Exchange 2003 hardening in my environment. My 2003
Domain(Windows 2003 Server with SP1) is runnning under native mode, and there
are Windows 2000 Pro SP4 and Windows XP Pro clients on my network, Office
version are various, most are Office 2003, but there are some Office XP and
Office 2000 on the network.
There following Microsoft's security templates were used in my hardening
exercise, but some strange behaviors were encountered on SOME(around 30) of
the Windows 2000 Pro stations with either Office 2000, XP or 2003 installed
after the Hardening Exercise. They failed to resolve the Exchange Server
name for some reason(When configure Outlook profile). However, they have no
problem communicating with the Exchange Cluster through PING, TELNET, NETWORK
Share or even Remote Desktop. There should be no port blocking between
Exchange and the clients as other clients on the same network segment have no
problem accessing the server. Moreover, I checked the Host table, repaired
TCP/IP using WINSOCKXP, NewSID, rejoin to Domain, Latest SP for everything
installed, updated NIC driver, even reinstalled NIC driver. Unfortunately,
still no luck.
The same user can access their Outlook on other Win2K Pro workstations, now
I am running out of idea and users are getting frustrated.
I did come accross the following Microsoft's KB, but didn't help.
http://support.microsoft.com/kb/325930
Microsoft's Security Template
----------------------------------------------------------------------------------------------------------------------------------------------
Windows 2003 Security Template
http://www.microsoft.com/technet/security/prodtech/windowsserver2003/w2003hg/sgch00.mspx
Exchange 2003 Security Template
http://www.microsoft.com/technet/prodtechnol/exchange/Guides/E2k3SecHardGuide/faecb78b-8453-4192-966e-06b05d49103f.mspx?mfr=true)
Domain Level (EC-Domain.inf)
Domain Controllers (EC-Domain Controller.inf,
Exchange_2003-DC_Incremental_V1_1.ing)
Exchange 2003 SP2 Back-End Cluster (EC-Member Server Baseline.inf,
Exchange_2003-Cluster_Node_Base_V1_1.inf,
Exchange_2003-Cluster_Node_IMAP4_V1_1.inf,
Exchange_2003-Cluster_Node_POP3_V1_1.inf)
----------------------------------------------------------------------------------------------------------
------------------------------------
Error Message Prompted!!
------------------------------------------------------------------------------------------------------------------------
The name could not be resolved. The Microsoft Exchange address book was
unable to logon to the Microsoft Exchange Server computer.
The server containing the global address list is no longer available. You
can reconnect to a different server by restarting Outlook or retry the
operation when the server is reachable.
-------------------------------------------------------------------------------------------------------------------------
Anyone with any idea will be greatly appreciated!!
--------------------------------------------------------------------------------
Roy
- References:
- Exchange 2003 SP2 Cluster Hardening
- From: Roy T
- Exchange 2003 SP2 Cluster Hardening
- Prev by Date: Re: File server and Exchange migration
- Next by Date: RE: Auto Acccept Agen
- Previous by thread: RE: Exchange 2003 SP2 Cluster Hardening
- Next by thread: I need NDR to be generated in my local language instead of English...
- Index(es):
Relevant Pages
|
