Archive for March, 2008
Ran across an unusual one this week that’s worth sharing. A site had two users who could not log in to Outlook Web Access hosted on SBS 2003. All other users could log in to OWA without issue, but these two could not. The employees do shift work and sign on to a shared workstation and only access e-mail via OWA, no Outlook client was installed on the workstation. The error encountered when trying to log in was “username or password is incorrect.” The password for the accounts were changed, and the accounts were checked to make sure they were not locked out. Attempts to access OWA from any workstation failed, internally and externally.
We checked the status of the mailbox in Exchange System Manager to make sure the mailbox had not been disconnected on either account, and the mailboxes were connecting fine. We tried to access the mailbox by creating an Outlook profile on another workstation and could access the contents of the mailbox, so we knew the mailbox was not corrupt. We tried to access the user mailbox through the Administrator’s OWA logon (after granting the Administrator account full access to the user mailbox) and as soon as we attempted to open the path to the user’s mailbox, we got a login prompt instead of access to the mailbox.
We tried to access the mailbox via Outlook Mobile Access, and got an “access denied” error after three login attempts. That prompted us to go look in the Security Log on the server, and that’s where we found the clue – we got a login failure for the user on the server. We found out that the local administrator had tried to restrict the user’s ability to log in to only one workstation in their AD account properties. In the Account tab, in the Log On To button, the only machine listed was the workstation. We added the server to the list of machines the user could log into, and we were able to access the account through OWA from all workstations.
Trying to restrict the user’s ability to log in to a single workstation is a good idea. But the actual authentication for OWA/OMA actually takes place on the server, which is where the service runs to grant access to the user. If you choose to use the Log On To feature of Active Directory to limit where the user can log in, be sure to add the server as one of those machines so network services can be accessed by the user account.
Microsoft released KB948496 which is an update that disables ALL of the Scalable Networking components that were added into Windows Server 2003 SP2 last year. The previous update only disabled two of the four components, and in practice, systems have continued to have problems when any of the Scalable Networking components were enabled.
This update could come down with Automatic Updates this month, but may not get automatically installed. If you are running SBS 2003 with Windows Server 2003 SP2, you need to install this update.
Microsoft has started the marketing push for SBS 2008 as part of the Windows Essential Server Solutions family of products, that currently includes Small Business Server 2008 and Essential Business Server 2008. Unfortunately, the marketing is prominently featuring an element that has been causing some confusion in the SBS space. Right on the main WESS page, the blurb for SBS 2008 states that SBS 2008 is: “An affordable server solution designed for businesses with 50 employees or fewer.” Many people are thinking that this means SBS 2008 will revert back to a 50 user/device maximum licensing combination, which is less than the 75 user/device max in SBS 2003.
Fear not, the maximum # of users/devices that will be licensed with SBS 2008 is still 75. Yes, Microsoft has targetted SBS 2008 for the 1-50 user market and EBS 2008 for the 50-250 user market, but the technical limitations on the maximum number of users/devices has not changed. You can find the 75 figure listed at http://www.microsoft.com/windowsserver/essential/products.mspx and http://www.microsoft.com/windowsserver/essential/choose-solution.mspx.
The serious IT Professional knows that the number of licenses is not the only factor in determining which product will be the best solution for a particular company. Some 50-75 user companies will do just fine on SBS 2008. I know of a couple of 20 user companies (and smaller) that EBS 2008 would be an excellent match for. It all boils down to need and resource availability. Will you be able to run a 75-user company on an SBS 208 box that was designed for 15-20 users? Yes, but it may not perform as well as expected. Would the three-server implementation of EBS 2008 be complete overkill for some 60 user businesses? Absolutely.
With EBS in the product options now, there are more considerations to make when planning an SBS/EBS implementation for a business. The maximum number of user/device licenses is simply one consideration. There will be many, many others.