Currently, the network architect has all 65,000+ ports are wide open, between the FE server and the BE server, until he sees what is flowing after the install. Then he will lock it down to specific ports.
I told him that he needed to open the following ports in the firewall, based on an article on MSExchange.org (http://www.msexchange.org/tutorials/OWA_Exchange_Server_2003.html), by Markus Klein, titled "Implementing Outlook Web Access with Exchange Server 2003" * For Exchange Communication: o Port 80 for HTTP o Port 691 for Link State Algorithm routing protocol * For Active Directory communication: o Port 389 for LDAP (TCP and UDP) o Port 3268 for Global Catalog Server LDAP (TCP) o Port 88 for Kerberos Authentication (TCP and UDP) On 3/6/07, Tim Vander Kooi <[EMAIL PROTECTED]> wrote:
My guess is that you don't have all the necessary holes opened through your firewall to allow authentication to the internal domain/forest. The setup process thinks it can't authenticate due to the service not running since it isn't aware of the firewall in the way. Tim -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jim Blunt Sent: Tuesday, March 06, 2007 4:11 PM To: Exchange Discussions Subject: Re: Cannot Install OWA 2003 I was attempting to do the initial Exchange installation, after which I will go back and check the box to make it an FE. It's during the installation that it blows up. Nice catch Tim, but yes...the account is a Domain, Enterprise, Schema and Exchange admin. The complete and total error message was: The component "Microsoft Exchange Messaging and Collaboration Services" cannot be assigned the action "install" because: "You must have write access to the local registry and the Remote Registry Service must be started" On 3/6/07, Ed Crowley [MVP] <[EMAIL PROTECTED]> wrote: > Good question. You shouldn't have to install anything to make an Exchange > server a front-end server. All you need to is to select the checkbox in the > server's property page in Exchange System Manager. > > Ed Crowley MCSE+Internet MVP > Time Magazine's Person of the Year! > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Tim > Vander Kooi > Sent: Tuesday, March 06, 2007 12:53 PM > To: Exchange Discussions > Subject: RE: Cannot Install OWA 2003 > > You get the error when installing Exchange? Or when designating it as a FE > server? > Assuming it's during install, are you logged in with an account having the > necessary forest/domain permissions? > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Jim > Blunt > Sent: Tuesday, March 06, 2007 2:20 PM > To: Exchange Discussions > Subject: Cannot Install OWA 2003 > > Scenario: > o 1 Front-end in the DMZ > o 1 SMTP Bridgehead server > o 1 Mailbox server (~950 Mailbox-enabled users) > > Environment: > o Exchange 2003 Enterprise, SP2 (native) on Windows 2003 Enterprise, > SP1 in a Windows 2003 Native AD > o Outlook 2003, SP2 on client end > o SMTP Bridgehead server is running Symantec Mail Security for Microsoft > Exchange, version 5.0.4.363. It also runs the AV console for administering > the AV on the mailbox server, handles the encryption services in and out of > the domain, and is the OWA Admin server. > > Problem: > I'm trying to actually install the Exchange software on the FE and designate > it as such, but when I do that, I get the following error message from the > install application: > > "You must have write access to the local registry and the > Remote Registry Service must be started" > > I have looked at the permissions on the server and I have full permissions. > I have opened reged32 and given myself explicit Full Control to the HKLM > registry hive. I have rebooted the machine three times. The SMTP, NNTP, > IIS, WWW and Remote Registry services are all running. > > I have Googled and can't find anything. > > Anyone got any ideas? > > Jim Blunt > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange > To subscribe: http://e-newsletters.internet.com/discussionlists.html/ > To unsubscribe send a blank email to > [EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > To unsubscribe via postal mail, please contact us at: > Jupitermedia Corp. > Attn: Discussion List Management > 475 Park Avenue South > New York, NY 10016 > > Please include the email address which you have been contacted with. > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange > To subscribe: http://e-newsletters.internet.com/discussionlists.html/ > To unsubscribe send a blank email to > [EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > To unsubscribe via postal mail, please contact us at: > Jupitermedia Corp. > Attn: Discussion List Management > 475 Park Avenue South > New York, NY 10016 > > Please include the email address which you have been contacted with. > > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange > To subscribe: http://e-newsletters.internet.com/discussionlists.html/ > To unsubscribe send a blank email to [EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > To unsubscribe via postal mail, please contact us at: > Jupitermedia Corp. > Attn: Discussion List Management > 475 Park Avenue South > New York, NY 10016 > > Please include the email address which you have been contacted with. > > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
_________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
