Microsoft KB Archive/837365

= You cannot expand the public folders list in Exchange System Manager on a Windows Small Business Server 2003-based computer =

Article ID: 837365

Article Last Modified on 12/3/2007

-

APPLIES TO


 * Microsoft Windows Small Business Server 2003 Premium Edition
 * Microsoft Windows Small Business Server 2003 Standard Edition

-





SYMPTOMS
When you try to expand or to update the public folders list in Microsoft Exchange System Manager on a Microsoft Windows Small Business Server 2003-based computer, you may receive error messages that are similar to the following:

Could not locate the root folder. Ensure that your default virtual server is running and it is configured correctly. If you have used the IIS Lockdown or URL Scanning security tools on your server, go to http://support.microsoft.com for more information about running these tools.

ID no: c103b405

Exchange System Manager

URLscan rejects the request because of specific elements contained within the request itself. The elements that cause the request to be rejected are listed in the file urlscan.ini that is created when URLscan is installed. This file and the lists it contains must be edited to permit Exchange System Manager to properly access and display public folders.

ID no: 80040e19

Exchange System Manager

When this behavior occurs, the following items may be recorded in the UrlScan log file. The UrlScan log file is located in the C:\Windows\system32\inetserv\urlscan\logs folder.
 * Client at : URL contains extension '.', which is not specifically allowed. Request will be rejected.
 * Client at : Sent verb 'SEARCH', which is not specifically allowed. Request will be rejected.
 * Client at : URL contains extension '.com', which is disallowed. Request will be rejected.
 * Client at : URL contains a disallowed header 'translate:' Request will be rejected.



CAUSE
This behavior may occur if you have installed version 2.5 of the UrlScan security tool on your Windows Small Business Server 2003-based server. The UrlScan security tool rejects the request to expand or to update public folders based on certain items in the request that are not permitted to pass through.



RESOLUTION
To resolve this behavior, you must modify the Urlscan.ini file to permit these items to pass through. To do this, follow these steps:  Open the Urlscan.ini file in Notepad. The Urlscan.ini file is located in the C:\Windows\system32\inetsrv\urlscan folder. Locate the following line in the Urlscan.ini file:

AllowDotInPath=0 ; If 1, allow dots that are not file extensions.

Replace 0 with 1 as follows:

AllowDotInPath=1 ; If 1, allow dots that are not file extensions.

 Locate the following section:

'''[DenyVerbs]


 * The verbs (aka HTTP methods) listed here are used for publishing


 * content to an IIS server via WebDAV.


 * Note that these entries are effective if &quot;UseAllowVerbs=0&quot;


 * is set in the [Options] section above.

PROPFIND

PROPPATCH

MKCOL

DELETE

PUT

COPY

MOVE

LOCK

UNLOCK

OPTIONS

SEARCH'''

Delete SEARCH from this section. Locate the following section:

'''[AllowVerbs]




 * The verbs (aka HTTP methods) listed here are those commonly


 * processed by a typical IIS server.




 * Note that these entries are effective if &quot;UseAllowVerbs=1&quot; ; is set in the [Options] section above.



GET

HEAD

POST'''

In this section, type SEARCH on a separate line after POST. Locate the following section:

'''[AllowExtensions]




 * Extensions listed here are commonly used on a typical IIS server.




 * Note that these entries are effective if &quot;UseAllowExtensions=1&quot;


 * is set in the [Options] section above.



.htm

.html

.txt

.jpg

.jpeg

.gif'''

In this section, type .com on a separate line after .gif. Locate the following line:

UseAllowExtensions=0 ; If 1, use [AllowExtensions] section, else use ; the [DenyExtensions] section.

Replace 0 with 1 as follows:

UseAllowExtensions=1 ; If 1, use [AllowExtensions] section, else use ; the [DenyExtensions] section.

</li> Locate the following section:

[DenyHeaders]




 * The following request headers alter processing of a


 * request by causing the server to process the request


 * as if it were intended to be a WebDAV request, instead


 * of a request to retrieve a resource.



Translate:

If:

Lock-Token:

Transfer-Encoding:

In front of Translate:, type ; as follows:

;Translate:

</li> On the File menu, click Save, and then close Notepad.</li> Run the UrlScan security tool to load the new Urlscan.ini file. To do this, click Start, click Run, type %Systemroot%\system32\inetsrv\urlscan\urlscan.exe, and then click OK.</li> At a command prompt, type iisreset, and then press ENTER to reset the IIS services.</li></ol>

Keywords: kbnetwork kbprb kbwinservnetwork KB837365

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.