Microsoft KB Archive/821745

= XCCC: Outlook Web Access Is No Longer Available After You Use Microsoft Baseline Security Analyzer =

PSS ID Number: 821745

Article Last Modified on 6/25/2003

-

The information in this article applies to:


 * Microsoft Exchange 2000 Server
 * Microsoft Internet Information Services 5.0

-





Important This article contains information about editing the metabase. Before you edit the metabase, verify that you have a backup copy that you can restore if a problem occurs. For information about how to do this, see the &quot;Configuration Backup/Restore&quot; Help topic in Microsoft Management Console (MMC).



SYMPTOMS
When you run the Microsoft Baseline Security Analyzer (MBSA) tool on an Exchange 2000 Server computer, the report returned by MBSA identifies that parent paths are a vulnerability on your server. After you follow the instructions that are provided to clear the Enable parent paths check box in Internet Services Manager (ISM), users cannot log on to Outlook Web Access (OWA). OWA users may receive an error message similar to the following:

HTTP 404 File Not Found

OWA users who do not receive an error message may receive a directory listing of the contents of drive M on the Exchange 2000 computer.



CAUSE
This issue occurs when you clear the Enable parents paths check box in ISM, and then you select the following folders in the Inheritance Overrides dialog box:
 * Exchange
 * Public
 * Exadmin

When you select these folders, they are configured to inherit the application mappings that are used by the Default Web Site and the application mappings for the Exprox.dll or the Davex.dll files are removed. When these application mappings are overwritten, the behavior described in the Symptoms section occurs.



RESOLUTION
To resolve this issue, stop System Attendant, and then restart it. If stopping and restarting System Attendant does not resolve the issue, use MetaEdit to delete the  subkey from the metabase, and then restart System Attendant. This re-creates the  key. When the  subkey is re-created, the correct mappings for the Exchange virtual directories are also re-created.

Note This process overwrites the configuration settings of the Exchange virtual directories in the ISM with the configuration settings from the Microsoft Active Directory directory service.

Edit the Metabase
Warning If you edit the metabase incorrectly, you can cause serious problems that may require you to reinstall any product that uses the metabase. Microsoft cannot guarantee that problems that result if you incorrectly edit the metabase can be solved. Edit the metabase at your own risk.

Note Always back up the metabase before you edit it. To edit the metabase, follow these steps:  Click Start, point to Programs, point to Administrative Tools, and then click Services. Right-click Microsoft Exchange System Attendant, and then click Stop. Click Yes to stop the other services. Click Start, point to Programs, point to Administrative Tools, and then click MetaEdit 2.2. For additional information about how to install MetaEdit, click the following article number to view the article in the Microsoft Knowledge Base:

301386 HOW TO: Install MetaEdit 2.2 on Windows NT 4.0 or Windows 2000

 Locate the following subkey in the metabase:  On the File menu, click Export text file, and then click Yes.</li> Type a name for the file, click Save, and then click Yes in the confirmation dialog box.</li> Click OK.</li> Right-click the LM\DS2MB subkey, click Delete, and then click Yes to confirm the deletion.</li> Quit MetaEdit.</li></ol>

Restart Administrative Services

 * 1) Click Start, point to Programs, point to Administrative Tools, and then click Services.
 * 2) Right-click IIS Admin Service, and then click Restart.
 * 3) Click Yes.
 * 4) Right-click Microsoft Exchange System Attendant, and then click Start.
 * 5) Right-click Microsoft Exchange MTA Stacks, and then click Start.
 * 6) Right-click Microsoft Exchange Information Store, and then click Start.

If manually deleting the  subkey from the metabase does not resolve this issue, manually delete the /Exchange, the /Public, and the /Exadmin virtual directories in ISM. For additional information about how to delete the Exchange virtual directories, click the following article number to view the article in the Microsoft Knowledge Base:

289869 XCCC: FTP Type Directory Is Displayed When You Log On to OWA

<div class="moreinformation_section">

MORE INFORMATION
Microsoft Baseline Security Analyzer (MBSA) analyzes Windows-based systems for common security misconfigurations. MBSA version 1.0 includes a graphical and a command line interface that performs local or remote scans of Windows-based systems. For additional information about MBSA, click the following article number to view the article in the Microsoft Knowledge Base:

320454 Microsoft Baseline Security Analyzer (MBSA) Version 1.1.1 Is Available

For more information about MBSA, visit the following Microsoft Web site:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/Tools/mbsaqa.asp

Additional query words: Internet service manager

Keywords: kberrmsg kbprb KB821745

Technology: kbExchange2000Search kbExchange2000Serv kbExchange2000ServSearch kbExchangeSearch kbiis500 kbiisSearch

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© 2004 Microsoft Corporation. All rights reserved.