# Microsoft SBS 2003 web server to host website?



## knudmt (Jun 17, 2010)

Hello everyone,

I am a newbie, just finishing my B.S. this semester. I am attempting to configure Microsoft SBS 2003 to be a web server to host a company website. I realize that this is not exactly the best O.S. to use for this but its what we have.

So the Server is connected to the sonicWall firewall on a LAN port and the Firewall is connected to the Cable modem. I have attempted to follow the instructions on the microsoft forums for hosting a website on SBS 2003. When I run the configuration wizard I recieve an error with the firewall. It simply says that an error occured while attempting to configure the firewall.

I used my DNS primary and DNS seconday that I recieved from the ISP. however it asks for the local router IP. I used the firewall IP and it gets me on the internet. if I use the cable modem ip it kicks me off the net.

I disabled DHCP on the server since the firewall is doing this for me. No need for it right?

Can anyone tell me what I am doing wrong? I appreciate any help


----------



## 2xg (Aug 5, 2009)

Hello,

Try these simple steps for now:
Connect a computer directly to the Modem and do an ipconfig /all, post the results here.
After that, connect the same computer to your router this time and do an ipconfig /all, post the results her as well.


----------



## knudmt (Jun 17, 2010)

will do! I will post the results on wed. Thanks for the quick reply!!!


----------



## knudmt (Jun 17, 2010)

Ok I have gathered the information that you asked for:

Server plugged into the LAN port on Firewall
Windows IP Configuration

Host Name...............: server
Primary DNS Suffix....: Litmark.local
IP Routing Enabled....: yes
WINS proxy enabled..: yes
DNS suffix Search list: Litmark.local

Ethernet adapter network connection 2:

connection-specific DNS suffix . . :
Description................................: Intel (R) Pro/1000 PT dual port server Adapter #2
Physical addy.............................: 00-15-17-d6-ab-f0
DHCP enabled............................: no
IP addy.....................................: 192.168.10.10
Subnet Mask.............................: 255.255.255.0
Default Gateway........................: 192.168.10.1
DNS servers..............................: 192.168.10.10
Primary WINS Server..................: 192.168.10.15

Ethernet Adapter network connection:

connection-specific dns suffix: 
description: broadcom netxtreme gigabit ethernet
physical addy: 00-21-5e-46-b7-08
DHCP enabled: yes
Autoconfiguration enabled: yes
autoconfig ip address: 169.254.71.218
subnet mask: 255.255.0.0
default gateway: 

Plugged into IP Gateway

Host name: server
primary dns suffix: Litmark.local
Node type: unknown
Ip routing enabled: yes
wins proxy enabled: yes
dns suffix search list: litmark.local

Ethernet adapter network connection 2:
connection-specific dns suffix: Intel(R) Pro/1000 pt dual port server adapter#2
physical addy: 00-15-17-d6-ab-f0
dhcp enabled: no
ip addy: 192.168.10.10
subnet mask: 255.255.255.0
default gateway: 192.168.10.1
dns servers: 192.168.10.10
primary wins server: 192.168.10.15

Ethernet adapter network connection:

Description: broadcom netxtreme gigabit ethernet
physical addy: 00-21-5e-46-b7-08
dhcp enabled: yes
autoconfig enabled: yes
autoconfig ip addy: 169.254.71.218
default gateway:

Plugged into cable modem ethernet port

Host name: server
primary dns suffix: litmark.local
node type: unknown
ip routing enabled: yes
wins proxy enabled: yes
dns suffix search list: litmark.local

Ethernet adapter network connection 2:
connection-specific dns suffix:
description: intel(R) pro/1000 pt dual port server adapter #2
physical addy: 00-15-17-d6-ab-f0
dhcp enabled: no
ip address: 192.168.10.10
subnet mask: 255.255.255.0
default gateway: 192.168.10.1
dns servers: 192.168.10.10
primary wins server: 192.168.10.15

Ethernet adapter network connection:
connection-specific dns suffix:
description: broadcom netxtreme gigabit ethernet
physical address: 00-21-5e-46-b7-08
dhcp enabled: yes
autoconfig enabled: yes
autoconfig ip addy: 169.254.71.218
subnet mask: 255.255.0.0
default gateway:


Thank you for taking the time to assist with this issue.

-matt


----------



## knudmt (Jun 17, 2010)

by the way we have a comcast IP Gateway that is connected to the firewall. maybe its a port forwarding thing on the IP Gateway.. Might make sense that the server cant be seen on the internet.


----------



## 2xg (Aug 5, 2009)

You have Manual IP assigned so it doesn't matter I guess, can't see any IP changes.
Bypass the Sonicwall firewall for now since your IP Gateway is almost the same as the Sonicwall and try to configure your web server this way for now. . Make sure that you have it connected this way: Cable Modem=> Router=> IP Gateway=> Switch=> SBS Server/Computers


----------



## knudmt (Jun 17, 2010)

Well the IP gateway is the modem/router combined from comcast. Not how I would have done it. I can plug into the IP Gateway directly. I'm going in after hours today to evaluate whether the ports are open on the server, configure the internal windows firewall, and do some port forwarding. Thank you for your help. I will let you know how things go. I recieve a firewall config error when running the wizard which tells me the internal firewall might be the issue.


----------



## 2xg (Aug 5, 2009)

I would definitely bypass the Sonicwall Firewall for now and please update us.


> Well the IP gateway is the modem/router combined from comcast.


----------



## knudmt (Jun 17, 2010)

You got it! Thanks again for assisting me with this. I appreciate you taking the time to help. I value your time.

--matt--


----------



## knudmt (Jun 17, 2010)

okay so stupid me. I need to pull the log file for the CEICW so I can get a specific error. so, tm I will scan the ports to check which are open/closed, get the log file for the CEICW, and then we can go from there. I will also bypass the firewall so that I only have to port forward from the router. I will let you know tm!!! Should be exciting. stay posted!

thanks again for all the help thusfar!

matt


----------



## djaburg (May 15, 2008)

Make sure you're using business class server from your internet provider or you might be chasing your tail. Most residential providers block most of the common incoming and outgoing ports associated with hosting your own web and email server. Also make sure you have your ports forwarded correctly through the firewall to reach the SBS hosting the website you're trying to make available. The message you're getting relates to SBS trying to change the router, whereas the sonicwall doesn't typically allow for automated management. Which sonicwall router are you using? I've got many of the TZ180's in service and many of them are hosting their own sites and email. I also run a TZ180W at my home...a bit of overkill, but it is more than capable and efficient for my needs.


----------



## knudmt (Jun 17, 2010)

djaburg thanks for the reply! I think there were multiple issues. Right now the server is plugged into the sonicWall pro 1260. I will plug straight into the IP Gateway soon. 

My error log shows:

Error 0x8007041d returned from call to IISConfig Set()
Error 0x8007041d returned from call to CRFireCommit::Commit()
Error 0x1 returned from call to registermsboexchangeBP()

I have not set up the port forwarding yet. but will do shortly.

Again thanks djaburg. I appreciate you taking the time to assist me.


----------



## knudmt (Jun 17, 2010)

Okay guys I have done everything under the sun to this machine and it still throws the same three errors.

1. I have turned off the firewall
2. I have reinstalled exchange server
3. I have replaced the secatts.dll file and registered the service successfully.

The server is plugged right into the modem. cant get on the internet going straight through the ip gateway ( modem / router combo ).

Is this an issue with the certificate? Maybe I need to forward the ports on the ip gateway first? Should I just reinstall SBS 2003?

I really need some help here guys...

errors :
Error 0x80070425 returned from call to IISConfig Set() <-- you will notice that the error numbers have changed.
Error 0x80070425 returned from call to CRFireCommit::Commit()
Error 0x1 returned from call to registermsboexchangeBP()

Let me know if there is anymore information that I can post for you.


----------



## knudmt (Jun 17, 2010)

Okay so I restarted the server today. Upon load it threw an error telling me on or more of the drivers were unable to load. then all my previous settings were gone! couldnt get into the firewall again, error list in icwlog.txt grew exponentialy and couldnt get on the internet. So, I am currently doing a fresh install of the O.S. on the server. Hopefully this will get rid of the problem. I will keep you updated.


----------



## knudmt (Jun 17, 2010)

UPDATE

I have got much of a response so I ended up reformat / reinstall of SBS 03 R2 sp1. Worked great. first time I ran the wizard it went through flawlessly. Had to be the way the server was originally configured. I think it was setup by someone with very little knowledge of Operating Systems. Not that my knowledge is great by any means. but I understand the basic principles of networks and operating systems.

Now I am working on the port forwarding and access to the site from outside of the local network. I have been digging up a lot of information on it. 

the companyweb site prompts for logon & pass. apparently I dont know the proper logon/pass combo. however I found some documentation that points to a security update from microsoft.


----------



## djaburg (May 15, 2008)

If the previous person did things like renaming the serve after the initial install funny things can happen. I'm glad that the reinstall seemed to get things going on the right track. Keep us updated.


----------



## knudmt (Jun 17, 2010)

well here is my latest issue.

when I put the IP addy of the server in IE it brings up the welcome to windows small business server screen. 

then when I try to navigate to the http://companyweb page I was prompted for uname and password. so installed the update and that took care of that.

however it says that the page can not be displayed. 

When I put in https://litmark.local:444/ I get a pretty little error page that says I do not have permission to access this page. ( keep in mind I am logged in as admin with full access on the server! )

looked around for some fixes went through all of them and nada. still cant get in.

here is a little info on how it is set up. 

1. Server is NOT running DHCP
2. Server is attached to the IP Gateway which is running DHCP
3. Server does not control any other computers. literally a web server only.
4. Wizard clears with no issues
5. checked all the user permissions
6. installed all the updates.
7. restarted IIS
8. checked anyonomous login and checked windows authentication
9. I have NOT done anything with the loopback & have not done anything with port forwarding.
10. Running .NET 2.0 
11. running sharepoint sp2
12. SBS 2k3 R2
13. running exchange sp2

I am very close to calling microsoft support. which will cost me a small mountain of cash.
so djaburg have any ideas? tell me what log files you need and I shall provide on monday. have a great weekend.


----------



## 2xg (Aug 5, 2009)

FYI...In order for an SBS Server to function properly, you need to have AD, DHCP, DNS, and all the important Apps/Roles running. In your network, you have DHCP enabled in your router. I would disable that and let your SBS Server do the works and your network should work correctly.


----------



## knudmt (Jun 17, 2010)

I did not know that! forgive my ignorance but what is AD? I believe the app/roles is running. All the pc's are plugged into the lan port on my firewall. however my router is listed as the default gateway. this happened after I came back from over the weekend. all of the sudden all my computers had a 10.1.10.xxx IP when it used to be 192.168.168.xxx. which leads me to believe that my firewall is not doing anything. Now I cant even access the admin page for the firewall.


----------



## 2xg (Aug 5, 2009)

How did you install and configure your SBS 2003? Please see this guide.
Also, this is how you may install/configure AD or Active Directory.

EDIT: To fix this=>


> all of the sudden all my computers had a 10.1.10.xxx IP when it used to be 192.168.168.xxx.


Plug one of the computers directly to the router, assign your computer a Static IP for now with a Subnet Mask of 192.168.168.xxx so that you may be able to logon to your router's config page. Looks like the 10.X.X.X Subnet is coming from your Server's DHCP. Again, you shd disable DHCP from your router and enable DHCP from your Server, of course DHCP and DNS shd be installed and configured correctly first then see the 2 links above that I've provided you.


----------



## knudmt (Jun 17, 2010)

That is pretty much what I did. I let SBS do all the work. Just disabled DHCP because the router is doing this. But that will change as of next week. I will look into the active directory. I am astounded that all this has to be done to host a website, but not surprised due to my lack of knowledge of server technology.


----------



## 2xg (Aug 5, 2009)

Welcome to SBS...you can't just install 1 thing, AD/DHCP/DNS are impt Apps, they're like one big family that need to be integrated. Once they are setup correctly things should look good and you might like it. 


knudmt said:


> That is pretty much what I did. I let SBS do all the work. Just disabled DHCP because the router is doing this. But that will change as of next week. I will look into the active directory. I am astounded that all this has to be done to host a website, but not surprised due to my lack of knowledge of server technology.


Please check this out before you decide to tinker around your SBS and it can get really complicated, these links looks simpler than what you're trying to accomplish, but not unless you really want to use the Server to Host a Website:
How to Host a Website

http://www.technospot.net/blogs/host-a-web-server-on-your-home-pc/


----------



## knudmt (Jun 17, 2010)

Thank you so much! I really appreciate you taking the time to help educate a newbie. I didnt know that these apps work together as a family. I have a great deal to learn about this technology. I will read the suggested articles and keep you up to date with my progress.

Again thank you.



2xgrump said:


> Welcome to SBS...you can't just install 1 thing, AD/DHCP/DNS are impt Apps, they're like one big family that need to be integrated. Once they are setup correctly things should look good and you might like it.
> 
> 
> Please check this out before you decide to tinker around your SBS and it can get really complicated, these links looks simpler than what you're trying to accomplish, but not unless you really want to use the Server to Host a Website:
> ...


----------



## djaburg (May 15, 2008)

Also you need to make some decisions regarding your address scheme. Either your network need to conform to your router, or your router need to conform to your network. As has been said here already, SBS likes (and really should) do everything, this way all computers are talking and functioning. Also MAKE SURE you do any changes by using the SBS wizards and NOT manually making changes since so many thing are linked together and the wizards do make sure that everything plays nice.


----------



## knudmt (Jun 17, 2010)

You are absolutely correct. So lets say SBS does everything. I will plug the server right into the modem/router and the router into the firewall, then the rest of the pc's into the firewall. Would that topology be correct?

This way SBS would be the DHCP, DNS, and AD. I have to read up on these items before I play with that server again. 

Again forgive my ignorance. Your willingness to assist me means a great deal to me.

Thank you for the replies. I will refrain from manual changes from now on.


----------



## 2xg (Aug 5, 2009)

Correct setup should be Modem/Router combo or Modem»Router»Firewall Device»Switch»SBS/Computers


----------



## knudmt (Jun 17, 2010)

Okay sounds good. I think my firewall is also a switch if not I will purchase one on monday. otherwise my topology is gtg. Thanks for all the help. I know it can be frustrating dealing with a newbie. I appreciate the time you have spent


----------



## djaburg (May 15, 2008)

Fortunately we've all been newbies...


----------



## knudmt (Jun 17, 2010)

here is an update.

I did some port forwarding today and all of a sudden I have access to the https://10.1.10.44/remote & https://10.1.10.44/exchange & now I have access to the sharepoint central administration page! They have certificate errors though. not sure how to deal with that.

however the http://litmark.local:444 is still showing up as: internet explorer cannot display the webpage. 

when i use this addy: http://companyweb/default.aspx I get the pretty little error page saying that access is denied.

so, know that I can atleast access sharepoint central admin, email is verfied to work through exchange, what would be the next step?


----------



## 2xg (Aug 5, 2009)

Try adding these Google Public DNS as your DNS resolvers in your Sonicwall Device as your secondary DNS.


----------



## knudmt (Jun 17, 2010)

Oh how I would love to do that! but I cant bring up my sonicwall firewall admin screen! Which means a reset, which means after hours shutdown and reboot. So as soon as I get approval for the after hours stuff I will work on again. I have a feeling that my firewall is creating part of the problem. Plus I was tinkering around in SBS after a fresh install, which may have done me in.


----------



## 2xg (Aug 5, 2009)

gheeze...you have another issue there ha!
That's probably an issue there, your sonicwall firewall settings. Have you backed up a previous setting of your sonicwall? The file extension of the backup is *.exp*

*EDIT:* Before you try the above recommendation, since you're using an IP Gateway, why don't you bypass the Sonicwall Device, bec. it can be complicated if you start tinkering Sonicwall's setting. Also, why don't you add those Google DNS's from the Modem/Router. I wonder if your Sonicwall device has DHCP enabled as well. I would definitely set Sonicwall device aside for now.


knudmt said:


> Oh how I would love to do that! but I cant bring up my sonicwall firewall admin screen! Which means a reset, which means after hours shutdown and reboot. So as soon as I get approval for the after hours stuff I will work on again. I have a feeling that my firewall is creating part of the problem. Plus I was tinkering around in SBS after a fresh install, which may have done me in.


----------



## knudmt (Jun 17, 2010)

Yeah I know this place is a mess! We pay for sonicwall support so I will spend some time with them and see if we cant get in. This isnt the first time this has happened. I really think the firewall is a big problem right now. I will try to plug into the modem tm and see if I cant make more progress.

I do have a backup of previous settings for the firewall.


----------



## 2xg (Aug 5, 2009)

There you go, I do call them whenever I need to, they'll be able to help you resolved your issue.


----------



## knudmt (Jun 17, 2010)

I have not started with the firewall yet. I plugged the server into the modem/router and now have some interesting error messages in the icwlog.txt file. I have the same access to sites.

What I CAN acces:

https://server_ip/remote
https://server_ip/exchange
Sharepoint central administration

Error messages in icwlog.txt
Error 0x4a020 returned from call to clearing dns server entries on the lan nic()
Error 0x4a020 returned from call to setting dns server ip for the lan nic()
error 0x1 returned from call to registermsboexchangebp()
error 0x1 returned from call to cattachcommiter::shouldenablesink()
error 0x1 returned from call to cattachcommiter::commit()

What do you think guys?


----------



## knudmt (Jun 17, 2010)

GOOD NEWS!

I fixed the large issues with this thing. just to help others out this is what I did.
KEEP IN MIND THIS SERVER HAS NO DATA IN IT! NOT RECOMMENDED FOR A SERVER THAT HOUSES A DB OR OTHER IMPORTANT DATA.

1. Fresh Install
2. Install the R2 technologies: SBS R2, sharepoint 2.0, exchange server sp2
3. connect to the internet using the wizard
4. Install microsoft hotfix: kb961143
5. execute the hotfix.
6. should allow all access on the local network.

Gave me access to the Sharepoint Central Admin, companyweb, remote, exchange, everything.

Now I configured the Connection to enable this site to be viewed from the internet. I can not access it from outside the local network. I have forwarded the ports and bypassed the firewall for the moment. Any suggestions?


----------

