Watch that CA name

On February 1, 2009, in sbs 2008 migration, by

When you do a SBS 2003 to SBS 2008 migration, one of the gotchas that can nail you in the rear is a gotcha that if you misread the answer file, and put something in there that you shouldn’t ends up causing you to have to use a Remote Web Workplace URL other than the expected remote.domain.com

SeanDaniel.com – Small Business Server and Other Technology: Gotcha’s Using the SBS 2008 Answer File:
http://sbs.seandaniel.com/2008/08/gotcha-using-sbs-2008-answer-file.html

When you use the answerfile in the SBS migration, make sure that you leave the box for the Certificate Authority name totally BLANK.  Do not put in remote.domain.com.  If you do when you run the Set up your Internet Address wizard it will fail.  Consistently on remote.domain.com.  When you look at the log files in the DPCW.log file it may not be obvious what the problem is.  It’s only obvious when you compare it to a clean box that works:

This is what you see in a log file that uses remote.domain.com as the Certificate Authority name in the answer file (remember this is the WRONG thing to do)

[3256] 090123.145451.1200: CoreNet: Getting root cert
[3256] 090123.145451.1512: CoreNet: CA ConfigString: SBS2008.domain.local\remote.domain.com
[3256] 090123.145451.1668: CoreNet: CA ConfigString: SBS2008.domain.local\remote.domain.com

This is what it looks like on one that works:

[6968] 090131.220320.5839: CoreNet: Getting root cert
[6968] 090131.220320.6464: CoreNet: CA ConfigString: SERVER.smallbizco.local\smallbizco-SERVER-CA
[6968] 090131.220320.6777: CoreNet: CA ConfigString: SERVER.smallbizco.local\smallbizco-SERVER-CA

See the difference?  That CA is server.domain.local\CA proper name.  It cannot be remote.domain.com otherwise the Domain name wizard will not work.

One solution to the problem is to go into the Advanced settings and use some other URL:

Once in there then remove “remote” and use something else instead to prepend the web site URL for Remote Web Workplace access.  Because the CA is remote.domain.com as set by the answer file, you can’t now use remote.domain.com as your Domain name. 

Icky lesson to learn but next time, leave the CA box blank.

Thank you Peter for sharing your experience (and log files) on this!

 

Comments are closed.