Error 0x8004010F on Laptops in an SBS 2008 Domain

There’s lots of chatter about error 0x8004010F in Outlook’s Sync Issues folder, and some very complex descriptions of why it occurs and how to resolve the problem. 

 

Our own environment, as well as many of our customers looks like this:

 

·         Small Business Server 2008

·         Single Domain SSL Certificate ($19.95 RapidSSL from Enom)

·         Client Laptops running Vista Business SP1 and Outlook 2007 SP1

·         A record configured in the Internet DNS Zone file for remote.domain.com pointing to the IP address of the SBS

·         SRV record configured in the Internet DNS Zone file for _autodiscover._tcp pointing to remote.domain.com

 

Even though Outlook 2007 was updated to use SRV records for mailbox synchronization via Outlook Anywhere (thus, allowing you to use a $19.95 SSL certificate instead of the more expensive, multi-domain ones) it was still having a problem using the SRV record for the Offline Address Book (OAB) because that was still looking for autodiscover.domain.com in order to sync.

 

If we followed the recommended solution and put a HOST A record for autodiscover.domain.com in the Internet DNS Zone File then we would have gotten a certificate mis-match error from the OAB sync since our SSL certificate was for remote.domain.com.  It seemed as though we were in a catch-22.

 

The situation was further complicated because for many of our clients, their home Internet connection was blazingly fast.  We decided to adjust the Outlook Anywhere settings to use HTTP on fast connections in addition to the default setting of using HTTP on slow connections instead of modifying the threshold (which wouldn’t have provided a consistent user experience).

 

This created a slew of 0x8004010F OAB sync errors every day.

 

The solution was fairly simple.  I just added a line in the laptop’s HOST file as follows:

 

123.456.789.0               autodiscover.domain.com

 

(using the SBS’s external IP)

 

The OAB sync errors stopped!  Problem solved!

The Change IP Address Tool

Changing the IP address on your SBS is much more than just changing the IP address of the Local Area Network Interface. There are at least EIGHT areas that must be modified and some of those require multiple changes. Luckily, SBS has the Change IP Address Tool! Many enterprise network administrators wish they had this on their servers. Here’s what it does (as quoted from Microsoft’s SBS Training Guide):

Configuration Actions

Once the user specifies a new IP address by running the Change IP Address Wizard and clicking "OK," the wizard will perform a series of actions to configure the server and appropriate services to use the new IP address.

Note: The tool will need to be able to detect whether the ISA, DHCP, and WINS services are enabled; if any of them are not, then the Wizard will not perform the configuration actions for those services.

Network Card

The tool will modify the IP address of the local network card to the new IP address and set the subnet mask appropriately. The Default Gateway of the internal network card will not be changed, so if there was a Default Gateway defined, it will still be defined after running the tool. If the Default Gateway is blank, (as it should be in most cases), then it will stay blank. In addition, the DNS and WINS server entries for the server will be changed to point back to the server itself. Therefore, on the external network adapter, the DNS settings will be configured to point to the internal network adapter.

DHCP Service

If the new IP address is in the same scope of the old IP address, the tool will simply add a new exclusion to the DHCP scope for the new server IP address. It will also set the following DHCP Scope Options. The tool will check the 003 Router option of the DHCP service, and if the router option is not set to the SBS server itself, it will not modify this option. Otherwise, it will reset the 003 Router option to match the new IP address of the SBS server.

If the new IP address is in a different scope from the old IP address, the tool will create a new scope based off of the new IP address, and follow the same configuration tasks that Server Setup performs.

DNS Service

The tool will update the DNS listeners by adding the new IP address to the list of IP addresses to listen to. It will also delete the reverse lookup zone if the zone no longer matches the new IP address, and create a new reverse lookup zone.

ISA/RRAS

If ISA is installed, the tool will need to construct a new LAT based upon the new IP address, and the outgoing Web requests configuration of ISA to remove the old IP address and add a listener for the new IP address.

If the server has been configured for a dial-up connection, the tool will modify the client address set created by ICW to change the IP address to the new private IP address of the SBS server.

If ISA is not installed, then the tool will check to see if RRAS is being used for firewall. If it is, the tool will update the IP address for inbound filters on the external network card.

Exchange

If Exchange is installed, and relay restrictions are defined for the SMTP service, the tool will delete the current relay restrictions, and add in a new set using the new IP address and subnet mask defined.

WINS

After making all changes, restart the WINS service to make sure changes are picked up.

Client Setup

The tool will update the server.txt file that is in the directory %system root%\Inetpub\ConnectComputer. It will need to modify the value for the server IP address to the new IP address of the server.

IIS

The tool will check the IIS permissions on the Default Web Site and its directories. For any directories that have had specific IP permissions set, the tool will modify those permissions to match the new local IP range.

If ISA is running on the server, the tool will run SBSIISConfig to configure IIS appropriately.

Logging

When the Change IP Address Tool is run, the tool will maintain a log of actions that it performs. This log file is kept in the directory %sbsprogramdir%\support. The file will be called changeiplog.txt. If the file does not already exist then the tool will create it. If the file does already exist, the tool will not overwrite the file but will instead append the new content to the end of the current file.

At the start of each run, the tool will log:

• Date/time of this run.

• Username of the user running the tool.

• Old IP address and subnet mask.

• New IP address and subnet mask.

• For each action performed by the tool, a success or failure message.

• If a failure occurs, log the error information provided by the service being configured.

• Any additional debugging information required.

Default Web Sites installed by SBS

On Experts-Exchange.com, I often have to describe the set of FOUR default web sites that are initially installed by SBS.  Because the formatting on EE’s posting tool does not provide for pre-formatted text, the list always comes out rather jumbled.  So, in the interest of clarity, I will post the information here:

Description

Identifier

State

Host header value

IP address

Port

SSL Port

Default Web Site

1

Running

  

*All Unassigned*

80

443

Microsoft SharePoint Administration

2

Running

  

*All Unassigned*

8109

  

SharePoint Central Administration

3

Running

  

*All Unassigned*

8081

  

companyweb

4

Running

companyweb

192.168.16.2

80

444

 

Please note. There are two items above which may be different on your SBS:

  1. Microsoft SharePoint Administration Port – 8109 is a random port assigned during installation. Yours may be different.
  2. Companyweb IP address. This should be the INTERNAL IP address of your SBS. Yours may be different.

SBS 2003 Virtual Lab

You don’t have the time or resources to set up your or your customer’s new Small Business Server in a lab environment?  Then check out these terrific virtual lab demonstration!  The lab is split into two 90-minute parts so that you can digest the information more easily:

Microsoft Small Business Server 2003 Technical Overview Part 1 Virtual Lab

This lab is designed to show the major features in Windows Small Business Server 2003 in a fresh out-of-the-box installation. The majority of time is spent on features that exist in both Standard and Premium Editions, we will also include a demonstra…

[StartDate: 10/24/2005 12:00 AM; EndDate: 12/31/2007 11:59 PM; Duration: 90 min; PrimaryLanguage: English; TargetAudience: IT Professional; StarRating: 0; ]

 

Microsoft Small Business Server 2003 Technical Overview Part 2 Virtual Lab

This lab is designed to show major features in Windows Small Business Server 2003 in a fresh out-of-the-box installation. The majority of time is spent on features that exist in both Standard and Premium Editions, we will also include a demonstration…

[StartDate: 12/29/2006 12:00 AM; EndDate: 12/31/2007 11:59 PM; Duration: 90 min; PrimaryLanguage: English; TargetAudience: IT Professional; StarRating: 0; ]