Isa Error 0x8007003a
(Русский)ישראל (עברית)المملكة العربية السعودية (العربية)ไทย (ไทย)대한민국 (한국어)中华人民共和国 (中文)台灣 (中文)日本 (日本語) HomeProductsLibraryLearnDownloadsSupportForums Ask a question Quick access Forums home Browse forums users FAQ Search related threads Remove From My Forums Answered by: cannot join server to array error 0x8007003a Forefront > Read Only - Forefront Edge Security - Installation, Upgrade, and Setup Question 0 Sign in to vote I have two servers with TMG 2010 installed as workgroup scenario. I have followed the steps in http://technet.microsoft.com/en-us/library/dd440981.aspx#newmanager. Server 1 is the desigated array manager and server 2 will join teh array. When trying to join server 2 to teh array, i get the error 0x8007003a The specified server cannot perform the requested operation. I can from server 2 establish a SSL LDAP Session on port 2172 which according to this article means I should be able to join server 2 to the array http://technet.microsoft.com/en-us/library/ee658149.aspx. Anyone have any clue as to what may be the problem? Tuesday, May 25, 2010 8:10 AM Answers 0 Sign in to vote Apologies for the late post but I do have an answer! Turns out TMG uses certificates with SANs' differently. When a certificate with a SAN is used, TMG ignores the CN and uses the SAN. I had a certificate on the array manager (server1) with a CN of server1.domain.local.uk but the SAN was just server1. TMG ignored the SAN and used server1 in the SAN field hennce the certificate error stated earlier in the thread. The rest were just red herrings! Replacing the certificate with one without a SAN fixed the issue! Don't we just love Microsoft products! Marked as answer by KelvinChiggs Thursday, June 03, 2010 3:21 PM Wednesday, June 02, 2010 8:48 AM All replies 0 Sign in to vote This series of articles may help? http://blog.msedge.org.uk/2010/05/workgroup-deployment-with-forefront-tmg.html http://blog.msedge.org.uk/2010/05/workgroup-deployment-with-forefront-tmg_18.html http://blog.msedge.org.uk/2010/05/workgroup-deployment-with-forefront-tmg_19.html Cheers JJ Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk Tuesday, May 25, 2010 2:15 PM 0 Sign in to vote Look in the \windows\temp directory. There are .log files that are created that usually help to figure out where it is failing. Tuesday,
work group Scenario - part2-error code=0x8007003a ★★★★★★★★★★★★★★★ Suraj Singh MSFTSeptember 9, 20090 Share 0 0 Scenario is same as mentioned in the post for installation of ISA server in workgroup. Getting error " An attempt to establish an SSL channel with the Configuration Storage server computer failed." Error code=0x8007003a Error description= The specified server cannot perform the requested operation. This can happen if you have not installed the root certificate of the Issuing Authority i.e Certification Authority in the trusted CA computer store on the server. So the first thing to check in this scenario is if rootCA certificate is installed on the trusted CA https://social.technet.microsoft.com/Forums/forefront/en-US/8efb1837-850c-48fb-b1ed-537cd5832489/cannot-join-server-to-array-error-0x8007003a?forum=Forefrontedgesetup certificate store or not? If yes then check if its correct and not expired. IfCA certificate is correct thenwe can use a tool called ldp that comes along with windows support tools, install windows support tools on Isaserver2.contoso.comand then open ldp and connect to Isaserver1.contoso.com (i.e. css server) on port 2172with ssl. if theabove mentionedtest fails then repeat the ldp connect steps from the CSS server i.e. Isaserver1.contoso.com to itself https://blogs.technet.microsoft.com/sooraj-sec/2009/09/09/troubleshooting-installtion-issues-of-isa-server-2006-in-work-group-scenario-part2-error-code0x8007003a/ and see if you can connectusing port 2172 with ssl.If yes then the server authetication certificate is correct and ssl part is functional ,if not then issue could be related to the certificates. . Things that you would like to check regarding the certificates on the CSS server are: a.Check the server authentication certificate first. b. To whom this certificate is issued and does it match the name of the CSS server i.e. is it issued to Isaserver1.contoso.com? c. Is this certificate expired? what's the validity period for this certificate? d. Does this certificate have the private key? e. Who is the Issuing Certificate Authority? f. Then check the certificate of theIssuing Certificate Authority andits validity period. Will discuss variations to this scenario in mycoming posts. Regards, Suraj singh
Tags Error code=0x8007003a Comments (0) Cancel reply Name * Email * Website Follow UsPopular TagsBy pass ISA/TMG UAG Teredo high load windows update fails with 80072f8f on TMG WPAD FIM Oracle MA set up autodetect Pass The Hash IPSEC TMG VMware client cert authentication TMG ActiveSync DHCP option 252 TMG installation issue The requested resource is in use tunnel port range ISA/TMG builds Memory pool for SSL ISA /TMG Form based Authentication with LDAPS UAG DA IPHTTPS intermittent discaddress from host isa error name i1.blogs.technet.com The DNS server returned: Name Error: The domain name does not isa error 0x8007003a exist. This means that the cache was not able to resolve the hostname presented in the URL. Check if the address is correct. Your cache administrator is webmaster. Generated Wed, 19 Oct 2016 08:55:23 GMT by s_wx1011 (squid/3.5.20)