Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Loading...
Loading...

INFO: Additional configuration to install Web Components on Windows Server 64 bit editions (including Exchange Server)

Expand / Collapse


This article applies to:

  • Trustwave MailMarshal (SEG) Web Components
  • Trustwave ECM/MailMarshal Exchange 7.X Web Components
  • MailMarshal (SEG) 10.X Array Manager/Management Console
  • Marshal Reporting Console
  • Microsoft SBS 2008 or 2011 (deprecated)
  • Microsoft Windows 2008, 64 bit editions (deprecated)
  • Microsoft Windows 2008 R2 and above
  • WSUS

Question:

  • What steps are required to install SEG Web Components on Microsoft SBS Servers?
    • Note that SBS is no longer supported by Microsoft
  • What steps are required to install the Web Components on Windows Server 64 bit editions?
  • What steps are required to install the Marshal Reporting Console on Windows Server 64 bit editions?
  • What steps are required to install MailMarshal (SEG) 10.X (Array Manager or standalone) on a Microsoft Exchange Server?
  • Event log error message: The Module DLL C:\Windows\system32\RpcProxy\RpcProxy.dll failed to load. The data is the error.
  • Error message: Could not load file or assembly 'MMInterfaceVB' or one of its dependencies. An attempt was made to load a program with an incorrect format.
  • Error message: The Module DLL 'C:\Program Files\Microsoft\Exchange Server\ClientAccess\Owa\auth\exppw.dll' could not be loaded due to a configuration problem. The current configuration only supports loading images built for a x86 processor architecture. The data field contains the error number.
  • Error message: HTTP Error 500.19 (Module: DynamicCompressionModule)

Procedure:

On supported 64 bit editions of Windows Server where certain Microsoft web components are running, additional steps are required after installation of MailMarshal (SEG) 10.X Management Console, MailMarshal Web Components or Marshal Reporting Console websites. These steps ensure that the Trustwave sites can co-exist with other applications.

Warnings:

    • Back up files before making changes.
    • Ensure that XML is correctly written. For general information about XML editing, see article Q12705.
    • Note that some lines below are wrapped for readability.
    • Note that if you edit the lines referring to the "exppw" or "cafe_exppw" module, you MUST change all of these lines. If you do not, browsing to any page will fail with HTTP error 500.
    • If you install service packs for Microsoft software (particularly Exchange/Outlook Web Access), re-check the entries in applicationhost.config. Service packs can overwrite changes to this file.
    • Depending on the software or Windows components installed, some of the below items may not apply.

To enable Web Components or Marshal Reporting Console:

  1. Run the following command with elevated privileges (note, the below line is wrapped for clarity but should be entered as a single line):

    %windir%\system32\inetsrv\appcmd.exe set config 
    -section:system.webServer/httpCompression /-[name='xpress']

    This command disables a compression module which is used by some Microsoft software. The module may not be installed on all servers. 
     
  2. Open a text editor or XML editor with elevated privileges (for instance, from the Start menu right-click Notepad and select Run as Administrator).

    In the file %windir%\system32\inetsrv\config\applicationhost.config:
    • change the line
      <add name="PasswordExpiryModule" image="C:\Windows\system32\RpcProxy\RpcProxy.dll" />

      to the following
      <add name="PasswordExpiryModule" image="C:\Windows\system32\RpcProxy\RpcProxy.dll"
      preCondition="bitness64" />
       
       
    • Note that the "image" part of the entries will depend on your local installation and you should not change it 
       
  3. If Outlook Web Access is installed on the server, perform the following additional steps.  
    • Note that the "image" part of the entries will depend on your local installation and version, and you should not change it.
    • Not all of these entries are present in every installation. You can ignore any entries that are not present.


    In the file %windir%\system32\inetsrv\config\applicationhost.config:
    •  change the line
      <filter name="Exchange OWA Cookie Authentication ISAPI Filter"
      path="C:\Exchange\ClientAccess\owa\auth\owaauth.dll" enabled="true"  />


      to the following
      <filter name="Exchange OWA Cookie Authentication ISAPI Filter"
      path="C:\Exchange\ClientAccess\owa\auth\owaauth.dll" enabled="true"
      preCondition="bitness64" />
       
       
    • change the line
      <filter name="Exchange ActiveSync ISAPI Filter"
      path="C:\Exchange\ClientAccess\sync\bin\AirFilter.dll" enabled="true"   />


      to the following
      <filter name="Exchange ActiveSync ISAPI Filter"
      path="C:\Exchange\ClientAccess\sync\bin\AirFilter.dll" enabled="true" 
      preCondition="bitness64" />
       
       
    • change the line
      <add name="exppw"
      image="C:\Program Files\Microsoft\Exchange Server\ClientAccess\Owa\auth\exppw.dll"  />


      to the following
      <add name="exppw"
      image="C:\Program Files\Microsoft\Exchange Server\ClientAccess\Owa\auth\exppw.dll" 

      preCondition="bitness64" />
       
       
    • change the line
      <add name="cafe_exppw"
      image="C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\bin\exppw.dll"  />


      to the following
      <add name="cafe_exppw"
      image="C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\bin\exppw.dll" 

      preCondition="bitness64" />
       
       
    • change the line
      <add name="kerbauth"
      image="C:\Program Files\Microsoft\Exchange Server\V14\Bin\kerbauth.dll"  />


      to the following
      <add name="kerbauth"
      image="C:\Program Files\Microsoft\Exchange Server\V14\Bin\kerbauth.dll" 

      preCondition="bitness64" />
       
       
    • change the line
      <add name="exppw" />

      to the following
      <add name="exppw" preCondition="bitness64" /> 
       
  4. If you do not want to require HTTPS (SSL), you may need to use IIS manager to disable this requirement for specific virtual websites or directories. 
  5. With the MailMarshal (SEG) 10.X Management Console, the default HTTPS binding conflicts with Exchange Server websites. Change the HTTPS binding of the SEG Management Console site.

You may need to recycle application pools and/or restart IIS in order to apply these changes.

Notes:

See also:

  • Q12920: SQM Website Configuration problems in SBS2008
  • Q14128: Web components return HTTP error 404 when installed on SBS
  • Q14353: Marshal Reporting Console on a WSUS server

To contact Trustwave about this article or to request support:


Rate this Article:
     

Related Articles



Add Your Comments


Comment submission is disabled for anonymous users.
Please send feedback to Trustwave Technical Support or the Webmaster
.