Question

Locked

joining isa server to an existing array

By nashwa_souelem ·
My problem
When I try to add an additional ISA 2004 ent server to an existing array I get the following error on the locate configuration storage server section of the setup.

"Setup failed to connect to the specified Configuration storage server computer. This may be because the local computer needs to be added to the Managed ISA Servers computer set.
Error code = 0x8007203a
Error description = The server is not operational"

Current setup is 2 isa servers, a separate CSS server. We are trying to add a 3rd ISA server.

Two ISA servers and the CSS server are in the same domain. The 3rd I'm trying to add is in a workgroup. e.g.

css = css.bestlife.eg
Array 1
isa1 = isa1.bestlife.eg
isa2 = isa2.bestlife.eg


Array 2
isa3 which I try to join it to the css

I verified the system policy and the new isa (isa3) is listed in the "local configuration storage server access" policy on the configuration storage server.

NOTE: before installing css in (css.bestlife.eg) I install a computer certificate with the name (css.bestlife.eg) from a local certificate authority and export it. when I was installing css I selected the option (i'm deploying in a work group or in domains without trust ),so it asked me to browse to the certificate and I did and the installation was successful.

I changed the properties of the array 2 in the configuration storage server tab as I made the authentication ssl instead of windows authentication

I made a publish server access rule in order to let isa3 connect to the css

I have installed a computer certificate with the name isa1.bestlife.eg in isa1 and the same for isa2 I have installed a computer certificate with the name isa2.bestlife.eg

Second, I exported the self signed certificate from the local CA and installed it
in the trusted root of the workgroup server (ISA3) in order to trust the certificate coming from css


Please help...

NOTE: before installing css in (css.bestlife.eg) I install a computer certificate with the name (css.bestlife.eg) from a local certificate authority and export it. when I was installing css I selected the option (i'm deploying in a work group or in domains without trust ),so it asked me to browse to the certificate and I did and the installation was successful.

I changed the properties of the array 2 in the configuration storage server tab as I made the authentication ssl instead of windows authentication

I made a publish server access rule in order to let isa3 connect to the css
the published server is css ,listen to :external,from field:isa3

I typed the IP and the name of css in the hostfile of isa3 and I checked that isa3 can resolve css.bestlife.eg

I have installed a computer certificate with the name isa1.bestlife.eg in isa1 and the same for isa2 I have installed a computer certificate with the name isa2.bestlife.eg

Second, I exported the self signed certificate from the local CA and installed it
in the trusted root of the workgroup server (ISA3) in order to trust the certificate coming from css


Please help..

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Share your knowledge

Related Discussions

Related Forums