Hosting Multiple Domains on SBS 2003

Let’s start with E-mail
For E-mail, the first thing you need to do is make sure your Internet domain’s MX records are pointing to your SBS server’s IP address, feel free to use backup a MX record, or even dynamic dns (I do!), depending on your own situation.
For the first email domain, follow the normal SBS wizards (Primarily CEICW) to configure your first and primary domain that you will want to use. Congratulations, your first domain is configured! 🙂

Adding additional domains to Exchange
To do this, we’re going to edit the default recipient policy:

 

1. From Server Management, expand Advanced Management, First Organization, Recipients and select Recipient Policies
2. Right-click on the Default Policy and choose Properties
3. On the E-Mail Address (Policy) tab, click the New button
4. Select SMTP Address from the list and click OK
5. Type in the name of the domain in the format @domain.com and choose OK. Leave the check box checked
6. Check the box next to your new domain in the Default Domain Properties window, and click OK

Now that you’ve added this into the policy, Exchange will become aware of this domain and start responding to mail from it. This change will take effect the next time Exchange updates its policies, let’s not wait that long.

 

1. Select the Recipient Update Service from the console
2. Right-click on both policies on the right and choose Update Now

This forces Exchange to update the policies now, so you don’t have to wait.

You will now be able to notice all of your users have an 3 email addresses:

 

·                  user@domain.local – added by SBS for your internal domain. It’s suggested you keep this email address for this user as it is used by some SBS tools

·                  user@domain1.com – this is the first domain you added using CEICW

·                  user@domain2.com – this is the second domain you just added

That’s as far as I went, since I wanted all my users to receive email from both domains, but what if you don’t want this?

Micro-manage!

To micromanage which users have which email addresses simply:

 

1. Change to the Users’ snap-in and right-click on a user
2. On the E-mail Addresses snap-in, uncheck the box at the bottom that says Automatically update e-mail addresses based on receipient policy
3. Remove any email address you don’t want the user to receive email at and add any additional email addresses in your configured domains. Don’t forget to keep the domain.local e-mail address!
4. Set the primary one to be the email address the user will send email as

 

There you have it, if your domain MX records are configured correctly, the SBS box will receive e-mail for both domains!
You can add any number of domains using this process. Moreover, you can add any number of email addresses to a specific user within a given domain using micromanage tactics.

 

Adding more websites to your SBS Box
IIS is really quite a cool application that makes it very easy to add additional websites to your SBS box without much effort. Here’s how:

 

1. Open Server Management, expand Advanced Management, Internet Information Services, {ServerName}, and Web Sites
2. Right click on Web Sites, and choose New, Web Site
3. Click Next on the Welcome to the Web Site Creation Wizard
4. Type in a description to help you easily identify the website and click Next
5. Leave the IP address as All Unassigned and the port as 80. But put in a host header, this is what will tell IIS to answer web requests using this virtual server. You should put in the domain name you would browse to such as: www.mydomain.com, if you spell this wrong, IIS will not serve up the webpage to the requesting browser
6. Choose the location for the actual files (it’s best if you can keep this away from the system drive, for security reasons), and choose if you want anonymous access or not, depending on what type of website you are trying to create
7. Finally, choose the permissions for the website. Since you’re running on your Domain Controller, and Exchange, I suggest leaving the default, read and run scripts
8. Finish the wizard

You will see you’re newly created website appear in the list with the description you gave it. Now just start plugging webfiles into the directory that you chose and you’re hosting multiple websites on your sbs box.

Too easy? Why did you read the entire post then? ;o)

Troubleshooting Tips
I thought I’d toss a few troubleshooting tips in here, since I ran into these:

 

·                  If the webpage shows up as your default web site, your host header doesn’t match what the browser is asking for, and the default web site will answer all un-answered calls

·                  Get a page not found? your default start document is probably not one of the ones IIS will choose, try using default.htm or default.asp. You can change the default document in the properties of the website too

·                  If you want SSL encryption, you’re going to have issues with the SBS self-signed cert. Change your website to a new port that’s not in use and ensure the port is open on your firewall (SSL bypasses host headers since the data is encrypted as it passes into IIS). But your users will always get a pop-up since the certificate on your SBS box is programmed to be linked to the primary domain via CEICW, and will always pop-up when the domain is different

 

Well, you use UPN Suffixes.

UPN stands for User Principal Name, which is essentially a fancy computer-lingo’d way of saying: use your e-mail address to log in.

When you enable this, users will be able to go to the Remote Web Workplace and log in using their email address, instead of just their username. Might make it easier to give some users their email address instead of explaining the username versus email address idea.

How to set it up:

1. Click on Start, Administrative Tools, Active Directory Domains and Trusts
2. In the console that loads, right click on the root node called Active Directory Domains and Trusts and choose Properties
3. Add your domain suffixes in in the format domain.com

Now your AD knows that it is the root domain controller responsible for these domains.

Close out this console and go back into Server Management. In the Users snap-in, we need to tell the AD what the primary suffix is for each user:

1. Right-click a user and choose Properties
2. On the Account tab, change the drop down box for the User logon name to be the suffix you want this user to have. Note it will add the ‘@’ sign for you, if you see 2 ‘@’ signs, you’ve done the first step wrong
3. Choose OK for that user

You’ll have to repeat this for all the users in your AD, but when you are finished, you can give your users an email address and a password, they won’t need that funky “username”.

It made life less confusing for my grandfather, that’s for sure. :o)

One last thing. Since SBS shares the AD with all domains, you cannot have two aliases the same, so you should use combination usernames of first and last name, instead of just “dave” or “sean”, otherwise user on domain1 might have the “cool” user name, while user on domain2 does not. 

Adding more websites to your SBS Box
IIS is really quite a cool application that makes it very easy to add additional websites to your SBS box without much effort. Here’s how:

 

1. Open Server Management, expand Advanced Management, Internet Information Services, {ServerName}, and Web Sites
2. Right click on Web Sites, and choose New, Web Site
3. Click Next on the Welcome to the Web Site Creation Wizard
4. Type in a description to help you easily identify the website and click Next
5. Leave the IP address as All Unassigned and the port as 80. But put in a host header, this is what will tell IIS to answer web requests using this virtual server. You should put in the domain name you would browse to such as: www.mydomain.com, if you spell this wrong, IIS will not serve up the webpage to the requesting browser
6. Choose the location for the actual files (it’s best if you can keep this away from the system drive, for security reasons), and choose if you want anonymous access or not, depending on what type of website you are trying to create
7. Finally, choose the permissions for the website. Since you’re running on your Domain Controller, and Exchange, I suggest leaving the default, read and run scripts
8. Finish the wizard

You will see you’re newly created website appear in the list with the description you gave it. Now just start plugging webfiles into the directory that you chose and you’re hosting multiple websites on your sbs box.

Too easy? Why did you read the entire post then? ;o)

Troubleshooting Tips
I thought I’d toss a few troubleshooting tips in here, since I ran into these:

 

·                  If the webpage shows up as your default web site, your host header doesn’t match what the browser is asking for, and the default web site will answer all un-answered calls

·                  Get a page not found? your default start document is probably not one of the ones IIS will choose, try using default.htm or default.asp. You can change the default document in the properties of the website too

·                  If you want SSL encryption, you’re going to have issues with the SBS self-signed cert. Change your website to a new port that’s not in use and ensure the port is open on your firewall (SSL bypasses host headers since the data is encrypted as it passes into IIS). But your users will always get a pop-up since the certificate on your SBS box is programmed to be linked to the primary domain via CEICW, and will always pop-up when the domain is different

Customizing the text on Remote Web Workplace
If you’re like me, and you don’t want the Remote Web Workplace to say one domain and not the other, you want to change things up a bit. Remote Web Workplace still asks you for your user name instead of an email address.

You can change this text, pretty easily infact! In c:\inetpub\remote, is all the files the remote web workplace uses for website. This includes the text file web.config. This is probably one of the most important files for the functionality of Remote Web Workplace, so make sure you back this up before you start editing it.

However, if you open it up in a text editor, like Notepad, you’ll be able to see in the {appSettings} section there is a list of all the strings. If you know a little bit about coding, you can go in and change strings in the ‘value=’ section. Just becareful with special characters, especially quotes as they might muck up the whole file (which is where the backup comes in handy). If you want to use quotes, be sure to use the html version of these like “&__” for the special charactor your looking for.

If you want to change the string “Username” to “E-mail address” scroll down the list until you find the L_LOGON_USER_NAME and change the string between the quotes for value= to “E-mail address”.

You will have to do an iisreset.exe at the command prompt to make the changes take effect, and all of your users will be logged out of Remote Web Workplace each time you make an edit to this file.

But hey, it’s fun to play with. If you’re feeling risky, you can even go in and edit the ASPX code to say ….. add your own logo?