[isalist] Re: RCP over HTTP Assistance needed
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Mon, 29 May 2006 10:45:25 -0700
http://www.ISAserver.org
-------------------------------------------------------
You said (and I quote from further down the thread):
1) The security certificate is from an untrusted certifying authority
2) The security certificate date is valid
3) The name on the security certificate is invalid or does not match the name
of the site.
All of these generate a "500" error in ISA.
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Tom Rogers
Sent: Saturday, May 27, 2006 16:33
To: isalist@xxxxxxxxxxxxx
Subject: RE: [isalist] Re: RCP over HTTP Assistance needed
But Jim, I never saw a "500" error anywhere - if I saw this error message, I
would have tracked it down in the documentation. My OWA rule work perfectly
fine.
________________________________
From: isalist-bounce@xxxxxxxxxxxxx on behalf of Jim Harrison
Sent: Sat 5/27/2006 1:48 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: RCP over HTTP Assistance needed
http://www.ISAserver.org <http://www.isaserver.org/>
-------------------------------------------------------
You haven't followed the advice, books, or articles.
If you had, you wouldn't be seeing the errors you're quoting.
You've been getting the answers to the questions you ask.
Q - Why does ISA produce a "500" error for my OWA rule?
A1 - the certificate installed on ISA must be issued by a CA that is in the
local machine trusted root store. This is equivalent to the IE "
The security certificate is from an untrusted certifying authority"
popup. Install the CA cert in the ISA trusted root store. If ISA the CA
certificate installed in the local machine trusted root store, this error will
stop. This error will cease if the CA cert is installed in the ISA local
machine trusted root store. Install the CA certificate in the local machine
trusted roots store and this error will stop.
A2 - the common name in the certificate does not match the data in the "server"
field of the "To" tab in the web publishing rule. ISA gives you an "target
principle name is incorrect" in this case. This is equivalent to the IE "The
name on the security certificate is invalid or does not match the name of the
site" error. Change the data in the "server" field of the "To" tab in the web
publishing rule to match the common name in the certificate. If you use the
same data in the "server field of the "To" tab of the web publishing rule as
fond in the Exch cert common name, this error will cease. This error will stop
if the "server" field in the "To" tab of the web publishing rule matches the
common name of the certificate installed on the Exchange server.
A3 - the certificate errors have *nothing* to do with the path portion of
either the client request or the web publishing rule. The path portion of the
web publishing rule is not in any way affecting ISA serve's ability to acquire
or evaluate the certificate offered by the Exch server. The certificate
offered by the Exch server has no relationship to the path data in the web
publishing rule. There are no errors related to the certificate offered by the
web publishing rule and the path specified in the rule or requested by the
client. There is nothing you can do to solve the non-existent errors that have
no relationship between these two things.
Go back and re-read the relevant sections in the book, articles and KBs related
to certificates and ISA server.
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Tom Rogers
Sent: Friday, May 26, 2006 7:53 PM
To: isalist@xxxxxxxxxxxxx
Subject: RE: [isalist] Re: RCP over HTTP Assistance needed
Dynip.com will not allow me to obtain a Certificate from VeriSign or any other
public, trusted CA and apply it to our DDNS name
(company.dynip.com)
If I have to get a certificate from VeriSign or any other public, trusted CA, I
will have to get a static IP.
BTW, I'm just wondering why most of the help I get on this discussion list is
so convoluted? When I ask a question, I never get a direct answer, it's always
some obscure, sometimes pretentious, sarcastic statement.
I really appreciate the free advice given here by you highly trained experts on
ISA, but for those of us who are rookies and are just trying to get ISA working
like it should, those of use who do not have an IQ of 200, need something more.
If someone asks, "How do you get such and such a function to work right?",
someone should be able to say, "Do this, this, this, then that, then you should
be fine." Or at least give a direct link to a tutorial, whitepaper, tech note,
whatever. Instead of getting an answer like, "It's right there on the website."
This is what I need to know:
The certificate for my EXCHANGE box is installed on the ISA box - I exported it
from the EXCHANGE box and imported it into ISA. Is this not good enough? All I
want to know at this point is - can I use a certificate created by an internal
network CA for RPC over HTTP from the outside world, or not. Do I have to have
a 3rd party (ie: VeriSign) certificate to get RPC over HTTP working from the
outside? If so, I will go get a static IP, get a registered domain name for
that IP, get the certificate, and be done with it.
But since OWA works fine with a certificate issued on my internal network CA,
why can't RPC over HTTP? I would like to know the WHY.
Thanx,
-TRogers
________________________________
From: isalist-bounce@xxxxxxxxxxxxx on behalf of Jim Harrison
Sent: Fri 5/26/2006 4:44 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: RCP over HTTP Assistance needed
http://www.ISAserver.org <http://www.isaserver.org/>
<http://www.isaserver.org/>
-------------------------------------------------------
"Dynip.com will not allow certificates to be assigned to their customer DNS
records"?!?
Can you clarify this?
Certificates are not assigned to DNS records at all.
Are you saying that they don't support redirection to HTTPS?
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Tom Rogers
Sent: Friday, May 26, 2006 1:11 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: RCP over HTTP Assistance needed
http://www.ISAserver.org <http://www.isaserver.org/>
<http://www.isaserver.org/>
-------------------------------------------------------
OWA is working fine - no issues at all.
The certificate for the EXCHANGE box is installed on the ISA box - I exported
it from EXCHANGE and imported it into ISA. Is this not good enough?
And I was not recv'ing any error messages, not in the Event logs, not on the
screen, etc. The ONLY error I recv'd was "Your Exchange Server is offline or
not available." Not even any error messages in the Outlook Client Connections
box. If I had error messages coming at me, I would be looking at the docs and
KBs - no problem.
I'm not totally pathetic. ISA is the ONLY software I have had any trouble
mastering. I have read TShinders books, MS TechNet, White Papers, etc and ISA
know-how still eludes me for some reason.
So basically, in order to use RPC over HTTP from the outside I need to obtain a
3rd party certificate from VeriSign or someone like that in order for this to
work?
If that is the case, I will also have to get a static IP because Dynip.com will
not allow certificates to be assigned to their customer DNS records.
-TRogers
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison
> Sent: Friday, May 26, 2006 3:47 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: RCP over HTTP Assistance needed
>
> http://www.ISAserver.org <http://www.isaserver.org/>
> <http://www.isaserver.org/>
> -------------------------------------------------------
>
> There are *lots* of documents describing how to configure OWA with
> ISA.
> You're hitting the most common failures; that of not matching the
> certificate name to the request.
>
> There are *lots* of documents & kbs that address the errors ISA is
> throwing at you - you're ignoring them by playing in the path when the
> errors are specifying "certififcate".
>
> All those errors are what ISA considers to be a bogus cert.
> ISA will not accept a certificate that:
> - is not from a CA that ISA can find in the local machine trusted
> roots store
> - does not match the hostname used in the "To" tab of the publishing
> rule
>
> ISA has no way to "ask the user" if he wants to allow a bogus
> certificate.
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
> [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Tom Rogers
> Sent: Friday, May 26, 2006 12:37 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: RCP over HTTP Assistance needed
>
> http://www.ISAserver.org <http://www.isaserver.org/>
> <http://www.isaserver.org/>
> -------------------------------------------------------
>
> Ok, I was not able to create a 2nd listener as the IP port used was
> the same (443). So I added the /Rpc/* folder onto the original secure
> OWA ISA rule - again.
>
> Still cannot get it to connect from the outside world. Client setup is
> verified accurate. Once again, with ISA 2004, I am clueless.
>
> This is the hardest to use/configure piece of software I have ever
> used in my life.
>
> I don't get it, RPC over HTTP works fine from the inside, which means
> it's ISA 2004, but what, where, how, when, why?
> I've no idea.
>
> Maybe - because I am using an SSL Certificate that was issued by a CA
> *INSIDE* my internal network, not a public CA, could this be the
> issue?
> When I use OWA, I have to click YES on the security alert pop up
> message. This says:
>
> 1) The security certificate is from an untrusted certifying authority
> 2) The security certificate date is valid
> 3) The name on the security certificate is invalid or does not match
> the name of the site.
>
> On item #3, the Certificate has been issued to an internal server
> called EXCHANGE (name on the certificate) and in order to get to this
> box via the Internet/ISA 2004, the URL I use is company.dynip.com -
> which of course is not the same name as EXCHANGE.
>
> I'm lost...
>
> -TRogers
>
>
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder
> > Sent: Friday, May 26, 2006 2:16 PM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Re: RCP over HTTP Assistance needed
> >
> > http://www.ISAserver.org <http://www.isaserver.org/>
> > <http://www.isaserver.org/>
> > -------------------------------------------------------
> >
> > Yes.
> > >From my boat somewhere in Texas
> >
> > -----Original Message-----
> > From: "Tom Rogers"<trogers@xxxxxxxxxxxxxxxxxx>
> > Sent: 5/26/06 1:00:04 PM
> > To: "isalist@xxxxxxxxxxxxx"<isalist@xxxxxxxxxxxxx>
> > Subject: [isalist] Re: RCP over HTTP Assistance needed
> >
> > Tom,
> >
> > Should the Authentication on the new listener be BASIC?
> >
> > -TRogers
> >
> >
> >
> > ________________________________
> >
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder
> > Sent: Friday, May 26, 2006 9:55 AM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Re: RCP over HTTP Assistance needed
> >
> >
> > You can't use FBA on the same listener that the
> RPC/HTTP WPR uses.
> >
> > Tom
> >
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org <http://www.isaserver.org/>
> > Blog: http://blogs.isaserver.org/shinder/
> > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
> > MVP -- ISA Firewalls
> >
> >
> >
> >
> > ________________________________
> >
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Tom Rogers
> > Sent: Friday, May 26, 2006 8:19 AM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Re: RCP over HTTP Assistance needed
> >
> >
> > Ok - duh had a brain cramp.
> >
> > Anyway - it works fine internally - so it has
> to be my ISA rule.
> > Now, how do I correct that? Is it possible for me to use
> the current
> > OWA access rule that I have in place and just add the
> /RPC/* folder to
> > the list or what?
> > Below is how my rule is setup for OWA and RPC over HTTP...
> >
> > General - Company OWA (Enable)
> > Action - Allow (Log Requests)
> > From - Anywhere
> > To - EXCHANGE (Forward the original host
> > header) (Requests appear to come from ISA)
> > Traffic - HTTPS (Require 128 bit encryption)
> (Filtering, configure
> > HTTP - all defaults)
> > Listener - Secure HTTPS Listener Exchange
> (Networks - external; HTTP
> > disabled; HTTPS 443; Certificate - Exchange; Authentication - OWA
> > Forms Based; Always Authenticate - No; Domain -
> > Company.net)
> > Public Name - company.dynip.com (Requests for
> the following
> > websites)
> > Paths - /exchange/* /exchweb/* /public/* /Rpc*
> > /RpcWithCert*
> > Bridging - Web Server, Redirect SSL to 443 (Only)
> > Users - All Users
> > Schedule - Always
> > Link Translation - Defaults
> >
> > Thanx,
> >
> > -TRogers
> >
> >
> >
> >
> > ________________________________
> >
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat
> > Sent: Thursday, May 25, 2006 4:06 PM
> > To: ISA Mailing List
> > Subject: [isalist] Re: RCP over HTTP
> Assistance needed
> >
> >
> >
> > You change the connection type within
> the properties of the Outlook
> > profile.
> >
> >
> >
> > S
> >
> >
> >
> > ________________________________
> >
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Tom Rogers
> > Sent: Thursday, May 25, 2006 4:59 PM
> > To: ISA Mailing List
> > Subject: RE: [isalist] Re: RCP over
> HTTP Assistance needed
> >
> >
> >
> > Not sure how to connect internally
> using HTTPS with Outlook 2003.
> > OWA works fine internally. I can browse to the RPC virtual
> server on
> > the intranet and I can connect fine (as per Microsoft's
> instructions)
> >
> >
> >
> > Security policies are fine.
> >
> >
> >
> > -TRogers
> >
> >
> >
> > ________________________________
> >
> > From: isalist-bounce@xxxxxxxxxxxxx on
> behalf of Young, Gerald G
> > Sent: Thu 5/25/2006 3:40 PM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Re: RCP over HTTP
> Assistance needed
> >
> > http://www.ISAserver.org
> > <http://www.isaserver.org/>
<http://www.isaserver.org/>
> > <http://www.isaserver.org/>
> >
> > -------------------------------------------------------
> >
> > Tom,
> >
> > Did you try connecting internally to
> your mailbox using RPC/HTTPS?
> > Does
> > that work?
> >
> > Also, check the Network security: LAN
> Manager authentication level
> > in
> > the security policy on both the server
> and the client(s). Are they
> > compatible?
> >
> > Cordially yours,
> > Jerry G. Young II
> > MCSE (4.0/W2K)
> > Atlanta EES Implementation Team Lead
> > ECNS Microsoft Engineering
> > Unisys
> >
> > 11493 Sunset Hills Rd.
> > Reston, VA 20190
> > Office: 703-579-2727
> > Cell: 703-625-1468
> >
> > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL
> > AND/OR OTHERWISE PROPRIETARY
> > MATERIAL and is thus for use only by
> the intended recipient. If you
> > received this in error, please contact
> the sender and delete the
> > e-mail
> > and its attachments from all computers.
> >
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > On Behalf Of Tom Rogers
> > Sent: Thursday, May 25, 2006 11:49 AM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] RCP over HTTP Assistance
> > needed
> >
> > http://www.ISAserver.org
> > <http://www.isaserver.org/>
<http://www.isaserver.org/>
> > <http://www.isaserver.org/>
> >
> > -------------------------------------------------------
> >
> > Ok, I have been trying to implement RPC
> over HTTP so that my road
> > warrior users can connect to the internet then
> > use Outlook 2003 without
> > VPN. Things have not gone as expected,
> I keep getting a "Microsoft
> > Exchange Server is unavailable" error message.
> > Looking at the Connection
> > Status when trying to connect Outlook
> > 2003 to the Exchange server, I get
> > the following...
> >
> > SERVER TYPE CON
> > STATUS
> > ------ ---- ---
> > ------
> >
> > ---- Directory ----
> > Connecting
> > server.internal.net Referral ----
> > Connecting
> >
> > Then these disappear and I get the
> "Microsoft Exchange Server is
> > unavailable" error.
> >
> >
> > I walked through all of Microsoft's
> troubleshooting steps and using
> > RPCDUMP.EXE on the Exchange box, this
> is what I found...
> >
> > ncacn_http(Connection-oriented TCP/IP
> using Microsoft Internet
> > Information Server as HTTP proxy.)
> >
> > 192.168.1.5[6002]
> > [1544f5e0-613c-11d1-93df-00c04fd7bd09] MS Exchange
> > Directory RFR Interface :ACCESS_DENIED
> > 192.168.1.5[6002]
> > [f930c514-1215-11d3-99a5-00a0c9b61b04] MS Exchange
> > System Attendant Cluster Interface
> > :ACCESS_DENIED
> > 192.168.1.5[6002]
> > [83d72bf0-0d89-11ce-b13f-00aa003bac6c] MS Exchange
> > System Attendant Private Interface
> > :ACCESS_DENIED
> > 192.168.1.5[6002]
> > [469d6ec0-0d87-11ce-b13f-00aa003bac6c] MS Exchange
> > System Attendant Public Interface :ACCESS_DENIED
> >
> > 192.168.1.5[6004]
> > [f5cc5a18-4264-101a-8c59-08002b2f8426] MS Exchange
> > Directory NSPI Proxy :ACCESS_DENIED
> > 192.168.1.5[6001]
> > [a4f1db00-ca47-1067-b31f-00dd010662da] Exchange 2003
> > Server STORE EMSMDB Interface :ACCESS_DENIED
> > 192.168.1.5[6001]
> > [99e64010-b032-11d0-97a4-00c04fd6551d] Exchange Server
> > STORE ADMIN Interface :ACCESS_DENIED
> > 192.168.1.5[6001]
> > [99e64010-b032-11d0-97a4-00c04fd6551d] Exchange Server
> > STORE ADMIN Interface :ACCESS_DENIED
> > 192.168.1.5[6001]
> > [89742ace-a9ed-11cf-9c0c-08002be7ae86] Exchange Server
> > STORE ADMIN Interface :ACCESS_DENIED
> > 192.168.1.5[6001]
> > [a4f1db00-ca47-1067-b31e-00dd010662da] Exchange Server
> > STORE ADMIN Interface :ACCESS_DENIED
> >
> > Ok so let me start at the beginning now...
> >
> > ENVIRONMENT
> > -----------
> > (OUTSIDE WORLD) (PERIMETER)
> > (INTERNAL NETWORK - SEPARATE PHYSICAL SERVERS
> > EACH)
> >
> > Client PC ---> INTERNET ---> ISA 2004 SP2 Server
> > ---> Exchange Server
> > 2003 SP2 -----> W2K3 SP-1 Domain
> > Controller/Global Catalog Server 1
> > XP SP-2 W2K3 SP-1
> > W2K3 SP-1
> > \
> >
> > --> W2K3 SP-1 Domain Controller/Global
> Catalog Server 2
> >
> > How I setup RPC over HTTP (Server Side)...
> > ---------------------------------------
> > 1) CONFIGURE A SERVER AS AN RPC PROXY SERVER
> > On my Exchange server (my ONLY
> > one) I installed the RPC over
> > HTTP component from the Add/Remove
> Programs - Windows Components
> >
> > 2) CONFIGURE THE RPC VIRTUAL DIRECTORY IN IIS
> > In Internet Information Services (IIS)
> > Manager, right-click the
> > RPC virtual directory, and then click
> Properties.
> > In the RPC Virtual Directory
> Properties page, on the
> > Directory
> > Security tab, in the Authentication and
> access control pane, click
> > Edit.
> >
> > In the Authentication Methods
> window, verify that the check
> > box
> > next to Enable anonymous access is cleared.
> > In the Authentication Methods
> window, under Authenticated
> > access, select the check box next to
> Basic authentication and click
> > OK
> > to warning
> > I did NOT choose Integrated
> Windows authentication (NTLM)
> > because of the following:
> > It is recommended that
> you use Basic authentication
> > over
> > NTLM because of two reasons. First, RPC
> over HTTP currently
> > supports
> > only NTLM - it
> > doesn't support Kerberos.
> > Second, if there is an HTTP
> > Proxy or a firewall between the RPC
> over HTTP client and the RPC
> > Proxy,
> > which inserts
> > via the pragma in the
> HTTP header, NTLM
> > authentication
> > will not work.
> > I saved my settings
> > I have a valid SSL certificate
> installed on the virtual
> > server
> > (for OWA in the first place)
> >
> > 3) CONFIGURE RPC VIRTUAL DIRECTORY TO USE SSL
> > Expand Web Sites, expand Default Web
> > Site, right-click RPC, and
> > then click Properties.
> > Click the Directory Security
> tab, and then click Edit under
> > Secure communications.
> > Click to select the Require
> secure channel (SSL) check box
> > and
> > the Require 128-bit encryption check box.
> > Click OK, click Apply, and then click OK
> >
> > 4) CONFIGURE THE RPC PROXY SERVER TO
> USE SPECIFIED PORTS FOR RPC
> > OVER
> > HTTP
> > On the RPC proxy server, (my
> only Exchange Server box)
> > start
> > Registry Editor (Regedit).
> > In the console tree, locate the
> following registry key:
> >
> > HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy
> > In the details pane, right-click the
> > ValidPorts subkey, and then
> > click Modify.
> > In Edit String, in the Value
> data box, type the following
> > information:
> >
> >
> > ExchangeServer:6001-6002;ExchangeServerFQDN:6001-6002;Exchange
> > Server:600
> > 4;ExchangeServerFQDN:6004;
> > If the FQDN that is used
> > to access the server
> > from the Internet differs from the internal
> > FQDN, you must use the
> > internal FQDN.
> > (My external FQDN is
> > company.DYNIP.COM (We use
> > Dynip.com Dynamic DNS service)
> >
> > 5) I added this Multi-String Key to the GLOBAL
> > CATALOG/DC #1's registry
> > (NSPI interface protocol sequences -
> > ncacn_http:6004)
> >
> > 5) CONFIURE THE OUTLOOK 2003 CLIENT PROFILE
> > Done according to instructions in this
> > link -
> > //tinyurl.com/frarn
> >
> > 6) Finally I changed my current OWA SSL ISA 2004
> > rule to include to
> > /RPC* folders (along with the /exchange/*;
> > /exchweb/*; /public/*
> > folders.
> > I did this because OWA and RPC over HTTP
> > are on the SAME server
> > using the same SSL certificate (I installed an
> > internal CA to issue the
> > certificate
> > for the OWA server. User have to click
> > YES to accept (Trust) the
> > certificate, but it works fine.)
> >
> > I am thinking it is either my ISA 2004 rule or
> > that I may need to move
> > my RPC over HTTP Proxy (IIS) to the ISA
> > 2004 box. No matter which one it
> > is, could someone explain in detail, the steps
> > to do either? I do not
> > have IIS installed on my ISA 2004 box.
> > Please let me know if there are
> > any "Gotcha's" also.
> >
> > Thanks for any help in solving this.
> >
> > -Tom Rogers
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
