False Exchange server files (Not Found) issue in Windows 2003 SP1 SCW (Security Configuration Wizard)
There is a scenario in which you could get a false [Not Found] warning message for the Exchange services within SCW. For example, you have an Exchange Server with binaries in a non-default path and you’ve already manually configured the policy to point at those binary files with the right path (see previous post on the subject). The false warnings can be seen when you need to modify some SCW policies. When you open SCW to edit current policy, and you navigate to the ‘Open Ports and Approve Applications’ dialog you will notice that those (Not Found) warnings appear again, though you’ve manually configured it before.
The workaround can be confusing. If you’re confused by this (Not Found) error and try to put in the correct path again, you will get an error saying that file already exist. Close that error and scroll down in the ‘Open Ports and Approve Applications’ page, and you will find all of the Exchange binary files you edited last time are already there. This is a known issue— SCW gives a false (Not Found) error on the already edited files, even though those files are already correctly configured. It’s not a serious issue but maybe confusing for the first-time users.
Just a reminder... While SCW includes several roles for Microsoft Exchange, administrators wishing to protect their Exchange servers are advised to read the Exchange Security Guide (http://go.microsoft.com/fwlink/?LinkId=25210)). SCW will only protect the base OS that Exchange runs on, and fully protecting Exchange servers involves protecting the OS as well as Exchange itself. The Exchange Security Guide provides full details on how to achieve both
How/why/when Exchange server is not installed in the default path?
For Exchange 2000/2003 server, the default installation path is %ProgramFiles%\Exchsrvr. So in W2K3 SP1, the SCW configured to search Exchanger server binary files in path %ProgramFiles%\Exchsrvr\bin by default. However, in Exchange 5.5, the default path is %systemdrive%\Exchsrvr. Although 5.5 is not supported by W2K3, but in the following supported upgrade scenario, the binary files of Ti server will fall into the %systemdrive%\Exchsrvr\bin path, instead of the default %ProgramFiles%\Exchsrvr\bin path, though during the whole process only the default selections are made.
Original server: Exchange 5.5 server SP3, OS W2K. This supported scenario and binary files located at %systemdrive%\Exchsrvr\bin path.
Upgrade 1: Upgrade the 5.5 server to PT RTM, then PT SP3 server. This is also supported scenario. During the upgrade, the PT binary files will be dropped at %systemdrive%\Exchsrvr\bin path.
Upgrade 2: Upgrade the PT SP3 server to Ti RTM, then TI SP1. This is supported scenario. During the upgrade, the Ti binary files are also dropped in %systemdrive%\Exchsrvr\bin path.
Upgrade 3: Upgrade the OS from W2K to W2K3 SP1.
Now, you get a TI SP1 server on the W2K3 SP1 server, and although during the whole setup/upgrade scenario, you never manually changed any path, the Exchange server binary files ends up in the %systemdrive%\Exchsrvr\bin path instead of the %ProgramFiles%\Exchsrvr\bin path. Now if you configure the SCW on this server, you will see the (Not Found) mark.
Which files are affected by this non-default path issue?
These files are most frequently affected by this issue:
Microsoft Exchange MTA Stacks (Emsmta.exe)
Microsoft Exchange Information Store (Store.exe)
Microsoft Exchange System Attendant (Mad.exe)
Microsoft Exchange Site Replication Service (Srsmain.exe)
You Had Me at EHLO.