OWA not passing credentials
I have a client who we have OWA setup for. They have 443 and 80 open. They have a self created certificate. When they go to the OWA login page and put in username & password, it comes back asking for username & password again. It never lets you in.
Login page works fine internally. Only externally is the problem happening.
Also noticed that this happens externally whether it's http:// or https://
rpierce1373
Login page works fine internally. Only externally is the problem happening.
Also noticed that this happens externally whether it's http:// or https://
rpierce1373
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
if you look at the iis logs, is the expected username value being attempted? in other words, did you run the set-owavirtualdirectory "owa (default web site)" -defaultdomain Domain
I would close port 80 for the interface serving OWA (prevents unsecure creds. from being passed).
Repeating authenticated attempts usually means that one of the virtual directories isn't set correctly.
Reset the virtual directories and test again.
http://support.microsoft.com/default.aspx?kbid=883380
Although I would also recommend changing from a self generated certificate to a commercial one.
Simon.
Reset the virtual directories and test again.
http://support.microsoft.com/default.aspx?kbid=883380
Although I would also recommend changing from a self generated certificate to a commercial one.
Simon.
ASKER
Port 80 is needed so closing that isn't an option.
Endital1097, since this is SBS 2003 box, I'm not sure that command would apply. Googling it seems to show that it is a EX2007 command.
Firebar, I followed the link on the security, but no change
Mestha, I reset the VDs like the KB suggested. No change.
Also, I'm noticing that I have the same problem accessing the Remote workspace as well.
Is there anything else firewall wise or MS Security wise that could keep it from passing the credentials. I have it forwarding port 443 to the SBS box IP and a rule allowing 443 for the internal IP.
BTW, thanks for your help on this one.
Endital1097, since this is SBS 2003 box, I'm not sure that command would apply. Googling it seems to show that it is a EX2007 command.
Firebar, I followed the link on the security, but no change
Mestha, I reset the VDs like the KB suggested. No change.
Also, I'm noticing that I have the same problem accessing the Remote workspace as well.
Is there anything else firewall wise or MS Security wise that could keep it from passing the credentials. I have it forwarding port 443 to the SBS box IP and a rule allowing 443 for the internal IP.
BTW, thanks for your help on this one.
Is this install of SBS2003 running ISA server?
ASKER
Yes. It is SBS2003 running ISA
I would take a look at the following article for publishing OWA through ISA.
http://technet.microsoft.com/en-us/library/cc713316.aspx
http://technet.microsoft.com/en-us/library/cc713316.aspx
ASKER
Correction: It is NOT running ISA. I was thinking of IIS not ISA.
OWA & IIS troubleshooting tips and common causes.
http://www.msexchange.org/tutorials/Resetting-OWA-Folder-IIS-security-permissions-Exchange-2003.html
http://www.msexchange.org/tutorials/Resetting-OWA-Folder-IIS-security-permissions-Exchange-2003.html
ASKER
The problem definitely appears to be with the SSL. I can disable the SSL on the setup and get to Exchange & Remote Desktop although it doesn't give me a login but defaults to the last user login. I've created the certificate following the links and installed it, but when I enable SSL, I can never get beyond the login box. BTW, I'm getting the popup screen and not the OWA form if that helps.
If the problem was with the SSL certificate you wouldn't get anything at all. While it is not unusual for an SSL certificate to be corrupt, if that was the case the secure session wouldn't even start, so you would get an error about being unable to access the server.
As this is SBS 2003, have you run the Configure Email and Connect to the Internet wizard and ensured that it completes successfully?
Simon.
As this is SBS 2003, have you run the Configure Email and Connect to the Internet wizard and ensured that it completes successfully?
Simon.
Thanks for the points!
It's used for internet access. Close that up and you loose internet access.