Solved

Problem accessing OWA from child domain

Posted on 2004-09-28
8
899 Views
Last Modified: 2008-03-17
Hello all,
I have a win2k domain and an exchange 2k server for that domain. There is a child domain. I have created a new instance of mailbox store on the exchange server for this domain. All the users from child domain can access the exchange services perfectly via OUTLOOK. RUS is also running just fine.

The problem happens once they try to access OWA. For all the users on the child domain, OWA does not authenticate. Now it could be either of these two issues:

1. IIS on the Forest domain is not giving enough permission for these users to access OWA (I have tried to add the users of child domain to the Builtin\users group of forest domain, but that didn't help)
2. The mailbox store is different (but if you look at the exchange instance in IIS, you can see all the mailboxes, including the one's in child domain, so it seems more like issue number one up)

So, if anyone of you can quickly give a solution for this, I will truly appreciate it.
0
Comment
Question by:subhanali
  • 5
  • 3
8 Comments
 
LVL 26

Accepted Solution

by:
Vahik earned 500 total points
ID: 12174416
if u go to ur exchange system manager\http and click on the exchange or public directories u will see that are set for default domain.add a new directory and point it to ur
child domain and ur problem will be solved.
0
 

Author Comment

by:subhanali
ID: 12174452
I went to system manager, and if I am not mistaken, you want me to go to Adminitrative Groups\First Administrative Group\Servers\<My Server>\Protocols\Http. Over there I see "Exchange Virtual Server", under which I see: Exadmin, Exchange, public. Where do I see that it is set for the default domain, and where do I add a new directory and point to my new child domain????
0
 

Author Comment

by:subhanali
ID: 12174473
Ok, hold on before you answer that. I see what you mean. Let me try that. I was trying, but it said for everything "to configure from IIS", but now I see what you are talking about. I kinda knew this may help, but since I could see all the mailboxes already under the old instance, I didnt try it. Let me try it, and I will let you know if it worked or not.
0
 
LVL 26

Expert Comment

by:Vahik
ID: 12174515
also if u dont want to add new virtual servers then make sure ur users in child domain
have the default smtp email address from  parent domain assigned to them.
if u only have the same smpt address assigned to both root and child domain users then
u dont need to do anything.then u should try using only basic authentication and see if ur problem will be solved.
0
Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

 

Author Comment

by:subhanali
ID: 12174570
SMTP server? The users have no problem accessing the server via OUTLOOK from their desktop. The problem is only on the IIS. Now if I apply your solution up there, it creates another virtual directory on the same IIS. That creates two issues:

1. I have it configured, so that if anyone tries to access the IIS, it automatically goes to /exchange folder. I dont want the users to enter /<new instance>
2. I have a security certificate installed with this domain, using SSL. The smtp address for the new child domain is different.

So, is there any way that I can host this on a different IIS server??? OR a different instance of IIS website?
0
 
LVL 26

Expert Comment

by:Vahik
ID: 12174792
unlike 5.5 in 2000 and 2003 owa stays where exchange is installed.
if u have ssl installed on ur iis then u must issue those certificates to ur child domain users(it does not matter  from what domain they are accessing ur exchange\owa as long as their certificate matches the one installed on ur iis.).and since child domain users use diffrent smtp email address then u must add a new virtual server to ur exchange system manager to service smtp address used by ur child domain users.
redirection should have no effect on authentication.
0
 

Author Comment

by:subhanali
ID: 12174836
Umm, I dont think  you understood my question this time. I agree with you on everything you stated. I am not askin that.

Look, right now my users go directly to mail.domainname.com, and that takes them directly to the instance /exchange

The new users for the child domain have to enter mail.domainname.com/child to access their mail.

I want to find a way where they can access their mail directly too, without having to enter /child at the end of the URL
0
 

Author Comment

by:subhanali
ID: 12174908
Ok,

I found a way around it. Made a new website instance, with a NEW URL. Pointed that to the above original website with /child in the end. For this to work you will need a different URL, and do header based manipulation in IIS.

So, anyways it worked out just fine. But, since my original question was answered, and this was a spinoff from that question, I am going to accept your answer. Thank you VAHIK for your time.
0

Featured Post

Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now