Exchange Webmail failure but probably IIS problem

Posted on 2004-10-04
Last Modified: 2011-08-18
In my company we have a single domain with a single Windows 2003 server acting as the domain controller and data server. This server is also running Exchange 2003 standard edition and it was upgraded in two stages from an NT4 /Exchange 5.5 system. The server itself appears to be running fine, all users can logon and access their mailboxes via Outlook 2003 without problems. One or two user were interested in Outlook Web Access which naturally is included as standard with Exchange 2003 and was installed along with the rest of the package. However OWA simply isn't working.
From a machine on the network (or on the server itself) I can enter
//servername/exchange in IE and get a log-in prompt. However I enter the username and password (/domainname/username or username@fully_qualified_domainname) it always fails to authenticate and after three tries gives me a
HTTP/1.1 401 Unauthorised
error message. This is the same for all users and all users have webmail enabled.

I have also recently installed Microsoft's SUS software and when I attempt to go the the admin webpage //servername/SUSAdmin the system asks me to log-on (which I don't think it should be doing as I am already logged onto the server with admin rights), the system apparently accepts my log-in but then the IE screen remains completely blank (all white).

This is making me think that the problem is more with IIS or Windows itself rather than with Exchange or SUS. If I enter //servername in IE then I do get the IIS 'homepage' as I would expect. IIS permissions all appear to be OK and I have tried various authentication methods (anonymous, Windows digest etc. without any luck). There are no errors listed in any of the event logs and all other aspects of the server are running correctly

Do I need to uninstall and re-install IIS (is this even possible in Windows 2003 server and will it bring done the Exchange system)? or does anyone know of anything else I should look for?

Many thanks

Question by:jem99
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 104

Expert Comment

ID: 12216648
SUS will always ask you to login - that is by design.

The URLs you have entered, have you fudged them on purpose? It should be http://servername/exchange
The user authentication should be domain\username - no leading \

First fix for any OWA queries is authentication types.
In IIS Manager look at the Exchange virtual directories.

Each should have ONLY basic and integrated authenticaiton enabled.
/exchweb should also have anonymous authentication enabled.


Author Comment

ID: 12218458
Authentications are all checked and set ok; and that was a mistake on my part re the log-in name. I  have tried domainname\username with no luck. Oddly enough if I enter

http://servername/exchange/username then I immediately get a page not found error and it doesn't ask me to log-in first.

As for the SUS log-in, on another system I look after, if I log-onto the server console directly as a domain admin and enter http://servername/susadmin it immediately gives me the front page (as I'm already logged in with admin privs.) wherase on the server in question  doing the same thing asks for a log-in and still fails.

Very odd

LVL 104

Expert Comment

ID: 12218898
Try following this article to reset the virtual directories in Exchange 2003:

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now


Author Comment

ID: 12226149

Thanks for the tip but I already found that article when doing a search for solutions. Needless to say it didn't work.

LVL 104

Expert Comment

ID: 12229454
The two fixes I have outlined resolve most problems. If this machine was an upgrade then that is probably the cause. Upgrades can cause many problems - with legacy settings interfering. If the IIS Lockdown tool was run on the old NT4 system then some of those settings could be causing the problem.

You might be looking at moving the data to another machine, wipe and reinstall, unless anyone else can come up with ideas.


Author Comment

ID: 12237394
I am beginning to come to the same conclusion myself.

Just to make things a little more wierd on another system (also Windows 2003 Server / Exchange 2003) I can check the IIS setting for the Exchange virtual directory and find that it's pointing to //./BackOfficeStore/domain_name/MBX as I would expect. On the faulty server in question it's the same (different domain name naturally). The difference is that I can ping this address on the faulty server and get it resolved to a public IP address. I then get a cached DNS entry for it. I've removed the cached entry, flushed the DNS cache but it gets recreated as soon as I try to ping the address again. I don't actually get a response from the host but I shouldn't get a resolved address anyway!

LVL 104

Accepted Solution

Sembee earned 250 total points
ID: 12243130
That pinging problem sounds like duff DNS settings somewhere on the server. I presume you have gone through the network settings and ensured that they are correct? (DNS pointing to the DC only etc).

Otherwise it sounds like a mess and I would start planning to swing the data out to another machine so that it can be rebuilt clean.


Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor ( Top Charts is a view in which you can set seve…

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question