log on to rights

i am having windows 2000 server sp4 with exchange 2000 sp3. only specific users has to have rights on specific machines therefore in active directory users and computer i have individualy defined the same by
clicking on properties
then account
then log on to
and the respective server name. (i have included exchange server name in each of the user so that they can log on the same)

now all the users are able to logon through smtp/pop3 from "outside" but when one tries to logon through owa it give "internal server error".

the same user is able to login in owa when he comes inside the officer (i.e. internal network, user is not able to connect to owa through home or elsewhere)

also when i remove the logon to options (i.e. user can log onto all computers instead specific computers) owa works fine
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

i would check your IIS permissions since when they are at home and when they are in the office they are getting to IIS (OWA) with different accounts.... FYI,,, i doubt it has anything to do with them being at home or in the office,,, it is probably the fact that when they are in the office they are logged in to the PC with a domain account and when they are at home they are logged into a local account that isn't part of your domain at all.... so to make testing much easier just remove a computer in your office from the domain (or have them log in w/ a local account) and test it to see if you get the same results.
They have to use same Domain username to logon... otherwise it will fail...
viragAuthor Commented:
--------- formikeleebrla
infact it dosent work from domain to forget outside..i.e. if out  10 machines which are added to domain i give a user rights for only 5 machines and then from the 6th machine i try to access the owa it gives same error...bt if i add the machine name which is out of domain user is able to logon through owa from that
Reply to kapes
i didnt get you...if i interpret correct..u are telling that if i want to connect to my owa from outside e.g. from cybercafe..i will have to creat a same domain credintials there !

i dont think thats the issue.
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Exchange uses ADS for authentication... RIGHT
since  you have restricted user to login from specific computers.. (this is related windows login)
it automatically applies to OWA also,

viragAuthor Commented:
so no solutions for the same??..
You can workaround this by disabling Integrated Windows Authentication on the \exchange, \exchweb, and \public virtual directories in IIS.  Use basic instead.  Oh, and if you're going to do this I would suggest implementing SSL on the OWA server since passwords will be easily cracked using basic authentication.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.