log on to rights

Posted on 2004-11-04
Last Modified: 2010-04-14
i am having windows 2000 server sp4 with exchange 2000 sp3. only specific users has to have rights on specific machines therefore in active directory users and computer i have individualy defined the same by
clicking on properties
then account
then log on to
and the respective server name. (i have included exchange server name in each of the user so that they can log on the same)

now all the users are able to logon through smtp/pop3 from "outside" but when one tries to logon through owa it give "internal server error".

the same user is able to login in owa when he comes inside the officer (i.e. internal network, user is not able to connect to owa through home or elsewhere)

also when i remove the logon to options (i.e. user can log onto all computers instead specific computers) owa works fine
Question by:virag
    LVL 25

    Expert Comment

    i would check your IIS permissions since when they are at home and when they are in the office they are getting to IIS (OWA) with different accounts.... FYI,,, i doubt it has anything to do with them being at home or in the office,,, it is probably the fact that when they are in the office they are logged in to the PC with a domain account and when they are at home they are logged into a local account that isn't part of your domain at all.... so to make testing much easier just remove a computer in your office from the domain (or have them log in w/ a local account) and test it to see if you get the same results.
    LVL 6

    Expert Comment

    They have to use same Domain username to logon... otherwise it will fail...
    LVL 3

    Author Comment

    --------- formikeleebrla
    infact it dosent work from domain to forget outside..i.e. if out  10 machines which are added to domain i give a user rights for only 5 machines and then from the 6th machine i try to access the owa it gives same if i add the machine name which is out of domain user is able to logon through owa from that
    Reply to kapes
    i didnt get you...if i interpret correct..u are telling that if i want to connect to my owa from outside e.g. from cybercafe..i will have to creat a same domain credintials there !

    i dont think thats the issue.
    LVL 6

    Expert Comment

    Exchange uses ADS for authentication... RIGHT
    since  you have restricted user to login from specific computers.. (this is related windows login)
    it automatically applies to OWA also,

    LVL 3

    Author Comment

    so no solutions for the same??..
    LVL 21

    Accepted Solution

    You can workaround this by disabling Integrated Windows Authentication on the \exchange, \exchweb, and \public virtual directories in IIS.  Use basic instead.  Oh, and if you're going to do this I would suggest implementing SSL on the OWA server since passwords will be easily cracked using basic authentication.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Join & Write a Comment

    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now