Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Exchange users cannot login to OWA

Posted on 2004-11-21
20
Medium Priority
?
2,972 Views
Last Modified: 2009-08-19
Hi All.

I'm setting up exchange at home before I set it up at work. OWA works for me. I am the domain administrator. However for the 2 users I've set it up for, they cannot login to OWA. The prompt comes up for the usersname and password, when I enter it it just pops up again and again, until i hit cancel. I am using the default clear text authentication.

I thought it might have something to do with the users not having the rights to login locally, but now that i think about it, i think it will login with the IIS account anyway.

Anyone have any ideas or pointers?

Thanks,
Justin
0
Comment
Question by:justinm99
  • 14
  • 5
20 Comments
 
LVL 27

Expert Comment

by:Exchange_Admin
ID: 12640530
I think the users need to have the "Log on Locally" right to access OWA.

Try this to see if it works.
0
 
LVL 1

Author Comment

by:justinm99
ID: 12640590
Yes, I have allready done this. Still no luck.
0
 
LVL 1

Author Comment

by:justinm99
ID: 12640626
Some more info: I have a front end and back end configuration. I have given the logon locally rights to the front end server, and I have just given it to the back end server.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 1

Author Comment

by:justinm99
ID: 12640644
Just to test it out, I logged into the front and and back end servers locally with the user. The user logged in successfully on both servers.
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 12641069
what message are you getting when  you login with the user? It sounds like something else, like the everyone group got removed or the RUS isn't stamping the user objects with a proxy address. HAve you checked to see that the user objects have an email address?

D
0
 
LVL 1

Author Comment

by:justinm99
ID: 12641202
here is the message i get after trying to login 3 times:
HTTP/1.1 401 Unauthorized

I do not use a proxy server, but I have the front end and back end servers behind an openbsd firewall. The firewall isn't the problem from what I can tell because I can login from outside.

When you say the everyone group got removed can you be a bit more specific?

Also the front end is win2k3 and the back end is win2k, will this cause problems?

Thanks for commenting kidego!
0
 
LVL 1

Author Comment

by:justinm99
ID: 12641205
oh yea, the user accounts all have email addresses.
0
 
LVL 1

Author Comment

by:justinm99
ID: 12641271
I think it may have something to do with the fact that my front end server is on windows 2003, and my back end server is on windows 2000. I can't think of much else. I may just format the front end server and put win2k on it. The back end server is also a windows 2000 domain controller.
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 12641377
as long as win2k is sp4, e2k3 should be fine, the FE is exchange 2003 too, yes? I don't see an exchange version here...

D

0
 
LVL 1

Author Comment

by:justinm99
ID: 12641448
yes, they are all exchange 2003 enterprise. win2k is SP4 as well.

what should I do?
0
 
LVL 1

Author Comment

by:justinm99
ID: 12641656
Most interesting, I tried adding a user to the domain admins group, then logging in to OWA.

It still doesn't work! This must mean it isn't a permissions issue. There must be something wrong with the user account.
0
 
LVL 1

Author Comment

by:justinm99
ID: 12641706
Ok I created a new account called jtest, with the default email account. It worked!

OWA won't work for user jared, who has an email address of cbr@n0de.ws. I will create a secondary address as jared@n0de.ws and see if that works right now.

it did not work.

I tried for user renny, who has an email address of renny@n0de.int (n0de.int is my internal domain, n0de.ws the external) and it worked.

The problem has something to do with email addresses.
0
 
LVL 1

Author Comment

by:justinm99
ID: 12641778
Ok so the problem was with aliases, I created a user named cbr with the same alias, and it worked fine.

My one question now is how can i change a users alias?
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 12641779
do you have the domain n0de.ws listed in the recipient policy, and is it your primary SMTP address?

d
0
 
LVL 1

Author Comment

by:justinm99
ID: 12642024
Yes to both.
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 12644497
ok, that's good. Have you checked the policy on the FE server? And have you tried to access OWA directly to the backend server, without going thru the FE? link internally would be http://server/exchange , no secure HTTP on the backend server. If you enabled 443 on the backend server, take it off, it should only be on the front end.

d
0
 
LVL 1

Author Comment

by:justinm99
ID: 12646543
Kidego, thank you for your suggestions.

Maybe you should read my comments. I indicated that I got it all working, except I don't know how to change aliases. for example create a username called Justin, with an alias of justin. Then after I create justin and his mailbox, how can i Change the alias? (maybe I want his email address to be jsmith@n0de.ws).
0
 
LVL 24

Accepted Solution

by:
David Wilhoit earned 2000 total points
ID: 12646585
ok then, the alias is the UPN that gets created, and that's not the email address. The email address will be stamped by the RP once the RUS updates itself. So, a UPN of justin@domain.local, would not be the same as jsmith@n0de.ws. The latter gets stamped on when you mail enable the user and the RUS updates.
0
 
LVL 1

Author Comment

by:justinm99
ID: 12646757
I think this is a separate question. It seems I figured this out on my own, but since you all helped i will split the points.

Thanks!
0
 
LVL 1

Author Comment

by:justinm99
ID: 12646778
Just gave it to kidego because he spent more time trying to solve it, thanks again guys.
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question