• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1631
  • Last Modified:

How to login to OWA without using domain\username

Hi,
I am trying to log in to OWA using a username only, i.e. without having to type domain\username.

Let me give you some background

Running Windows server 2003. Exchange server 2003 Enterprise SP2 (single server). We also have two logical domains, internaldomain.local, and externaldomain.com.

The exchange server is a DC for externaldomain.com. All our users are located in internaldomain.local. There is a 2-way trust between the domains.

We have 3 different methods of access from the internet to exchange :
Laptops use RPC over HTTPS
PDA's use Direct push
Webmail

THE PROBLEM :
To use direct push for the PDA's, we need to have forms based authentication turned off - This works ok.
However, when using webmail, users are connectinc to externaldomain.com, which tries to authenticate them. All our users are in internaldomain.local. So they have to type in internaldomain.local\username .

Is there a way of automatically authenticating to the internal domain without having to type in the domain name in the login box?

I have already tried setting the internal domain as the default domain and realm on the directory security tab on the /exchange folder.
I have also added the internal domain controllers on the "directory access" tab on the properties of the exchange server.

Any ideas how i can get round this?

Cheers
Paul
0
beplas
Asked:
beplas
  • 3
  • 2
1 Solution
 
SembeeCommented:
The default domain/realm setting is the only one that is required - I am not aware of any other mechanism.

Otherwise go back to using FBA. It is possible to have that co-existing with EAS. You just need to get the authentication settings correct on the virtual directory - specifically enable both integrated and basic authentication on the /exchange virtual directory - it will probably be basic only at the moment.

Simon.
0
 
beplasAuthor Commented:
Close, but no cigar. The /exchange virtual directory has both basic and integrated already selected, without integrated direct push will not work. Also, the domain/realm are both set to internaldomain.local, but appear to have no effect
0
 
SembeeCommented:
I can assure you that it does work, as I have it working on four or five systems.

The full authentication settings are:

/exchange - basic and integrated ONLY
/exchweb - anonymous ONLY
/exadmin - integrated ONLY
/public  - basic and integrated ONLY
/oma - basic ONLY
/Exchange-Server-ActiveSync - basic and integrated only

With FBA you don't have to set the default domain and default realm as the FBA page deals with that for you (undocumented change in service pack 2).

Simon.
0
 
beplasAuthor Commented:
Hi Simon,
I checked the settings on each of the folders, and made one or two changes according to your list. And still i got activesync error 85010001. So i tried another PDA - and sure enough - the second one worked fine!

Turned out to be the SSL requirement in the server settings wasn't ticked on the PDA.

Thanks for your help, it cleared up a few issues for me.

Cheers
Paul
0
 
SembeeCommented:
The thing to remember is that OMA/EAS caches errors. When you get them once, it is common to get them again. I usually recommend to reset the handheld device before trying again to clear any cached information.

Simon.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now