Solved

Outlook Web Access users get "The Local Security Authority cannot be contacted" if they mistype password

Posted on 2006-07-03
4
1,242 Views
Last Modified: 2012-05-05
I've got a strange situation here with Outlook Web Access on a new Exchange server I've just set up. When a user logs in to  Outlook Web Access with their correct username and password, they're allowed into their email. If they mistype their username, they're prompted again to enter the correct username. However, if they get their username correct by mistype their password, the get stuck with a "The Local Security Authority cannot be contacted" page. At this point the browser (any browser) considers the log in successful and thinks the user is logged into the site so the user cannot retry their password without closing all browser windows and exitting the browser. So somehow, the IIS server is returning an authentication succeeded message to the browser though the authentication is incorrect, and the OWA app won't load.

This is a brand new Exchange 2003 Enterprise Edition (SP2) server running on Windows 2003 Standard R2. It's a standalone Exchange server so there are not separate front end and back end servers. This is the only other server in the domain (which is also new) besides the domain controller itself. I also have another domain in the same forest running Exchange in a similar configuration (though it's older) and it does not have this problem.

While I wish I could just advise my users to be careful entering passwords, it is irritating for them when they do make a mistake because they have to close all of their browser windows. Additionally, I am afraid this may mean there is another configuration issue causing this that might manifest itself in other, more terrible ways in the future. However, there are no symptoms of problems whether the users connect to the Exchange server with Outlook (over regular Exchange protocol or RPC over HTTPS). The only other symptom I can think might be related is that Internet Explorers cannot use the password changing form (IISADMPWD) to change their passwords, but Firefox users can. IE users get an "Object Required" error. I don't know if this is related but it is curious.
0
Comment
Question by:Lowflush
4 Comments
 

Author Comment

by:Lowflush
ID: 17033622
Okay, I sort of fixed this on my own:

I disabled "Integrated Windows Authentication" on the "Exchange" virtual server. Now if users mistype their passwords they are reprompted.

Howerver, Integrated Windows Authentication is enabled on my other server and it doesn't have a problem. I'm leaving the question open and the points on the table as I am curious if anyone knows why that form of authentication is causing that problem, and if it's indicative of another misconfiguration.
0
 
LVL 104

Accepted Solution

by:
Sembee earned 175 total points
ID: 17033967
Are you using SSL?
Integrated Authentication normally allows pass through authentication to take place. If I am on one of my servers and browse to the OWA I will normally go straight in without any prompts.
That can be stopped by using forms based authentication, or the full URL of the server (http://servername.domain.com instead of http://servername)

Simon.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question