Outlook Web Access users get "The Local Security Authority cannot be contacted" if they mistype password

I've got a strange situation here with Outlook Web Access on a new Exchange server I've just set up. When a user logs in to  Outlook Web Access with their correct username and password, they're allowed into their email. If they mistype their username, they're prompted again to enter the correct username. However, if they get their username correct by mistype their password, the get stuck with a "The Local Security Authority cannot be contacted" page. At this point the browser (any browser) considers the log in successful and thinks the user is logged into the site so the user cannot retry their password without closing all browser windows and exitting the browser. So somehow, the IIS server is returning an authentication succeeded message to the browser though the authentication is incorrect, and the OWA app won't load.

This is a brand new Exchange 2003 Enterprise Edition (SP2) server running on Windows 2003 Standard R2. It's a standalone Exchange server so there are not separate front end and back end servers. This is the only other server in the domain (which is also new) besides the domain controller itself. I also have another domain in the same forest running Exchange in a similar configuration (though it's older) and it does not have this problem.

While I wish I could just advise my users to be careful entering passwords, it is irritating for them when they do make a mistake because they have to close all of their browser windows. Additionally, I am afraid this may mean there is another configuration issue causing this that might manifest itself in other, more terrible ways in the future. However, there are no symptoms of problems whether the users connect to the Exchange server with Outlook (over regular Exchange protocol or RPC over HTTPS). The only other symptom I can think might be related is that Internet Explorers cannot use the password changing form (IISADMPWD) to change their passwords, but Firefox users can. IE users get an "Object Required" error. I don't know if this is related but it is curious.
LowflushAsked:
Who is Participating?
 
SembeeConnect With a Mentor Commented:
Are you using SSL?
Integrated Authentication normally allows pass through authentication to take place. If I am on one of my servers and browse to the OWA I will normally go straight in without any prompts.
That can be stopped by using forms based authentication, or the full URL of the server (http://servername.domain.com instead of http://servername)

Simon.
0
 
LowflushAuthor Commented:
Okay, I sort of fixed this on my own:

I disabled "Integrated Windows Authentication" on the "Exchange" virtual server. Now if users mistype their passwords they are reprompted.

Howerver, Integrated Windows Authentication is enabled on my other server and it doesn't have a problem. I'm leaving the question open and the points on the table as I am curious if anyone knows why that form of authentication is causing that problem, and if it's indicative of another misconfiguration.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.