Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Outlook Web Access users get "The Local Security Authority cannot be contacted" if they mistype password

Posted on 2006-07-03
4
Medium Priority
?
1,252 Views
Last Modified: 2012-05-05
I've got a strange situation here with Outlook Web Access on a new Exchange server I've just set up. When a user logs in to  Outlook Web Access with their correct username and password, they're allowed into their email. If they mistype their username, they're prompted again to enter the correct username. However, if they get their username correct by mistype their password, the get stuck with a "The Local Security Authority cannot be contacted" page. At this point the browser (any browser) considers the log in successful and thinks the user is logged into the site so the user cannot retry their password without closing all browser windows and exitting the browser. So somehow, the IIS server is returning an authentication succeeded message to the browser though the authentication is incorrect, and the OWA app won't load.

This is a brand new Exchange 2003 Enterprise Edition (SP2) server running on Windows 2003 Standard R2. It's a standalone Exchange server so there are not separate front end and back end servers. This is the only other server in the domain (which is also new) besides the domain controller itself. I also have another domain in the same forest running Exchange in a similar configuration (though it's older) and it does not have this problem.

While I wish I could just advise my users to be careful entering passwords, it is irritating for them when they do make a mistake because they have to close all of their browser windows. Additionally, I am afraid this may mean there is another configuration issue causing this that might manifest itself in other, more terrible ways in the future. However, there are no symptoms of problems whether the users connect to the Exchange server with Outlook (over regular Exchange protocol or RPC over HTTPS). The only other symptom I can think might be related is that Internet Explorers cannot use the password changing form (IISADMPWD) to change their passwords, but Firefox users can. IE users get an "Object Required" error. I don't know if this is related but it is curious.
0
Comment
Question by:Lowflush
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 

Author Comment

by:Lowflush
ID: 17033622
Okay, I sort of fixed this on my own:

I disabled "Integrated Windows Authentication" on the "Exchange" virtual server. Now if users mistype their passwords they are reprompted.

Howerver, Integrated Windows Authentication is enabled on my other server and it doesn't have a problem. I'm leaving the question open and the points on the table as I am curious if anyone knows why that form of authentication is causing that problem, and if it's indicative of another misconfiguration.
0
 
LVL 104

Accepted Solution

by:
Sembee earned 700 total points
ID: 17033967
Are you using SSL?
Integrated Authentication normally allows pass through authentication to take place. If I am on one of my servers and browse to the OWA I will normally go straight in without any prompts.
That can be stopped by using forms based authentication, or the full URL of the server (http://servername.domain.com instead of http://servername)

Simon.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
This video discusses moving either the default database or any database to a new volume.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question