Solved

Exchange 2003 OWA Login Problems

Posted on 2006-07-07
19
268 Views
Last Modified: 2010-03-06
Hello,

Here is the deal. I have a windows 2000 domain. Currently users connect to a generic webmail system using a link on there desktops. https:\\mail.domain.com and it takes them to the web interface of the current e-mail system. I have configured OWA to be the main source for users to collect there mail per my managers request. I have enabled forms based authentication and installed a ssl certificate. I have changed the DNS at our ISP and internally to point to the new exchange server, which is running Windows Server 2003 Enterprise as a member or a Windows 2000 domain. The issue is that it only works from links, or favorites, if i type it into the internet explorer bar it prompts me for a user name and password (windows prompt). What is even more strange, when I type in the correct info, it doesn't work, even though it works with OWA when I get there from another route.
Any help would be greatly appreciated, as I need to get this resolved by morning. I know my mail is coming in because I just got a new message into exchange. I think I may of set something wrong up in IIS default website but I am not sure. I currently have it set to a redirect to https://exchange/exchange (exchange is my servers name) A directory below URL entered.

Thanks in advance!
0
Comment
Question by:PE_IT_TEAM
  • 11
  • 7
19 Comments
 

Author Comment

by:PE_IT_TEAM
ID: 17062894
OWA seems to work on my computer but no one elses, if that helps anyone out there.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17062970
If you have enabled forms based authentication, then you shouldn't get a login box. A web page should load.

Keep things simple... whatever you did for the redirection, remove it. Try and get the system back as close as possible to the way it was installed.

Verify that the authentication settings are correct on the virtual directories...

/exchange: integrated and basic only
/exadmin: integrated only
/exchweb: anonymous only
/public: integrated and basic only
/oma: basic only
/Microsoft-Server-ActiveSync: integrated and basic.

Simon.
0
 

Author Comment

by:PE_IT_TEAM
ID: 17062995
Hi Sembee,

I have learned so much from you in the past reading on this forum. Thanks for the quick response, I have everything back to normal. When i got to https://exchange/exchange from any computer internally it works now. How would I go about getting an internal link https://mail.domain.com/ to redirect to https://exchange/exchange  ? Also is there anything else I need to do for the link to work externally?
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 104

Expert Comment

by:Sembee
ID: 17063002
Set the redirect as I have shown on this page on my web site:
http://www.amset.info/exchange/owa-defaultpage.asp

Then it doesn't matter what URL the users hit the server with, it will redirect.

Simon.
0
 

Author Comment

by:PE_IT_TEAM
ID: 17063062
I did that and it still doesn't seem to want to work. When i create a link shortcut or when I type it into the web browser still no luck. Is there something I have missed?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17063065
Define doesn't work?

If OWA is set as default - everything works correctly?
When you put in the redirect it fails?

Simon.
0
 

Author Comment

by:PE_IT_TEAM
ID: 17063079
I type in https:\\mail.domain.com and it still prompts me for a user name and password (windows prompt) even typing in the correct info does not get me any further, but typing in https:\\exchange\exchange brings up the form based page fine and works
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17063110
Do they resolve to the same place?

If you type ping mail.domain.com does it resolve to the same IP address as ping exchange?

Simon.
0
 

Author Comment

by:PE_IT_TEAM
ID: 17063126
Yes they both resolve to 192.168.1.199

Dave
0
 
LVL 104

Accepted Solution

by:
Sembee earned 500 total points
ID: 17063138
That has to be authentication then.
Did check the authentication matches what I posted above?

Simon.
0
 

Author Comment

by:PE_IT_TEAM
ID: 17063173
Double checked and  I had missed one setting, restarted IIS and still same issue.
0
 

Author Comment

by:PE_IT_TEAM
ID: 17063190
Okay this is nuts, I must have something wrong. When I clicked on the https:\\mail.domain.com link it brought up the windows box again, and instead of using my own name, i used administrator and it worked. What setting do you think I may have wrong.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17063237
That is permissions or authentication causing that.
The reason being that when you access the site with the internal name, IE recognises it and uses integrated authentication. When you use the external name, that doesn't occur.

When you are trying authentication, are you doing just username and password, or domain\username and password?

While it isn't the same, take a look at this question that Lee Derbyshire was working on earlier today.
http://www.experts-exchange.com/Networking/Email_Groupware/Exchange_Server/Q_21910548.html

Lee knows his way around OWA better than anyone. You might find some useful information in that question.

Simon.
0
 

Author Comment

by:PE_IT_TEAM
ID: 17063279
With the windows prompt I was typing in just the user name billy.bob and then the password. I tried it with domain/billy.bob and it worked fine. With OWA I used th tweak several months ago so users do not have to enter the domain name. I still am not sure though why it is prompting me for a windows login though when I use a link but does not when I use the internal https:\\mail.domain.com 

I am stumped on this one...
0
 

Author Comment

by:PE_IT_TEAM
ID: 17063293
It's almost like I have to authenticate just to get into the machine and then it all works well
0
 

Author Comment

by:PE_IT_TEAM
ID: 17063319
I added anonymous acess to the default web site and it started working. Is this a security issue? I mean it sounds like one, but I am somewhat new to this whole deal..
0
 
LVL 8

Expert Comment

by:bilbus
ID: 17064124
i use this as my defalt page

<meta HTTP-EQUIV="REFRESH" content="0; url=https://www.website.com/exchange" target="_blank" onclick="return openNew(this.href);">https://www.website.com/exchange">

There are a number of ways to do this though
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17064877
When you added anonymous to your default web site, what did you do on the prompt for the sub folders?
Some anonymous permission is required for OWA to work correctly, so you may not have caused an issue with security.

Simon.
0
 

Author Comment

by:PE_IT_TEAM
ID: 17068114
I pressed cancel for the rest of the folders. All is well now. Thanks Sembee for your help. It is very much appreciated. I am awarding you the point because you got me looking in the right direction to fix this problem. Otherwise I would of never thought it was a an authentication/permission issue. Thanks again!
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question