[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

OWA issues since Windows 2003 Server upgrade

Posted on 2006-07-17
3
Medium Priority
?
174 Views
Last Modified: 2010-04-18
Ever since upgrading the server from Win2K Server to Win2003 SP1, Outlook Web Access is acting strange (EX2003 was already installed and has been running fine for years.)

When a user tries logging into OWA, the login prompt comes back and the "User name" field is filled in with the external server name as a prefix to the user id.  For example,

"mail2.domain.com\myusername"

Of course, the user keeps hitting OK and gets "access is denied" after 3 attempts.

The only workaround I've found is to have them enter their full email address for the user id, and this lets them in just fine.

It appears that the 2003 upgrade made some directory security modifications, but I haven't been able to figure this one out.

Thanks in advance.
0
Comment
Question by:Elmo_Oxygen
3 Comments
 
LVL 6

Expert Comment

by:glennbrown2
ID: 17123978
go into IIS Manager....Start/Run type "inetmgr" and press enter.

Now, not sure how OWA is setup for you but mine is under the "default site", "exchange".

- Right click exchange and select properties
- Click directory security
- under "authentication and access control" clcik edit.
- in this window, i only have "integrated windows auth" and "basic auth" checked
- under default domain, I have our NETBIOS domain name...
- click ok

restart IIS and try again
0
 

Author Comment

by:Elmo_Oxygen
ID: 17124416

Yup, this is exactly how mine is configured too.

Interesting to note that a user informed me that FireFox gets them in without requiring the full email address for the user name.

0
 
LVL 104

Accepted Solution

by:
Sembee earned 1000 total points
ID: 17125108
The default behaviour for OWA on Exchange 2003 is that the login required is

domain\username

If you don't enter it in that format then the server automatically presumes that you are authenticating to the local machine, so prepends its name to the authentication process.

Two options.

1. Set the default domain and default realm on the /exchange virtual directory.
2. If you are using SSL (if not, why not) enable forms based authentication. There was an undocumented change in SP2 for Exchange 2003 where the domain\ is no longer required, despite what the page says.

Simon.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Loops Section Overview
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question