Solved

Problem with OWA since installing Service Pack on Exchange 2003 Server

Posted on 2006-10-30
15
660 Views
Last Modified: 2008-01-09
Since upgrading our SBS 2003 Server to Exchange Server SP1 and then SP2 we have lost the ability to log in via Outlook Web Access, either locally or from outside, even with the full domain name.

I get a reply:

You could not be logged on to Outlook Web Access. Make sure your domain\user name and password are correct, and then try again.

On the plus side, the service packs have sorted some more serious problems we were having.

Anyway, I've tried downloading the KB843539 patch but this tells me we do not have Sp1 installed. I realise this is intended to resolve a problem with Sp1, but it was the nearest solution I could find.





0
Comment
Question by:mikeabc27
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 6
15 Comments
 
LVL 4

Expert Comment

by:ari24
ID: 17836044
try logging in using domain\username
0
 
LVL 3

Expert Comment

by:mario_andres
ID: 17836326
The service pack reset your permision ont IIS from Basic to Integraded authentication, having to use  domain\username to log in.
0
 

Author Comment

by:mikeabc27
ID: 17840581
No, that's what the Microsoft article suggests, but that doesn't work.
0
Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

 

Author Comment

by:mikeabc27
ID: 17840614
My apologies, I should explain a little more clearly.

Firstly I tried logging on in OWA as xxx@abc@com. Same error message.

Then I changed the IIS settings from Integrated to Basic, still no luck.

0
 
LVL 3

Expert Comment

by:mario_andres
ID: 17842166
have you tried  loging in with domain\username ? and also are make sure logging is turn on this web site.  I am would like to see what is being log.  
0
 

Author Comment

by:mikeabc27
ID: 17842406

Mario,

No, domain\username doesn't work.

Logging was always enabled and I'm now checking ex061031.log against a log last week, before the updates.

Is there anything obvious I should be looking for?

Thanks,

Mike

 
0
 
LVL 3

Expert Comment

by:mario_andres
ID: 17842616
why don't you try loging in and caputre the session on the logs and post here.
also are you getting 403 401 error? also is this  a front end or back end  server? also check thsis KB

KB899384
0
 

Author Comment

by:mikeabc27
ID: 17842781
No 401/403 messages.

This is a capture I tried just now from logging in as normal, username and password.

#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2006-10-31 15:37:11
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2006-10-31 15:37:11 10.0.0.100 GET /exchange - 443 - 81.149.143.41 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254
2006-10-31 15:37:13 10.0.0.100 GET /exchweb/bin/auth/owalogon.asp url=https://81.137.28.209/exchange&reason=0 443 - 81.149.143.41 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0
2006-10-31 15:37:47 10.0.0.100 POST /exchweb/bin/auth/owaauth.dll - 443 - 81.149.143.41 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 302 0 0
2006-10-31 15:37:47 10.0.0.100 GET /exchange - 443 annakeene 81.149.143.41 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 1 1326
2006-10-31 15:37:47 10.0.0.100 GET /exchweb/bin/auth/owalogon.asp url=https://81.161.128.229/exchange&reason=2 443 - 81.149.143.41 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0
0
 
LVL 3

Expert Comment

by:mario_andres
ID: 17843103
I am looking at it now.  do you have a FE and BE Exxchange servers?
0
 
LVL 3

Accepted Solution

by:
mario_andres earned 500 total points
ID: 17843338
Also please check the KB293386 at http://support.microsoft.com

2006-10-31 15:37:47 10.0.0.100 GET /exchange - 443 annakeene 81.149.143.41 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 1 1326

the 401 is the authetication failed.  also please ensured that users have OWA enabled, under their Users Property in AD.
also i see the that the user name is being passed using basic authentication,  not domain\username, also make sure the domain name is listed in the domain list under Authentication access control.

The /Exchange Virtual Diectory and default Website should be set to use basic authentication, also stop and start the Default Website if you make any changes.  lots of folks day is not necesary, but I found that permissions do required it.
also check the permission for :  /exchweb/bin/auth/owaauth.dll down to the file it self.
also check this KB903942


0
 

Author Comment

by:mikeabc27
ID: 17843834
Mario, I'm running Exchange Server on an SBS 2003, so I guess this makes it a back end server?

If I go to AD Users and ..., username, properties, Exchange Features, it shows OWA "Enabled using protocol defaults" under the Protocols sections.

I've added domainname.com is listed under aAuthentication access under File Security and restarted IIS Admin Services and then followed KB903942. When I got to sections 11 and 14 choices were greyed out, but the suggested changes were already in place.

No change I'm afraid.

Thanks,

Mike
0
 
LVL 3

Assisted Solution

by:mario_andres
mario_andres earned 500 total points
ID: 17844090
0
 
LVL 3

Expert Comment

by:mario_andres
ID: 17844171
I also just ran into this KB very Interesting:

http://support.microsoft.com/kb/871179/en-us
0
 

Author Comment

by:mikeabc27
ID: 17848153
Thanks Mario.

Can now get in using domain\username. Not a great hardship for the extra typing.

Regards,

Mike

0
 
LVL 3

Expert Comment

by:mario_andres
ID: 17849643
Very Welcome....
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
This video discusses moving either the default database or any database to a new volume.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question