Solved

Problem with OWA since installing Service Pack on Exchange 2003 Server

Posted on 2006-10-30
15
650 Views
Last Modified: 2008-01-09
Since upgrading our SBS 2003 Server to Exchange Server SP1 and then SP2 we have lost the ability to log in via Outlook Web Access, either locally or from outside, even with the full domain name.

I get a reply:

You could not be logged on to Outlook Web Access. Make sure your domain\user name and password are correct, and then try again.

On the plus side, the service packs have sorted some more serious problems we were having.

Anyway, I've tried downloading the KB843539 patch but this tells me we do not have Sp1 installed. I realise this is intended to resolve a problem with Sp1, but it was the nearest solution I could find.





0
Comment
Question by:mikeabc27
  • 8
  • 6
15 Comments
 
LVL 4

Expert Comment

by:ari24
Comment Utility
try logging in using domain\username
0
 
LVL 3

Expert Comment

by:mario_andres
Comment Utility
The service pack reset your permision ont IIS from Basic to Integraded authentication, having to use  domain\username to log in.
0
 

Author Comment

by:mikeabc27
Comment Utility
No, that's what the Microsoft article suggests, but that doesn't work.
0
 

Author Comment

by:mikeabc27
Comment Utility
My apologies, I should explain a little more clearly.

Firstly I tried logging on in OWA as xxx@abc@com. Same error message.

Then I changed the IIS settings from Integrated to Basic, still no luck.

0
 
LVL 3

Expert Comment

by:mario_andres
Comment Utility
have you tried  loging in with domain\username ? and also are make sure logging is turn on this web site.  I am would like to see what is being log.  
0
 

Author Comment

by:mikeabc27
Comment Utility

Mario,

No, domain\username doesn't work.

Logging was always enabled and I'm now checking ex061031.log against a log last week, before the updates.

Is there anything obvious I should be looking for?

Thanks,

Mike

 
0
 
LVL 3

Expert Comment

by:mario_andres
Comment Utility
why don't you try loging in and caputre the session on the logs and post here.
also are you getting 403 401 error? also is this  a front end or back end  server? also check thsis KB

KB899384
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:mikeabc27
Comment Utility
No 401/403 messages.

This is a capture I tried just now from logging in as normal, username and password.

#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2006-10-31 15:37:11
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2006-10-31 15:37:11 10.0.0.100 GET /exchange - 443 - 81.149.143.41 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254
2006-10-31 15:37:13 10.0.0.100 GET /exchweb/bin/auth/owalogon.asp url=https://81.137.28.209/exchange&reason=0 443 - 81.149.143.41 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0
2006-10-31 15:37:47 10.0.0.100 POST /exchweb/bin/auth/owaauth.dll - 443 - 81.149.143.41 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 302 0 0
2006-10-31 15:37:47 10.0.0.100 GET /exchange - 443 annakeene 81.149.143.41 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 1 1326
2006-10-31 15:37:47 10.0.0.100 GET /exchweb/bin/auth/owalogon.asp url=https://81.161.128.229/exchange&reason=2 443 - 81.149.143.41 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0
0
 
LVL 3

Expert Comment

by:mario_andres
Comment Utility
I am looking at it now.  do you have a FE and BE Exxchange servers?
0
 
LVL 3

Accepted Solution

by:
mario_andres earned 500 total points
Comment Utility
Also please check the KB293386 at http://support.microsoft.com

2006-10-31 15:37:47 10.0.0.100 GET /exchange - 443 annakeene 81.149.143.41 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 1 1326

the 401 is the authetication failed.  also please ensured that users have OWA enabled, under their Users Property in AD.
also i see the that the user name is being passed using basic authentication,  not domain\username, also make sure the domain name is listed in the domain list under Authentication access control.

The /Exchange Virtual Diectory and default Website should be set to use basic authentication, also stop and start the Default Website if you make any changes.  lots of folks day is not necesary, but I found that permissions do required it.
also check the permission for :  /exchweb/bin/auth/owaauth.dll down to the file it self.
also check this KB903942


0
 

Author Comment

by:mikeabc27
Comment Utility
Mario, I'm running Exchange Server on an SBS 2003, so I guess this makes it a back end server?

If I go to AD Users and ..., username, properties, Exchange Features, it shows OWA "Enabled using protocol defaults" under the Protocols sections.

I've added domainname.com is listed under aAuthentication access under File Security and restarted IIS Admin Services and then followed KB903942. When I got to sections 11 and 14 choices were greyed out, but the suggested changes were already in place.

No change I'm afraid.

Thanks,

Mike
0
 
LVL 3

Assisted Solution

by:mario_andres
mario_andres earned 500 total points
Comment Utility
0
 
LVL 3

Expert Comment

by:mario_andres
Comment Utility
I also just ran into this KB very Interesting:

http://support.microsoft.com/kb/871179/en-us
0
 

Author Comment

by:mikeabc27
Comment Utility
Thanks Mario.

Can now get in using domain\username. Not a great hardship for the extra typing.

Regards,

Mike

0
 
LVL 3

Expert Comment

by:mario_andres
Comment Utility
Very Welcome....
0

Featured Post

Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now