Solved

OWA keeps prompting me for username/password unless I change (already filled-in but wrong domain)

Posted on 2006-11-07
12
574 Views
Last Modified: 2008-02-01
I have two Windows 2003 servers - one DC and the otherone running Exchange 2003 SP1

My problem is  that using the permissions for Virtual Folders, when logging in to OWA I get this prompt (not using FBA):

Username: mail.hostname.net\myself
Password:

Please note that my domain is mail.hostname.local and not .net, which is only used for the e-mail addresses -

If I change the username to DOMAIN\myself, I can log in without problems -

Virtual Folder Config:
exchange - Integrated, Basic, Domain: DOMAIN
public - Integrated, Basic, Domain: DOMAIN
exchweb - Anonymous

If I remove Integrated from BOTH System Manager and IIS for Exchange and Public, I can login using just my username - Problem is then that accessing public folders from System Manager, pops up a login window -

I cannot understand how the suggested domain defaults to .net when Integrated is on! It's not listed anywhere, while I have specifically put the domain name for each of the folders in IIS!

Any ideas?

Thanks
0
Comment
Question by:jsyrakis
  • 4
  • 2
  • 2
  • +2
12 Comments
 
LVL 30

Expert Comment

by:irwinpks
ID: 17887911
was there a need not to use FBA?

Here's a way to modify it....

http://www.msexchange.org/tutorials/Customizing-OWA-2003-Forms-Based-Authentication-Logon.html
0
 
LVL 5

Expert Comment

by:cjtraman
ID: 17888369
Since you are connecting using the hostname.net URL, the authentication would have prompted you with the hostname.net\user id. However, you can the domain part to your original domain name and login to your OWA. For forms based authentication (more secured way), use the above URL.
0
 

Author Comment

by:jsyrakis
ID: 17888396
Thanks for your comment cjtraman,

Indeed the domain is inserted before the username for the reason you mentioned (Gets copied from the URL I use to login) -

Now the only remaining thing is why I cannot login using just my username (as happens on a completely different SBS 2003 server I have)?

As I mentioned above removing Integrated Authentication from both System Manager and IIS allows me to login with just my username, but then breaks System Manager's access to Public Folders by popping-up a login prompt when clicking on one of them -

As I have said, I have filled the Domain part in both Exchange and Public virtual directories, to no result!
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17888717
Any reason why you are not on Exchange 2003 SP2?
If you updated to that service pack, then enabled forms based authentication you would not need to put in the domain\ in the username to login. There was an undocumented change in that service pack where the FBA page does not require the domain\ - you can use the username only.

Simon.
0
 

Author Comment

by:jsyrakis
ID: 17891579
Actually I am using SP2 - Probem is I don't want to use FBA.

Anyone with ideas on why this occurs?

Thks
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 250 total points
ID: 17897873
Any reason why you don't want to use FBA? It is more secure than using the native Internet Explorer login.

The problem occurs when the default domain/default realm isn't set correctly. Exchange is designed to use domain\username as the login details. If you enter that at the start then it will always work.
If the default domain/realm isn't recognised then IE tries with the "domain" being the machine name, it takes the machine name from the URL. In much the same way that you can force authentication against a local account on a domain member by using machinename\username .

Simon.
0
 

Author Comment

by:jsyrakis
ID: 18028373
Thanks for the replies -

Even though no-one actually answered my question, cjtraman's suggestions of why I was prompted for the wrong domain was right, and sembee's suggestion of using FBA worked -

So I would propose to split the points guys. If there are no objections, I will do that in 48hrs.

Thanks
0
 
LVL 5

Accepted Solution

by:
cjtraman earned 250 total points
ID: 18029149
Since you have installed Exchange server in windows 2000 member server, when you provide user name alone to the OWA, it will try to use local server authentication. That is it will try to locate the domain user id in windows 2000 member server local SAM. You need to specifically add the domain name along with login id to enable the server to authenticate the domain user id in domain controller (your .local).
When you install the exchange server in domain controller, your requirement will be met.

As in SBS, you install DC, Exchange in single box, you were able to login to your OWA by giving the user name & password alone.

Hope it answers your question.
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18135262
That is one long stretch of 48 hours :)

*ping*

-red
0
 

Author Comment

by:jsyrakis
ID: 18266943
Sorry guys, but I was away and hadn't logged on for ages!
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18269933
Thanks for closing,

-red
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
how to add IIS SMTP to handle application/Scanner relays into office 365.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now