We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

OWA keeps prompting me for username/password unless I change (already filled-in but wrong domain)

jsyrakis
jsyrakis asked
on
Medium Priority
607 Views
Last Modified: 2008-02-01
I have two Windows 2003 servers - one DC and the otherone running Exchange 2003 SP1

My problem is  that using the permissions for Virtual Folders, when logging in to OWA I get this prompt (not using FBA):

Username: mail.hostname.net\myself
Password:

Please note that my domain is mail.hostname.local and not .net, which is only used for the e-mail addresses -

If I change the username to DOMAIN\myself, I can log in without problems -

Virtual Folder Config:
exchange - Integrated, Basic, Domain: DOMAIN
public - Integrated, Basic, Domain: DOMAIN
exchweb - Anonymous

If I remove Integrated from BOTH System Manager and IIS for Exchange and Public, I can login using just my username - Problem is then that accessing public folders from System Manager, pops up a login window -

I cannot understand how the suggested domain defaults to .net when Integrated is on! It's not listed anywhere, while I have specifically put the domain name for each of the folders in IIS!

Any ideas?

Thanks
Comment
Watch Question

Irwin SantosComputer Integration Specialist

Commented:
was there a need not to use FBA?

Here's a way to modify it....

http://www.msexchange.org/tutorials/Customizing-OWA-2003-Forms-Based-Authentication-Logon.html

Commented:
Since you are connecting using the hostname.net URL, the authentication would have prompted you with the hostname.net\user id. However, you can the domain part to your original domain name and login to your OWA. For forms based authentication (more secured way), use the above URL.

Author

Commented:
Thanks for your comment cjtraman,

Indeed the domain is inserted before the username for the reason you mentioned (Gets copied from the URL I use to login) -

Now the only remaining thing is why I cannot login using just my username (as happens on a completely different SBS 2003 server I have)?

As I mentioned above removing Integrated Authentication from both System Manager and IIS allows me to login with just my username, but then breaks System Manager's access to Public Folders by popping-up a login prompt when clicking on one of them -

As I have said, I have filled the Domain part in both Exchange and Public virtual directories, to no result!
Expert of the Year 2007
Expert of the Year 2006

Commented:
Any reason why you are not on Exchange 2003 SP2?
If you updated to that service pack, then enabled forms based authentication you would not need to put in the domain\ in the username to login. There was an undocumented change in that service pack where the FBA page does not require the domain\ - you can use the username only.

Simon.

Author

Commented:
Actually I am using SP2 - Probem is I don't want to use FBA.

Anyone with ideas on why this occurs?

Thks
Expert of the Year 2007
Expert of the Year 2006
Commented:
Any reason why you don't want to use FBA? It is more secure than using the native Internet Explorer login.

The problem occurs when the default domain/default realm isn't set correctly. Exchange is designed to use domain\username as the login details. If you enter that at the start then it will always work.
If the default domain/realm isn't recognised then IE tries with the "domain" being the machine name, it takes the machine name from the URL. In much the same way that you can force authentication against a local account on a domain member by using machinename\username .

Simon.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Thanks for the replies -

Even though no-one actually answered my question, cjtraman's suggestions of why I was prompted for the wrong domain was right, and sembee's suggestion of using FBA worked -

So I would propose to split the points guys. If there are no objections, I will do that in 48hrs.

Thanks
Commented:
Since you have installed Exchange server in windows 2000 member server, when you provide user name alone to the OWA, it will try to use local server authentication. That is it will try to locate the domain user id in windows 2000 member server local SAM. You need to specifically add the domain name along with login id to enable the server to authenticate the domain user id in domain controller (your .local).
When you install the exchange server in domain controller, your requirement will be met.

As in SBS, you install DC, Exchange in single box, you were able to login to your OWA by giving the user name & password alone.

Hope it answers your question.
CERTIFIED EXPERT

Commented:
That is one long stretch of 48 hours :)

*ping*

-red

Author

Commented:
Sorry guys, but I was away and hadn't logged on for ages!
CERTIFIED EXPERT

Commented:
Thanks for closing,

-red
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.