Solved

Force domain internal users to login when accessing outlook web access

Posted on 2006-11-08
5
527 Views
Last Modified: 2008-02-01
Since upgrading from an SBS2003 server to two servers running exchange and AD respectively, users now accessing OWA internally (within the domain) are no longer presented with a login screen, which allows them to put in a username and password.  Instead, it just logs on to whomever the user is logged on to with active directory.

Since admins need to check multiple email accounts using OWA, I would like to force each session to require a username and password.  Unchecking integrated Windows authentication in IIS on the exchange virtual web produces undesirable results.  Is there a different or better way to do this?

Thanks in advance.

0
Comment
Question by:stonenajem
5 Comments
 
LVL 9

Assisted Solution

by:MCPJoe
MCPJoe earned 250 total points
Comment Utility
You could enable forms based authentication which would cause OWA to bring up a web interface with a forms based logon box.  Its recommended to secure the IIS OWS site with SSL if its accessible from the internet, as passwords will be sent in plain text.  However, if your just using it internally, I've left it unsecured.  You can also customize and brand your OWA logon page if you really want to get into it.
0
 
LVL 9

Assisted Solution

by:MCPJoe
MCPJoe earned 250 total points
Comment Utility
0
 
LVL 22

Accepted Solution

by:
kristinaw earned 125 total points
Comment Utility
if they need to access multiple mailboxes, they could also just put the implicit url in the browser, i.e, http://server/exchange/mailboxa, http://server/exchange/mailboxb where mailboxb is the alias name they would login with if prompted for credentials.

hth,
Kris.
0
 
LVL 5

Assisted Solution

by:cjtraman
cjtraman earned 125 total points
Comment Utility
forms-based authentication can be enabled for your requirement. You can use Microsoft Certificate server to create SSL certificate to be installed in Default web site serving exchange web folders. By installing your own certificate, you need not have to pay to third party certificate authorities.
0
 

Author Comment

by:stonenajem
Comment Utility
All worked well.  Thanks everyone.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
how to add IIS SMTP to handle application/Scanner relays into office 365.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now