Solved

Some mailboxes can not access OWA

Posted on 2006-11-27
12
214 Views
Last Modified: 2010-03-06
I have exchange 2k3 running with OWA, out of about 30 mailboxes they can all access by logging into web interface but there are 3 users who can not log in, it looks as if their password is wrong but it's not?

Any ideas?

Andrew
0
Comment
Question by:andrew_2706
12 Comments
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 100 total points
ID: 18019255
Hi andrew_2706,
Are all your domain controllers replicating correctly?



PeteLong
0
 
LVL 20

Accepted Solution

by:
ikm7176 earned 100 total points
ID: 18019256
Did you checked the users permission in ADUC ?
Go to ADUC->user's properties-> Exchange Features Tab. Make sure that the users have permissions to access the OWA Protocol.
 
If still unresolved, do post the error here.

cheers !!
0
 
LVL 31

Assisted Solution

by:LeeDerbyshire
LeeDerbyshire earned 100 total points
ID: 18019337
This usually means that the affected users do not have an email address in the same domain as everyone else.  It seems strange, but the default OWA installation can only access mailboxes in the Primary SMTP domain (in the Default Recip Policy).  If the affected users don't have an email address in this domain, you will need to add such an address to their accounts.  It doesn't have to be their primary SMTP address, though - it just needs to be in the list.
0
 
LVL 16

Assisted Solution

by:poweruser32
poweruser32 earned 100 total points
ID: 18019867
did you try using domain/username for authenticating?
0
 

Author Comment

by:andrew_2706
ID: 18020174
I have checked:
All domain controllers are replicating correctly and up to date.
The users permissions are set to enable in the ADUC.
The Users have the correct email address on the correct domain.

Just tried changing the authentication from ESM but its greyed out in the OWA access tab?

Andrew.
0
 

Author Comment

by:andrew_2706
ID: 18020189
Sorry, was in the wrong window for the OWA access, in now, the anon access is ticked, basic auth is ticked and the digest and integrated boxes are unticked?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 100 total points
ID: 18020644
Which folder were you checking for authentication?

The only folder that should have anonymous authentication enabled is /exchweb. No others should have anonymous access enabled.

Simon.
0
 

Author Comment

by:andrew_2706
ID: 18021595
I have checked in IIS, the exchweb is set to anon access and the exchange directory has not got anon on now. the anon is not on in esm for exchange now. still got 3 users who cant log in. i set up a couple of new ones and it works fine, really cant understand it? also reset passwords in ad.??
0
 
LVL 31

Assisted Solution

by:LeeDerbyshire
LeeDerbyshire earned 100 total points
ID: 18021723
What happens when they try to log in?  Any error messages displayed?  Does the logon box keep popping up?  Do you use Forms-based Auth?  If so, does it help if you turn it off temporarily?
0
 

Author Comment

by:andrew_2706
ID: 18021846
It just pops up the login box time after time and then after 3 attempts it says Error: Access is Denied.
I'm not using forms based auth.    
0
 
LVL 31

Assisted Solution

by:LeeDerbyshire
LeeDerbyshire earned 100 total points
ID: 18022078
I'm pretty sure that if it isn't accepting the logon, then either the credentials are wrong (but you already checked this) or you are running Win2000 server (hence IIS5) with Basic Auth and the users don't have the logon locally right on the OWA server.  I'm not sure why this would affect only a few users - perhaps you have a security group for your OWA users.  Try turning off Basic for a while, and using Integrated, and see if it makes any diff.
0
 

Author Comment

by:andrew_2706
ID: 18097007
It was in AD, Accounts Tab, Log On To Option, was restricted to logging on to their own pc only.

Thanks for all your help - it was a right nightmare!

Andrew.
0

Featured Post

The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

Join & Write a Comment

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now