Solved

Some mailboxes can not access OWA

Posted on 2006-11-27
12
236 Views
Last Modified: 2010-03-06
I have exchange 2k3 running with OWA, out of about 30 mailboxes they can all access by logging into web interface but there are 3 users who can not log in, it looks as if their password is wrong but it's not?

Any ideas?

Andrew
0
Comment
Question by:andrew_2706
12 Comments
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 100 total points
ID: 18019255
Hi andrew_2706,
Are all your domain controllers replicating correctly?



PeteLong
0
 
LVL 20

Accepted Solution

by:
ikm7176 earned 100 total points
ID: 18019256
Did you checked the users permission in ADUC ?
Go to ADUC->user's properties-> Exchange Features Tab. Make sure that the users have permissions to access the OWA Protocol.
 
If still unresolved, do post the error here.

cheers !!
0
 
LVL 31

Assisted Solution

by:LeeDerbyshire
LeeDerbyshire earned 100 total points
ID: 18019337
This usually means that the affected users do not have an email address in the same domain as everyone else.  It seems strange, but the default OWA installation can only access mailboxes in the Primary SMTP domain (in the Default Recip Policy).  If the affected users don't have an email address in this domain, you will need to add such an address to their accounts.  It doesn't have to be their primary SMTP address, though - it just needs to be in the list.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 16

Assisted Solution

by:poweruser32
poweruser32 earned 100 total points
ID: 18019867
did you try using domain/username for authenticating?
0
 

Author Comment

by:andrew_2706
ID: 18020174
I have checked:
All domain controllers are replicating correctly and up to date.
The users permissions are set to enable in the ADUC.
The Users have the correct email address on the correct domain.

Just tried changing the authentication from ESM but its greyed out in the OWA access tab?

Andrew.
0
 

Author Comment

by:andrew_2706
ID: 18020189
Sorry, was in the wrong window for the OWA access, in now, the anon access is ticked, basic auth is ticked and the digest and integrated boxes are unticked?
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 100 total points
ID: 18020644
Which folder were you checking for authentication?

The only folder that should have anonymous authentication enabled is /exchweb. No others should have anonymous access enabled.

Simon.
0
 

Author Comment

by:andrew_2706
ID: 18021595
I have checked in IIS, the exchweb is set to anon access and the exchange directory has not got anon on now. the anon is not on in esm for exchange now. still got 3 users who cant log in. i set up a couple of new ones and it works fine, really cant understand it? also reset passwords in ad.??
0
 
LVL 31

Assisted Solution

by:LeeDerbyshire
LeeDerbyshire earned 100 total points
ID: 18021723
What happens when they try to log in?  Any error messages displayed?  Does the logon box keep popping up?  Do you use Forms-based Auth?  If so, does it help if you turn it off temporarily?
0
 

Author Comment

by:andrew_2706
ID: 18021846
It just pops up the login box time after time and then after 3 attempts it says Error: Access is Denied.
I'm not using forms based auth.    
0
 
LVL 31

Assisted Solution

by:LeeDerbyshire
LeeDerbyshire earned 100 total points
ID: 18022078
I'm pretty sure that if it isn't accepting the logon, then either the credentials are wrong (but you already checked this) or you are running Win2000 server (hence IIS5) with Basic Auth and the users don't have the logon locally right on the OWA server.  I'm not sure why this would affect only a few users - perhaps you have a security group for your OWA users.  Try turning off Basic for a while, and using Integrated, and see if it makes any diff.
0
 

Author Comment

by:andrew_2706
ID: 18097007
It was in AD, Accounts Tab, Log On To Option, was restricted to logging on to their own pc only.

Thanks for all your help - it was a right nightmare!

Andrew.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question