Solved

OWA authentication/login screen

Posted on 2007-11-30
11
3,226 Views
Last Modified: 2008-02-01
Ok I've read through all related articles out there and still can't seem to get this one.

SBS2003 Server running Exchange SP2.

I simply want the users to use https:\\sbs2003\exchange ....have them login to owa via the graphical logon page.  

FYI- At our own office we have rolled out the same config SBS2003 and exchange SP2 and everything works fine....however I configured it over a year ago and now forget what i did LOL.

At my customers here is what we are experiencing.

My problem is that owa is accessible by http:\\sbs2003\exchange and prompts an authentication box (not the graphical interface).  I know about the "forms based authentication check box"  this has been done and yes I have restarted IIS and even the entire server.  Secondly I want to use SSL ie:  https:\\sbs2003\exchange.

I have read a ton of MS articles with no success....

Thanks in advance


0
Comment
Question by:j-teksolutions
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 1

Expert Comment

by:ankitmehra
ID: 20382257
Hi as you have mentioned it is SBS server..

Please check the following permission on the virtual directories under IIS.

Virtual Directory:               Authentication type :
Exchange                          Only basic authentication
Exchweb                           Only anonymous
Bin under Exchweb           Only anonymous
Public folder                       Only basic authentication

After checking the above mentioned permissions , uncheck the box for form based authentication, click ok and then restart IIS service and then again check the boc and restart IIS.

Cheers !!

Ankit
0
 
LVL 13

Expert Comment

by:cshepfam
ID: 20382362
0
 
LVL 1

Expert Comment

by:ankitmehra
ID: 20382414
yes I have the things which I have mentioned are specifically for form based authentication not working. SSL is ofcourse achived the way it has been mentioned in the article.

Do you have any question in regards to the article. ?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20383570
You don't get FBA without SSL. Therefore if the users are entering http://server/exchange they will not see the Forms Based Page.

De-select forms based authentication in ESM and then close ESM. In a command prompt type IISRESET. After that has finished verify that OWA works correctly. If it does, enable FBA again and run IISRESET once again.

Simon.
0
 

Author Comment

by:j-teksolutions
ID: 20383863
Simon thanks...will try asap.... in terms of SSL..... in our server (not the problem server at our customer's)  ssl seems to be working.....we do get a "cannot verify certificate" warning...but we always skip through and it still works....

On the customer server....is there a simple method to enable this type of SSL...without going out to the net to purchase an official cert?
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 104

Expert Comment

by:Sembee
ID: 20383995
Well I would recommend that the home grown certificate is removed and replaced with a commercial certificate. I have outlined my reasons here: http://www.sembee.co.uk/archive/2006/03/05/9.aspx

When you can get a commercial certificate for US$20 - US$60 depending on source it seems silly to continue to have to deal with the certificate prompts.

Simon.
0
 

Author Comment

by:j-teksolutions
ID: 20384010
very silly ....can you provide a link to a fast ssl provider at a decent price?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20384026
I tend to suggest RapidSSL to begin with as they have a 30 day trial certificate which you can use to test things. Longer term then you could look at GoDaddy (http://www.certificatesforexchange.com/) as their certificates are trusted by Windows Mobile 5 and higher or RapidSSL again. Both sets of certificates are trusted by most desktop browsers.

Simon.
0
 

Author Comment

by:j-teksolutions
ID: 20384036
thanks....you are fast..... upon success I will award the points.  Let you know.
0
 

Author Comment

by:j-teksolutions
ID: 20384811
Simon.... problem solved!! however.... there is an additional issue.... the temp cert (30 day from rapidssl)  is installed.

I still get the "there is a problem with the certificate" error...... I even tried the same temp ssl process on our server and it did not get me past the above cert error.

?  When registering the cert in the wizard...... the domain,  how should it be inserted?
www.ourdomain.com  ,   ourdomain ,  ourdomain.com ,  http://ourdomain.com ,    ?? perhaps this is the problem....
0
 
LVL 104

Accepted Solution

by:
Sembee earned 250 total points
ID: 20386676
What did you choose?
The common name should be the name that you are going to use outside.
Normally that would be something like mail.domain.com. I don't suggest domain.com only, nor do I suggest www.domain.com.
No http, / anything, just the FQDN in the format above.

If you want the same name to work internally then you will need to setup a split DNS system. http://www.amset.info/netadmin/split-dns.asp

Simon.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now