Solved

OWA authentication/login screen

Posted on 2007-11-30
11
3,215 Views
Last Modified: 2008-02-01
Ok I've read through all related articles out there and still can't seem to get this one.

SBS2003 Server running Exchange SP2.

I simply want the users to use https:\\sbs2003\exchange ....have them login to owa via the graphical logon page.  

FYI- At our own office we have rolled out the same config SBS2003 and exchange SP2 and everything works fine....however I configured it over a year ago and now forget what i did LOL.

At my customers here is what we are experiencing.

My problem is that owa is accessible by http:\\sbs2003\exchange and prompts an authentication box (not the graphical interface).  I know about the "forms based authentication check box"  this has been done and yes I have restarted IIS and even the entire server.  Secondly I want to use SSL ie:  https:\\sbs2003\exchange.

I have read a ton of MS articles with no success....

Thanks in advance


0
Comment
Question by:j-teksolutions
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 1

Expert Comment

by:ankitmehra
Comment Utility
Hi as you have mentioned it is SBS server..

Please check the following permission on the virtual directories under IIS.

Virtual Directory:               Authentication type :
Exchange                          Only basic authentication
Exchweb                           Only anonymous
Bin under Exchweb           Only anonymous
Public folder                       Only basic authentication

After checking the above mentioned permissions , uncheck the box for form based authentication, click ok and then restart IIS service and then again check the boc and restart IIS.

Cheers !!

Ankit
0
 
LVL 13

Expert Comment

by:cshepfam
Comment Utility
0
 
LVL 1

Expert Comment

by:ankitmehra
Comment Utility
yes I have the things which I have mentioned are specifically for form based authentication not working. SSL is ofcourse achived the way it has been mentioned in the article.

Do you have any question in regards to the article. ?
0
 
LVL 104

Expert Comment

by:Sembee
Comment Utility
You don't get FBA without SSL. Therefore if the users are entering http://server/exchange they will not see the Forms Based Page.

De-select forms based authentication in ESM and then close ESM. In a command prompt type IISRESET. After that has finished verify that OWA works correctly. If it does, enable FBA again and run IISRESET once again.

Simon.
0
 

Author Comment

by:j-teksolutions
Comment Utility
Simon thanks...will try asap.... in terms of SSL..... in our server (not the problem server at our customer's)  ssl seems to be working.....we do get a "cannot verify certificate" warning...but we always skip through and it still works....

On the customer server....is there a simple method to enable this type of SSL...without going out to the net to purchase an official cert?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 104

Expert Comment

by:Sembee
Comment Utility
Well I would recommend that the home grown certificate is removed and replaced with a commercial certificate. I have outlined my reasons here: http://www.sembee.co.uk/archive/2006/03/05/9.aspx

When you can get a commercial certificate for US$20 - US$60 depending on source it seems silly to continue to have to deal with the certificate prompts.

Simon.
0
 

Author Comment

by:j-teksolutions
Comment Utility
very silly ....can you provide a link to a fast ssl provider at a decent price?
0
 
LVL 104

Expert Comment

by:Sembee
Comment Utility
I tend to suggest RapidSSL to begin with as they have a 30 day trial certificate which you can use to test things. Longer term then you could look at GoDaddy (http://www.certificatesforexchange.com/) as their certificates are trusted by Windows Mobile 5 and higher or RapidSSL again. Both sets of certificates are trusted by most desktop browsers.

Simon.
0
 

Author Comment

by:j-teksolutions
Comment Utility
thanks....you are fast..... upon success I will award the points.  Let you know.
0
 

Author Comment

by:j-teksolutions
Comment Utility
Simon.... problem solved!! however.... there is an additional issue.... the temp cert (30 day from rapidssl)  is installed.

I still get the "there is a problem with the certificate" error...... I even tried the same temp ssl process on our server and it did not get me past the above cert error.

?  When registering the cert in the wizard...... the domain,  how should it be inserted?
www.ourdomain.com  ,   ourdomain ,  ourdomain.com ,  http://ourdomain.com ,    ?? perhaps this is the problem....
0
 
LVL 104

Accepted Solution

by:
Sembee earned 250 total points
Comment Utility
What did you choose?
The common name should be the name that you are going to use outside.
Normally that would be something like mail.domain.com. I don't suggest domain.com only, nor do I suggest www.domain.com.
No http, / anything, just the FQDN in the format above.

If you want the same name to work internally then you will need to setup a split DNS system. http://www.amset.info/netadmin/split-dns.asp

Simon.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Resolve DNS query failed errors for Exchange
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now