Solved

OWA authentication/login screen

Posted on 2007-11-30
11
3,273 Views
Last Modified: 2008-02-01
Ok I've read through all related articles out there and still can't seem to get this one.

SBS2003 Server running Exchange SP2.

I simply want the users to use https:\\sbs2003\exchange ....have them login to owa via the graphical logon page.  

FYI- At our own office we have rolled out the same config SBS2003 and exchange SP2 and everything works fine....however I configured it over a year ago and now forget what i did LOL.

At my customers here is what we are experiencing.

My problem is that owa is accessible by http:\\sbs2003\exchange and prompts an authentication box (not the graphical interface).  I know about the "forms based authentication check box"  this has been done and yes I have restarted IIS and even the entire server.  Secondly I want to use SSL ie:  https:\\sbs2003\exchange.

I have read a ton of MS articles with no success....

Thanks in advance


0
Comment
Question by:j-teksolutions
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 1

Expert Comment

by:ankitmehra
ID: 20382257
Hi as you have mentioned it is SBS server..

Please check the following permission on the virtual directories under IIS.

Virtual Directory:               Authentication type :
Exchange                          Only basic authentication
Exchweb                           Only anonymous
Bin under Exchweb           Only anonymous
Public folder                       Only basic authentication

After checking the above mentioned permissions , uncheck the box for form based authentication, click ok and then restart IIS service and then again check the boc and restart IIS.

Cheers !!

Ankit
0
 
LVL 13

Expert Comment

by:cshepfam
ID: 20382362
0
 
LVL 1

Expert Comment

by:ankitmehra
ID: 20382414
yes I have the things which I have mentioned are specifically for form based authentication not working. SSL is ofcourse achived the way it has been mentioned in the article.

Do you have any question in regards to the article. ?
0
Office 365 Advanced Training for Admins

Special Offer:  Buy 1 course, get 2nd free!  Buy the 'Managing Office 365 Identities & Requirements' course w/ Accelerated TestPrep, and automatically receive the 'Enabling Office 365 Services' course FREE!

 
LVL 104

Expert Comment

by:Sembee
ID: 20383570
You don't get FBA without SSL. Therefore if the users are entering http://server/exchange they will not see the Forms Based Page.

De-select forms based authentication in ESM and then close ESM. In a command prompt type IISRESET. After that has finished verify that OWA works correctly. If it does, enable FBA again and run IISRESET once again.

Simon.
0
 

Author Comment

by:j-teksolutions
ID: 20383863
Simon thanks...will try asap.... in terms of SSL..... in our server (not the problem server at our customer's)  ssl seems to be working.....we do get a "cannot verify certificate" warning...but we always skip through and it still works....

On the customer server....is there a simple method to enable this type of SSL...without going out to the net to purchase an official cert?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20383995
Well I would recommend that the home grown certificate is removed and replaced with a commercial certificate. I have outlined my reasons here: http://www.sembee.co.uk/archive/2006/03/05/9.aspx

When you can get a commercial certificate for US$20 - US$60 depending on source it seems silly to continue to have to deal with the certificate prompts.

Simon.
0
 

Author Comment

by:j-teksolutions
ID: 20384010
very silly ....can you provide a link to a fast ssl provider at a decent price?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20384026
I tend to suggest RapidSSL to begin with as they have a 30 day trial certificate which you can use to test things. Longer term then you could look at GoDaddy (http://www.certificatesforexchange.com/) as their certificates are trusted by Windows Mobile 5 and higher or RapidSSL again. Both sets of certificates are trusted by most desktop browsers.

Simon.
0
 

Author Comment

by:j-teksolutions
ID: 20384036
thanks....you are fast..... upon success I will award the points.  Let you know.
0
 

Author Comment

by:j-teksolutions
ID: 20384811
Simon.... problem solved!! however.... there is an additional issue.... the temp cert (30 day from rapidssl)  is installed.

I still get the "there is a problem with the certificate" error...... I even tried the same temp ssl process on our server and it did not get me past the above cert error.

?  When registering the cert in the wizard...... the domain,  how should it be inserted?
www.ourdomain.com  ,   ourdomain ,  ourdomain.com ,  http://ourdomain.com ,    ?? perhaps this is the problem....
0
 
LVL 104

Accepted Solution

by:
Sembee earned 250 total points
ID: 20386676
What did you choose?
The common name should be the name that you are going to use outside.
Normally that would be something like mail.domain.com. I don't suggest domain.com only, nor do I suggest www.domain.com.
No http, / anything, just the FQDN in the format above.

If you want the same name to work internally then you will need to setup a split DNS system. http://www.amset.info/netadmin/split-dns.asp

Simon.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Find out what you should include to make the best professional email signature for your organization.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question