Solved

Configuring OWA on Exchange 2003

Posted on 2007-12-03
26
2,306 Views
Last Modified: 2008-09-05
I've been searching all over for a good guide for setting up OWA on an Exchange 2003 server. Every place I look seems to indicate that it's on by default, but it doesn't seem to work for me. This is true, so far, at both my site and a clients' site. I get "The webpage cannot be found" on my system - probably because of all the mucking around I've done trying to get it to work. At my client's site. I get an authorization problem, if I recall correctly. Does anyone have a good list of what I should check to get this working? (And I haven't even addressed SSL yet!)
0
Comment
Question by:d0ughb0y
  • 13
  • 10
  • 2
  • +1
26 Comments
 
LVL 16

Expert Comment

by:2PiFL
ID: 20400457
Does this help:
Configurations for OWA to work with SSL
Install Exchange 2003 on the front-end server and configure as a front-end server.
Install the SSL certificate as instructed by Verisign
Open Internet Services Manager
Right-click the Default web site, and then click Properties.
Click the Directory Security tab.
Under Secure communications, click Edit.
Click to select the Require secure channel(SSL) check box.
Ignore client certificates should be selected
Return to the  Directory Security tab and click the Edit button under Authentication access control
Check Enable Anonymous access
Default domain and Realm should both be Dorner.com

Reference: Microsoft knowledge base article 3203291

Enabling Automatic Redirection of OWA HTTP requests to HTTPS
Obtain Microsoft knowledge base article 279681
Before following the article create a virtual directory under the Default web site as follows:
1.      Open Internet Services Manager
2.      Right-click the Default web site, and then click Properties.
3.      Select New>Virtual directory
4.      Set the Alias to OWAasp
5.      On the path screen click the Browse button
6.      Browse to C:\INETPUB\WWWROOT
7.      Click the Make New Folder button
8.      Name the folder OWAasp
9.      Click Next>Next>Finish
Follow the knowledge base article
Note: Make sure you do not miss the note that instructs you to not require SSL on the OWAasp folder.
Additional steps required for Exchange 2003.
1.      Bring up the Properties page for the OWAasp virtual directory
2.      On the Virtual Directory tab look for the Application pool drop-down selection box
3.      Select ExchangeApplicationPool  and click OK.


Simplifying the OWA URL
This will allow users to skip typing the /Exchange part of the URL
Using the Internet Services Manager open the properties for the Default Web Site.
Click the Home Directory tab, and then select A redirection to a URL.
In Redirect to, type /exchange, and then click A directory below this one.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20401738
Before you do any of the above, which is not required for OWA operation, you need to get the core application to work.
It should work and be enabled out of the box. However if you have pulled changing settings then you should reset it.

Use this KB article to reset the virtual directories.
http://support.microsoft.com/default.aspx?kbid=883380
If you have an SSL certificate, require SSL or anything like that enabled, remove them.

Then you should be able to go to http://server/exchange and OWA should load.

Simon.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20403098
Start the IIS Manager on the server.  If you expand the Default Web Site, do you see a Virtual Directory named Exchange?  If so, what happens if you right-click it, and select 'Browse'?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 8

Author Comment

by:d0ughb0y
ID: 20488505
Sorry it took so long to respond. When I select the Exchange site from under the Default Web Site, and browse, it tells me that the webpage cannot be found.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20488640
That is clearly very strange.  Is the Default Web Site configured to use a port other than 80 for TCP requests?  Has it been configured to require SSL?
0
 
LVL 8

Author Comment

by:d0ughb0y
ID: 20488677
Nope. Using ports 80 and 443 for clear and SSL, respectively. Authentication is set to enable anon access as well as Integrated Windows auth and Digest auth. There is an SSL certificate installed, but the Require Secure Channel (SSL) is not checked. I suppose I could remove it, but I will want to put it back at some point.
0
 
LVL 8

Author Comment

by:d0ughb0y
ID: 20489364
FYI, I removed the certificate, and hence the requirement for SSL, I think. Still no change.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20492192
You say Anonymous Access is enabled - is that on just the Default Web Site, or on the Exchange VDir, too?  Exchange should have only Basic and Integrated enabled.  Digest Auth messes things up, and Anonymous is definitely not correct.
0
 
LVL 8

Author Comment

by:d0ughb0y
ID: 20509002
The Default site has these permissions:
* Anonymous, using the IUSR_SERVERNAME account and password
* Integrated Windows auth
* Digest auth for Windows domain servers

Exchange has these permissions:
* Integrated Windows auth
* Basic auth
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20509060
Can you access the Default Web Site on the server, by going to http://servername ?  You should see an 'Under Construction' page, unless you replaced it with something else.
0
 
LVL 8

Author Comment

by:d0ughb0y
ID: 20510890
The Default site says "The page must be viewed over a secure channel". When I try to use https, the response is "Internet Explorer cannot display the webpage"
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20511000
That sounds like a suspect SSL certificate. Is the SSL certificate a home grown certificate or a purchased one?

Simon.
0
 
LVL 8

Author Comment

by:d0ughb0y
ID: 20511680
Ok, I checked and although the cert was gone, I had forgotten to remove the SSL requirement for the Default Site. I can now browse to the default site, but still not to http://servername/exchange. I get a 404 error.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20511737
Do you have Forms-based Authentication enabled?  If so, and you haven't set the 'Active Server Pages' Web Services Extension to 'Allowed', then this produces a confusing '404 - Not Found' error.

Also, if you  don't have an SMTP email address (check your ADUC record) in the primary SMTP Domain listed in you Default Recipient Policy (check ESM), then you will also get the same error.
0
 
LVL 8

Author Comment

by:d0ughb0y
ID: 20513454
Ok, please excuse my extreme ignorance on this - my background's in networking, not web - but where do I check for Forms-base auth, etc? I just looked through all the tabs, and couldn't find that.

As for the SMTP email address, I want to make sure we talking about the same things here. My default recipient policy has an SMTP address associated - it's just "@<mydomain>.com" - is that what you're talking about?
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20513489
You can check FBA in Exchange System Manager.  Go to Servers/<server>/Protocols/HTTP and look at the properties of the Default HTTP Virtual Server.  Is the Forms-Based Auth checkbox enabled?

If you have @yourdomain.com as the Primary SMTP domain in your Recipient Policy, then your users must have SMTP addresses in that domain (i.e. user@yourdomain.com), otherwise OWA will not work for them.
0
 
LVL 8

Author Comment

by:d0ughb0y
ID: 20513539
Thanks - I knew I'd seen the FBA setting somewhere before. It isn't checked, although it probably should be... but let's jump off one bridge at a time.

As for the SMTP settings, that's fine. Addresses ARE within the primary domain.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20513578
No need to select FBA, unless you want to.  It's just an option.

Can you try using OWA again, wait a few minutes, and then open the server's current IIS log file in Notepad.  Let us know what is logged when the attempt is made.
0
 
LVL 8

Author Comment

by:d0ughb0y
ID: 20516416
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2007-12-21 18:39:47
#Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2007-12-21 18:39:47 W3SVC1 192.168.28.21 GET /_vti_bin/owssvr.dll - 80 - 192.168.28.21 Microsoft-CryptoAPI/5.131.3790.3959 404 0 64
2007-12-21 18:39:47 W3SVC1 192.168.28.21 GET /_vti_bin/owssvr.dll - 80 - 192.168.28.21 Microsoft-CryptoAPI/5.131.3790.3959 404 0 0
2007-12-21 18:39:47 W3SVC1 192.168.28.21 GET /_vti_bin/owssvr.dll - 80 - 192.168.28.21 Microsoft-CryptoAPI/5.131.3790.3959 404 0 64
2007-12-21 18:39:47 W3SVC1 192.168.28.21 GET /_vti_bin/owssvr.dll - 80 - 192.168.28.21 Microsoft-CryptoAPI/5.131.3790.3959 404 0 0
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20516427
Is there no entry that contains
GET /exchange - 80 - 192.168.28.21
?
0
 
LVL 8

Author Comment

by:d0ughb0y
ID: 20523064
Nothing says GET /exchange
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20551166
Sorry for the delay, but I'm totally baffled by all this.  You can get to the Default Web Site okay, and you can even see the Exchange VDir under the DWS in IIS Manager.  But if you try to go to http://server/exchange nothing is even logged in the IIS log?

Does the Public Folders VDir work okay if you go to http://server/public ?
0
 
LVL 8

Author Comment

by:d0ughb0y
ID: 20552976
It's okay - I appreciate the help you're providing, even if it does take a little bit of time.

Going to http://server/public does not work. The webpage cannot be found. OMA and ActiveSync don't work either.

I'm thinking this is a Basics-issue, meaning something is fundamentally wrong with the installation. But I don't know what, and I'd really rather not do anything quite as drastic as uninstall and reinstall Exchange on the server. It does work for Outlook clients.

I'm also pretty baffled here - but that's not saying much.
0
 
LVL 8

Author Comment

by:d0ughb0y
ID: 20553009
I just checked some things again, and did notice something that I didn't seem to mention here: At some point, browsing to the DWS started working again. Something we did fixed that part. It doesn't go to Under Construction, but rather to the SharePoint Home Team Site - so yes, that does mean that SharePoint is installed as well. I still can't browse the Exchange site or pretty much anything else under the DWS.
0
 
LVL 31

Accepted Solution

by:
LeeDerbyshire earned 500 total points
ID: 20553213
There are issues with OWA/Sharepoint coexistence.  Look for Exchange Server 2003 here:
http://office.microsoft.com/en-us/help/HA011607771033.aspx
0
 
LVL 8

Author Comment

by:d0ughb0y
ID: 20557713
ARGH!!! *That* would have been nice to know before I installed SharePoint! That was it, Lee. Now I've got to reconfigure the certificate, etc. but that's fine. Thanks for all your help!
0

Featured Post

Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question