Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more


Exchange 5.5 OWA (only admins can log in)

Posted on 2008-10-07
Medium Priority
Last Modified: 2010-04-07
I have a Exchange 5.5 server running on Windows 2000 in a NT 4.0 Domain

My users can no longer log into OWA, only administrator accounts, they get a blank message prompt after the login prompt, the error message says nothing, then you click ok and the error says "The Exchange Servers is unavailable"

again if I log in as a member of the administrators group I can access OWA no problem

as far as I know there have not been any changes?
Question by:tkthelpdesk
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
LVL 31

Expert Comment

ID: 22659668
In IIS5 (i.e. on W2K server), Basic Auth (OWA 5.5 uses Basic Auth) requires that users have the Log On Locally right on the IIS server.  Do they still have that right?

Author Comment

ID: 22659958
OWA is hosted on IIS 5.0 is running on a seperate server than exchange (forgot to mention)

I have tried adding "everyone" to the Log on Locally setting.

I can't add the users because its NT and won't show up in the list of accounts so I added "everyone"

If possible to add the users in a NT domain on this server (how could I?)

also should these rights be added to both Exchange and the server hosting the OWA?

LVL 31

Expert Comment

ID: 22660001
It's only the IIS server that is affected by this.  Adding Everyone is usually sufficent.  The best way to make sure is to sit at the console of the IIS server, and try to log in as one of the affected users.  If the login prompt keeps appearing, they won't be able to use OWA.
Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal


Author Comment

ID: 22660194
I am able to log into the server running IIS hosting OWA

when I try and access the OWA site with the same account I get

first the landing page that wants you to type your profile

then the logon prompt (I enter a non admin user and password)

then I get a blank error message with no information (I click OK)

then I get "Failed to connect to the Exchange Server"
LVL 31

Expert Comment

ID: 22660228
The best place to look first (and it's often overlooked) is the built-in owa troubleshooting text.  Try going to http://servername/exchange/tshoot.asp

Author Comment

ID: 22660307
Failed to Connect to the Microsoft Exchange Server <servername>
This is another error message you may receive when you attempt to log on to a mailbox through the Outlook Web Access client. Use the following checklist to troubleshoot this error:
 Should these permission checks etc be done on the EXCHANGE server or the web server hosting OWA?
LVL 31

Accepted Solution

LeeDerbyshire earned 1500 total points
ID: 22660381
The entire section refers to permissions on the IIS server.

Author Comment

ID: 22661398
ok I did the first part and made sure "domain users" have the right permissions on Exchsrvr\Webdata and Exchsrvr\Webtemp as it said

now I have some users who can access it and others that cannot

the users that can connect are in the domain users group, the users that cannot connect are in the domain users groups as well

should I just give "everyone" group the same access to these folders?

the error that some users get is different

the go to the landing page and enter there alias
the get the login prompt and enter there username and password
then they get a "receive 500 Internal Server Error" (which is different)

So I am halfway there it seems? I only did the permission changes on the webdata and webtemp folders, I did not do anything else since that seemed to get it working partially
LVL 31

Expert Comment

ID: 22668165
Is there anything else displayed, other than '500 - internal server error'?  That is a general status code which means that 'something went wrong with the application at the server end'.  There should be a more specific error code and description.  If not, make sure that your IE does not have 'Friendly HTTP Errors' enabled in the options.

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
how to add IIS SMTP to handle application/Scanner relays into office 365.

648 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question