Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 802
  • Last Modified:

Exchange 2003 OWA requires re authentication to read attachment

Exchange 2003 OWA requires re authentication to read attachment but if you cancel the login request, the atachemnet (excel in the example) opens normally. I have researched this for several hours but cannot find a clear solution. There are many posts about it but none of them appear to have a solution. I've found that there have been requests for the IIS log file so I am including a snippet from that log file. I've compared the directory security tabs in the default website and the BIN directory to a known working server at another site and they appear to be the same. The server in question is running server 2003 SP 1, Exchange server 2003 SP2 IIS 6.0
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727;+InfoPath.2;+.NET+CLR+1.1.4322;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.30) 200 0 0
2009-04-28 20:42:36 W3SVC1 192.168.11.10 GET /exchange/russl/Inbox/Emailing:+RUSS+2009.xls-4.EML/RUSS+2009.xls/C58EA28C-18C0-4a97-9AF2-036E93DDAFB3/RUSS+2009.xls attach=1 80 TFA\russl 192.168.11.106 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727;+InfoPath.2;+.NET+CLR+1.1.4322;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.30) 200 0 0
2009-04-28 20:42:36 W3SVC1 192.168.11.10 OPTIONS /exchange/russl/Inbox/Emailing:+RUSS+2009.xls-4.EML/RUSS+2009.xls/C58EA28C-18C0-4a97-9AF2-036E93DDAFB3/ - 80 - 192.168.11.106 Microsoft+Office+Protocol+Discovery 401 2 2148074254
2009-04-28 20:42:39 W3SVC1 192.168.11.10 HEAD /exchange/russl/Inbox/Emailing:+RUSS+2009.xls-4.EML/RUSS+2009.xls/C58EA28C-18C0-4a97-9AF2-036E93DDAFB3/RUSS+2009.xls attach=1 80 - 192.168.11.106 Microsoft+Office+Existence+Discovery 401 2 2148074254
0
IronsideSecurity
Asked:
IronsideSecurity
  • 2
1 Solution
 
MesthaCommented:
There is no single solution to this.
I usually start with a reset of the virtual directories.
http://support.microsoft.com/default.aspx?kbid=883380

Then work from there as that usually resolves it.

Simon.
0
 
Sourabh-ExcahngeCommented:
Office Protocol Discovery uses a standard HTTP 1.1 OPTIONS command. Web servers
that do not handle this command cannot support full read/write access in Office
2003. This is expected and is by design.
{ 2009-04-28 20:42:36 W3SVC1 192.168.11.10 OPTIONS /exchange/russl/Inbox/Emailing:+RUSS+2009.xls-4.EML/RUSS+2009.xls/C58EA28C-18C0-4a97-9AF2-036E93DDAFB3/ - 80 - 192.168.11.106 Microsoft+Office+Protocol+Discovery 401 2 2148074254 }
OWA does require authentication for the OPTIONS command. You would not want to
change the permissions to allow browse/list. This would open up the mail store to
all users. The portion of the IIS log you sent to me, shows where the users are
using the Microsoft Office Protocol Discovery protocol and confirms this is the
exact root cause.

1. Enable Forms Based Authentication (FBA) as it stores the user's name and password
in a cookie instead of in the browser which is more secure.
2. Type your user name and your password, click to select the Remember my password
check box, and then click OK.
0
 
IronsideSecurityAuthor Commented:
Sourabh,  looks like you are dead on, I just verifed the issue on another client's server. I'm going to be out of the country next week. When I get back, well convert to FBA and I'll let you know how I make out.
0
 
IronsideSecurityAuthor Commented:
I finally got around to finishing this last week. FBA resolved the issue, Thanks!
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now