OWA issue on single machine, 401.2 errors in IIS
We have Exchange 2003 w\ SP2 running on Server 2003 SP2, single server environment.
We have 70+ users that can use OWA, all of them work (afaik).
On one laptop running XP SP2 & IE8 we cannot get logged into OWA no matter what user account we try, also it doesn't matter whether we try to access explicitly or implicitly (specifying user @ end of URL). Both Firefox AND IE fail to login, additionally IE7 did the same before upgrading to IE8. This happens both inside the corporate network local to the exchange server and externally.
In the IIS6 logs on the server i get the following line:
2009-05-19 15:34:51 W3SVC1 <SERVERNAMEHERE> 10.1.1.1 GET /exchange/ - 80 - 10.1.1.26 HTTP/1.1 Mozilla/4.0+(compatible;+M
I've looked up IIS 401.2 and it comes back as an authentication error, however this user has all the rights they need. And as i elluded to above they CAN login to OWA from other machines.
This laptop is a nondomain personal pc, and has had spyware/malware (vundo.h) issues before. However i believe it to be clean at this time, a full mbam comes back clean. One issue we had at that time was that it kept configuring proxy server settings which would kill internet access. I've read that proxy server settings can cause IIS to return a 401.2, however at this time they do not appear to be set and HiJackThis doesnt list any Proxy Server settings.
I found a guide on how to return OWAs IIS directory authentication back to default state by deleting and recreating and i've done so, with no luck.
On other machines, that arent using automatic domain login of course, the login box pops up immediately. On this laptop the login box takes upto 2 minutes to come up, then once credentials are submitted it takes another two minutes to timeout.
So i guess i've got something corrupt in the OS, possibly relating to Integrated Windows Auth or maybe Proxy Server crap left over? I really dont want to have to format this laptop.
Any ideas here?
We have 70+ users that can use OWA, all of them work (afaik).
On one laptop running XP SP2 & IE8 we cannot get logged into OWA no matter what user account we try, also it doesn't matter whether we try to access explicitly or implicitly (specifying user @ end of URL). Both Firefox AND IE fail to login, additionally IE7 did the same before upgrading to IE8. This happens both inside the corporate network local to the exchange server and externally.
In the IIS6 logs on the server i get the following line:
2009-05-19 15:34:51 W3SVC1 <SERVERNAMEHERE> 10.1.1.1 GET /exchange/ - 80 - 10.1.1.26 HTTP/1.1 Mozilla/4.0+(compatible;+M
I've looked up IIS 401.2 and it comes back as an authentication error, however this user has all the rights they need. And as i elluded to above they CAN login to OWA from other machines.
This laptop is a nondomain personal pc, and has had spyware/malware (vundo.h) issues before. However i believe it to be clean at this time, a full mbam comes back clean. One issue we had at that time was that it kept configuring proxy server settings which would kill internet access. I've read that proxy server settings can cause IIS to return a 401.2, however at this time they do not appear to be set and HiJackThis doesnt list any Proxy Server settings.
I found a guide on how to return OWAs IIS directory authentication back to default state by deleting and recreating and i've done so, with no luck.
On other machines, that arent using automatic domain login of course, the login box pops up immediately. On this laptop the login box takes upto 2 minutes to come up, then once credentials are submitted it takes another two minutes to timeout.
So i guess i've got something corrupt in the OS, possibly relating to Integrated Windows Auth or maybe Proxy Server crap left over? I really dont want to have to format this laptop.
Any ideas here?
ASKER
Ya the PC's host file is blank except localhost.
And ya the server & user account is obviously fine, its just the laptop having the issue.
I get what you are saying about personal PCs on the corporate network. Typically it is used outside the network, but it doesnt matter cause the problem exists either way. I really really dont want to have to format this PC. Its one of the Owner's, you know how that can go. Plus everything else seems to be working good again now, just cant figure out this last problem.
And ya the server & user account is obviously fine, its just the laptop having the issue.
I get what you are saying about personal PCs on the corporate network. Typically it is used outside the network, but it doesnt matter cause the problem exists either way. I really really dont want to have to format this PC. Its one of the Owner's, you know how that can go. Plus everything else seems to be working good again now, just cant figure out this last problem.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ya i've tried reinstalling IE7 (along with updates and the malicious software removal tool), but that didnt help at all. After reinstalling IE7 with no luck, i tried IE8 AND FireFox 3 also with no luck.
I fear as you mentioned that corruption has set in at the OS level. But i think its isloated to this one issue.
Is there a good way to make sure all proxy server settings are gone? I;ve looked in IE of course and HiJackThis doesnt list any proxies.
Is there any way to verify that NTLM/Integrated Windows Auth is working correctly as it pertains to OWA? I know that this laptop CAN login to sharepoint that is hosted on the same server, if that helps any...
Any other ideas?
I fear as you mentioned that corruption has set in at the OS level. But i think its isloated to this one issue.
Is there a good way to make sure all proxy server settings are gone? I;ve looked in IE of course and HiJackThis doesnt list any proxies.
Is there any way to verify that NTLM/Integrated Windows Auth is working correctly as it pertains to OWA? I know that this laptop CAN login to sharepoint that is hosted on the same server, if that helps any...
Any other ideas?
This may be a dumb question but have you tried using IE's "Reset Internet Explorer settings" tool? You can find it in Tools, Internet Options, Advanced tab.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've tried the Reset Internet Explorer Settings, with no luck.
No we aren't using forms based authentication, i can try using that to see if it works on this one machine. But if that does work it still doesn't really tell me why this one particular PC cant login with the current server configuration when it seems all others work fine. I know all the domain PCs plus alot of other employee's personal home computers are able to login to OWA just fine, its just this one.
I've also run sfc /scannow, but it didnt return anything.
Is a repair install the next step?
No we aren't using forms based authentication, i can try using that to see if it works on this one machine. But if that does work it still doesn't really tell me why this one particular PC cant login with the current server configuration when it seems all others work fine. I know all the domain PCs plus alot of other employee's personal home computers are able to login to OWA just fine, its just this one.
I've also run sfc /scannow, but it didnt return anything.
Is a repair install the next step?
ASKER
Ok, so i fixed this by doing a repair install. Not sure what the problem was exactly obviously, but all works fine now. Thanks for all the help.
Please award points.
ASKER
Thanks again for all the help, the solution i took ended up being a standard repair install (as i posted). While grandebob offered lots of suggestions, he didnt mention that one (i feel like i'm splitting hairs here tho, i mean the guy did offer good accurate troubleshooting). But nevertheless as requested i have awarded points.
Thanks for the points/update. EE gives the ability to split points among multiple answers, and award a grade based on the quality of the answer.
Glad things worked out for you, cheers.
Glad things worked out for you, cheers.
Check the PC's host file, see if spyware has messed it up. Personally, I would wipe the computer, or since it's a personal computer, have the owner wipe it, or take it some where to get wiped. I would under no circumstances hook a users personal PC up to my corprate network.