OWA issue on single machine, 401.2 errors in IIS
Posted on 2009-05-19
We have Exchange 2003 w\ SP2 running on Server 2003 SP2, single server environment.
We have 70+ users that can use OWA, all of them work (afaik).
On one laptop running XP SP2 & IE8 we cannot get logged into OWA no matter what user account we try, also it doesn't matter whether we try to access explicitly or implicitly (specifying user @ end of URL). Both Firefox AND IE fail to login, additionally IE7 did the same before upgrading to IE8. This happens both inside the corporate network local to the exchange server and externally.
In the IIS6 logs on the server i get the following line:
2009-05-19 15:34:51 W3SVC1 <SERVERNAMEHERE> 10.1.1.1 GET /exchange/ - 80 - 10.1.1.26 HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) - - <VIRTUALSERVERURLHERE> 401 2 2148074254 345 226 187
I've looked up IIS 401.2 and it comes back as an authentication error, however this user has all the rights they need. And as i elluded to above they CAN login to OWA from other machines.
This laptop is a nondomain personal pc, and has had spyware/malware (vundo.h) issues before. However i believe it to be clean at this time, a full mbam comes back clean. One issue we had at that time was that it kept configuring proxy server settings which would kill internet access. I've read that proxy server settings can cause IIS to return a 401.2, however at this time they do not appear to be set and HiJackThis doesnt list any Proxy Server settings.
I found a guide on how to return OWAs IIS directory authentication back to default state by deleting and recreating and i've done so, with no luck.
On other machines, that arent using automatic domain login of course, the login box pops up immediately. On this laptop the login box takes upto 2 minutes to come up, then once credentials are submitted it takes another two minutes to timeout.
So i guess i've got something corrupt in the OS, possibly relating to Integrated Windows Auth or maybe Proxy Server crap left over? I really dont want to have to format this laptop.
Any ideas here?