Solved

Windows Mobile IE unable to access Exchange 2007 OWA through ISA 2006 OWA Web Publishing

Posted on 2009-07-06
4
669 Views
Last Modified: 2012-05-07
Hi,

I've actually got quite a funny problem. I'm running Exchange 2007 with ISA 2006 doing my OWA Web Publishing for Internet-based connections. It seems to be working fine as I can access it from any internet based computers on IE, Opera, Safari and other Web Explorers as well.

From PDAs and only on Windows Mobile based PDAs, I cannot log in to the OWA site via the https://webmail.domain.com/owa link. The error that I get is:

Code: 401 Unauthorized. The server requires authentication to fulfill the request. Access to the Web Server is denied. Contact the server administrator. (12209)

However, from the same Windows Mobile based PDAs, if I use Opera to browse to the site, it works fine. Any suggestion guys cause I'm stumped.

Thanks in advance.

Ricky
0
Comment
Question by:pepelepew8
  • 2
4 Comments
 
LVL 23

Expert Comment

by:debuggerau
ID: 24791849
do you have site certificates loaded that need to be copied into the phone?
0
 
LVL 3

Expert Comment

by:Sourabh-Excahnge
ID: 24792268
Hi,
In the ISA Server MMC
- on the left side
- go to the properties of the server / array
- go to the "Incoming Web Requests" Tab
- uncheck the box "Ask unauthenticated users for identification"

Thanks,
SAM
0
 
LVL 1

Author Comment

by:pepelepew8
ID: 24800240
Hi Sam,

The solution which you provided was actually applicable to ISA Server 2000 only. I've already seen the MS article which you were looking at. As I'm running ISA Server 2006, the Incoming Web Request tab isn't even there.

Ricky
0
 
LVL 1

Accepted Solution

by:
pepelepew8 earned 0 total points
ID: 25085423
Decided to call GTEC Support for this. Enclosed is the resolution steps presented by Microsoft to solve this problem:

In Live meeting, we have following findings:
l      Your ISA is 2006.
l      The listener of OWA publish rule is using HTML Form based authentication.
l      You have a HTTP 401 error on mobile phone.

This scenario matches a known issue. The cause is that xHTML template is not available for Exchange template on ISA.

To fix this issue, we can copy the xHTML template from the default template to the Exchange template:
1.      Create a new folder, for example, Cust1, under \CookieAuthTemplates.
2.      Copy cHTML and xHTML folder from \CookieAuthTemplates\ISA into \CookieAuthTemplates\Cust1.
3.      Copy HTML folder from \CookieAuthTemplates\Exchange into \CookieAuthTemplates\Cust1.
4.      In ISA management console, right-click on the publishing rule, and select Properties.
5.      Select Application Settings tab and change the HTML form dir from Exchange to Cust1.
6.      Apply the change.
7.      You MUST restart ISA firewall service after the change.
8.      After the change, Windows CE mobile clients should also get a login form.

For later devices with Windows Mobile 5.0 AKU3 or later, after the change, client
may still encounter HTTP 500 error. This is caused by a known issue in the FBA
filter handling user-agent string. To resolve this issue, we may force ISA to
provide HTML4 template to these devices by running the following script:

'BEGIN OF SCRIPT
Dim root
Set root = CreateObject("FPC.Root")

Dim array
Dim userAgentMappings
Dim userAgentMapping
Dim order

Set array = root.Arrays(1)
Set userAgentMappings = array.RuleElements.UserAgentMappings

'Remove the agent if already exists
On Error Resume Next
userAgentMappings.Remove("*IEMobile*")

Set userAgentMapping = userAgentMappings.Add("*IEMobile*", 0)

Set order = userAgentMapping.order
userAgentMappings.MoveUp(order)

WScript.Echo userAgentMapping.UserAgent & " Order = " & userAgentMapping.order

While userAgentMapping.order > 1
userAgentMappings.MoveUp(userAgentMapping.order)
WScript.Echo "Order = " & userAgentMapping.order
Wend

userAgentMappings.Save
'END OF SCRIPT
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question