Solved

Windows Mobile IE unable to access Exchange 2007 OWA through ISA 2006 OWA Web Publishing

Posted on 2009-07-06
4
667 Views
Last Modified: 2012-05-07
Hi,

I've actually got quite a funny problem. I'm running Exchange 2007 with ISA 2006 doing my OWA Web Publishing for Internet-based connections. It seems to be working fine as I can access it from any internet based computers on IE, Opera, Safari and other Web Explorers as well.

From PDAs and only on Windows Mobile based PDAs, I cannot log in to the OWA site via the https://webmail.domain.com/owa link. The error that I get is:

Code: 401 Unauthorized. The server requires authentication to fulfill the request. Access to the Web Server is denied. Contact the server administrator. (12209)

However, from the same Windows Mobile based PDAs, if I use Opera to browse to the site, it works fine. Any suggestion guys cause I'm stumped.

Thanks in advance.

Ricky
0
Comment
Question by:pepelepew8
  • 2
4 Comments
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
do you have site certificates loaded that need to be copied into the phone?
0
 
LVL 3

Expert Comment

by:Sourabh-Excahnge
Comment Utility
Hi,
In the ISA Server MMC
- on the left side
- go to the properties of the server / array
- go to the "Incoming Web Requests" Tab
- uncheck the box "Ask unauthenticated users for identification"

Thanks,
SAM
0
 
LVL 1

Author Comment

by:pepelepew8
Comment Utility
Hi Sam,

The solution which you provided was actually applicable to ISA Server 2000 only. I've already seen the MS article which you were looking at. As I'm running ISA Server 2006, the Incoming Web Request tab isn't even there.

Ricky
0
 
LVL 1

Accepted Solution

by:
pepelepew8 earned 0 total points
Comment Utility
Decided to call GTEC Support for this. Enclosed is the resolution steps presented by Microsoft to solve this problem:

In Live meeting, we have following findings:
l      Your ISA is 2006.
l      The listener of OWA publish rule is using HTML Form based authentication.
l      You have a HTTP 401 error on mobile phone.

This scenario matches a known issue. The cause is that xHTML template is not available for Exchange template on ISA.

To fix this issue, we can copy the xHTML template from the default template to the Exchange template:
1.      Create a new folder, for example, Cust1, under \CookieAuthTemplates.
2.      Copy cHTML and xHTML folder from \CookieAuthTemplates\ISA into \CookieAuthTemplates\Cust1.
3.      Copy HTML folder from \CookieAuthTemplates\Exchange into \CookieAuthTemplates\Cust1.
4.      In ISA management console, right-click on the publishing rule, and select Properties.
5.      Select Application Settings tab and change the HTML form dir from Exchange to Cust1.
6.      Apply the change.
7.      You MUST restart ISA firewall service after the change.
8.      After the change, Windows CE mobile clients should also get a login form.

For later devices with Windows Mobile 5.0 AKU3 or later, after the change, client
may still encounter HTTP 500 error. This is caused by a known issue in the FBA
filter handling user-agent string. To resolve this issue, we may force ISA to
provide HTML4 template to these devices by running the following script:

'BEGIN OF SCRIPT
Dim root
Set root = CreateObject("FPC.Root")

Dim array
Dim userAgentMappings
Dim userAgentMapping
Dim order

Set array = root.Arrays(1)
Set userAgentMappings = array.RuleElements.UserAgentMappings

'Remove the agent if already exists
On Error Resume Next
userAgentMappings.Remove("*IEMobile*")

Set userAgentMapping = userAgentMappings.Add("*IEMobile*", 0)

Set order = userAgentMapping.order
userAgentMappings.MoveUp(order)

WScript.Echo userAgentMapping.UserAgent & " Order = " & userAgentMapping.order

While userAgentMapping.order > 1
userAgentMappings.MoveUp(userAgentMapping.order)
WScript.Echo "Order = " & userAgentMapping.order
Wend

userAgentMappings.Save
'END OF SCRIPT
0

Featured Post

Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now