Solved

CWA 401.2 Error

Posted on 2009-07-09
2
685 Views
Last Modified: 2013-11-29
When I attempt to access the CWA URL I'm presented with the following
error:
HTTP Error 401.2 - Unauthorized: Access is denied due to server
configuration.
Internet Information Services (IIS)

I have gone through the removal and re-installation of the
Communicator Web Access role multiple times and the issue persists.
The system is a 64-bit Windows 2003 server dedicated to the CWA role;
no other OCS roles are running on this system.  Doing some
troubleshooting I've discovered that if I add the default DOMAIN
\CWAService account to the local Administrators group CWA renders
without an issue and I'm able to log into it without issue.  It is
only when DOMAIN\CWAService is a standard user, which I believe is the
default, is when the issue happens.  This points me in the direction
of a security / permissions issue, but where?

I'm not seeing any events in the event log that would indicate any
type of issue loading the cwaauth.dll ISAPI filter nor am I seeing
anything regarding permission failure.  Running filemon and regmon I
don't see any type of access denied errors.  I'm at a loss as to what
is causing this.  This is a fresh intall of OCS within an Exchange
2007 environment.  Any assistance would be much appreciated.  I don't
really want to run CWA as a local administrator to get this to work.

It should be noted that this is OCS R2.

Thanks.
-matt
0
Comment
Question by:TMCgroup
2 Comments
 
LVL 10

Expert Comment

by:abdulwrite
ID: 24903049
IIS 401.2 is pure authentication issue only. Check the authentication mode in IIS 6.0

Reason may be 1 : The service that is used for the IIS application pools on the CWA server was not a member of the RTCUniversalServerAdmins group, which in turn is a member of the local CWA server Administrators group.

0
 

Accepted Solution

by:
TMCgroup earned 0 total points
ID: 26054354
We ended up having to move this to IIS 7 with no resolution on IIS 6.0 after multiple efforts working with MS.
0

Featured Post

Being driven mad by email signature updates?

Having to make a change to your users’ email signatures, yet again? Feel like your head is going to explode? Rely on an Exclaimer email signature management solution to make the process simple!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

##the calculator has been updated to version 1.6 please download the use the updated version## Hi there, After the previous post of the original version of the calculator here : http://www.experts-exchange.com/articles/OS/Microsoft_Operatin…
On a regular basis I get questions about slow RDP performance, RDP connection problems, strange errors and even BSOD, remote computers freezing or restarting after initiation of a remote session. In a lot of this cases the quick solutions made b…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now