ndidomenico
asked on
Cannot access owa web page anymore on sbs2003
This morning, we are not able anymore to access OWA, either remotely or directly from the network. We get the OWA login page ok, but after entering the username and password, we get the following error:
"... The website declined to show this webpage. Most likely cause: This website requires you to log in"
"Information: The error (http 403 Forbidden) means that Internet Explorer was able to connect to the website, but it does not have permissions to view the webpage."
Any idea how to fix this ?
Note:Some tasks done before realizing this problem (in case it might help troubleshoot this issue):
1) Yesterday: We had to force the server to power off and reboot, and it seemed to have restarted properly. Any link with this event maybe...
2) Yesterday: Had to create a temporary web site in IIS to generate a CSR in order to purchase a SSL certificate from Verisign.
3) This morning: I installed Lansweeper this morning on the server. Install ran fine but could not access the web console after install completed. I then checked OWA and noticed it was not working either.
Thanks.
"... The website declined to show this webpage. Most likely cause: This website requires you to log in"
"Information: The error (http 403 Forbidden) means that Internet Explorer was able to connect to the website, but it does not have permissions to view the webpage."
Any idea how to fix this ?
Note:Some tasks done before realizing this problem (in case it might help troubleshoot this issue):
1) Yesterday: We had to force the server to power off and reboot, and it seemed to have restarted properly. Any link with this event maybe...
2) Yesterday: Had to create a temporary web site in IIS to generate a CSR in order to purchase a SSL certificate from Verisign.
3) This morning: I installed Lansweeper this morning on the server. Install ran fine but could not access the web console after install completed. I then checked OWA and noticed it was not working either.
Thanks.
ash007
In IIS manager go to properties of Default web site & go to Web site Tab & check if Enable Keep Http alive is checked if not plese check it
check the iis owa web properties and in security basic login is enabled
ASKER
ash007: keep http alive was already checked
jayasanker: which website name represents owa and that I should do the change: I have Exadmin, Exchange, exchange-oma and ExchWeb
I checked these 4 web sites and this is what I have under Security / Authentication:
Exadmin: Auth: Windows integrated - Default domain: ourdomainname
Exchange: Auth: basic - Default domain: \
Exchange-owa: Auth: windows integrated + basic - Default domain: \
Exchweb: Auth: none selected
I tried accessing most of the web sites I see in IIS manager and most of them work except for OWA. Here is the detail:
Works ok:
servername/backup, servername/clienthelp, servername/connectcomputer
Strange: servername/exchange-oma: loads OWA properly for the logged in user (administrator), but cannot change login
Works partially:
servername/exchange: get to the owa screen, enter user info, and the gets page not found error
servername/oma: sams as exchange
servername/public: same as exchange
Does not work:
servername/exchweb: https error 404: file not found
servername/exchweb: display is not authorized for this virtual folder
All the ones not working for OWA end up with an error where the page trying to be displayed is:
https://servername/exchweb/bin/auth/owaauth.dll
Hope this gives you some more info that might help.
jayasanker: which website name represents owa and that I should do the change: I have Exadmin, Exchange, exchange-oma and ExchWeb
I checked these 4 web sites and this is what I have under Security / Authentication:
Exadmin: Auth: Windows integrated - Default domain: ourdomainname
Exchange: Auth: basic - Default domain: \
Exchange-owa: Auth: windows integrated + basic - Default domain: \
Exchweb: Auth: none selected
I tried accessing most of the web sites I see in IIS manager and most of them work except for OWA. Here is the detail:
Works ok:
servername/backup, servername/clienthelp, servername/connectcomputer
Strange: servername/exchange-oma: loads OWA properly for the logged in user (administrator), but cannot change login
Works partially:
servername/exchange: get to the owa screen, enter user info, and the gets page not found error
servername/oma: sams as exchange
servername/public: same as exchange
Does not work:
servername/exchweb: https error 404: file not found
servername/exchweb: display is not authorized for this virtual folder
All the ones not working for OWA end up with an error where the page trying to be displayed is:
https://servername/exchweb/bin/auth/owaauth.dll
Hope this gives you some more info that might help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Isn't this a bit drastic at this point ? Nothing else that we can try or change to fix this before recreating OWA ?
If we go ahead and recreate owa:
1) Which web site name would I have to delete and recreate: exadmin, exchange, exchange-oma or exchweb
2) Any documentation you could provide me for doing this before I go ahead ?
Thanks
If we go ahead and recreate owa:
1) Which web site name would I have to delete and recreate: exadmin, exchange, exchange-oma or exchweb
2) Any documentation you could provide me for doing this before I go ahead ?
Thanks
ndidomenico,
Have you tried reversing the changes that you made in the last couple of days to see if that fixes the problem?
Do you have a pending SSL Cert request?
Have you tried running the CEICW?
Have you tried reversing the changes that you made in the last couple of days to see if that fixes the problem?
Do you have a pending SSL Cert request?
Have you tried running the CEICW?
ASKER
I do have a pending SSL Cert request that I created yesterday, following Verisign's procedure. Do you think that could have an impact ?
They had me create a temporary web site in IIS, and then generate a Cert request from that web site. I haven't sent this request yet to Verisifn, so I can cancel it if required. If I do so, should I also erase the temporary web site created for this ?
Thanks
They had me create a temporary web site in IIS, and then generate a Cert request from that web site. I haven't sent this request yet to Verisifn, so I can cancel it if required. If I do so, should I also erase the temporary web site created for this ?
Thanks
If the CSR isn't generated by your "Default Website" then maybe it shouldn't cause a problem - I have had issues in the past with a pending CA request for the default website.
Did you run the CEICW?
Also, if you haven't submitted the CSR then it's an easy 5-minute job to reverse those changes and run the CEICW to see if that fixes the problem.
Did you run the CEICW?
Also, if you haven't submitted the CSR then it's an easy 5-minute job to reverse those changes and run the CEICW to see if that fixes the problem.
It wouldn't surprise me if the other web site is the cause.
Did you put it on a unique port or host header? If not then the default web site is probably stopped or there is another problem with it.
With SBS the most common fix is to simply run the Connect to the Internet and Configure Email wizard, as that will correct most things.
Simon.
Did you put it on a unique port or host header? If not then the default web site is probably stopped or there is another problem with it.
With SBS the most common fix is to simply run the Connect to the Internet and Configure Email wizard, as that will correct most things.
Simon.
ASKER
Ok. I'll cancel the CSR and erase the temporary web site. Will running CEICW have any impact on the production server (logged in users, internet access, etc). I'm connected remotely using RDP and VPN (vpn handled by the router, not the SBS). Will that cut me out from the network when running CEICW ?
The CEICW can cause a very brief outage as it restarts some Windows services but you shouldn't notice any issues. Just make sure you get the settings correct :-).
I normally only make changes in the part of the wizard that I am dealing with and leave the rest set to no change (Do not change connection type etc).
I normally only make changes in the part of the wizard that I am dealing with and leave the rest set to no change (Do not change connection type etc).
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Resetting the OWA folders finally did the trick. I was expecting it to be a complex task to do, but in the end it was pretty straight forward. I'm awarding the points to ash007 for first pointing in that direction, and javasunker for providing the details about how to do it. Thanks to all the others who helped trying to troubleshoot this.