Tennessee_Pride
asked on
OWA and RPC over HTTP with Exchange 2003 and ISA 2006
I have an exchange server 2003 sp2 and ISA 2006 sp1 and a certificate from verisign set up for webmail.tnpride.com and an internal DNS domain of corp.tnpride.com.
Exchange Virtual directory has the certificate installed and exported out and into the ISA personal certificate store. the http protocol on the exchange is set to HTML forms auth with no compression.
the OWA rule is set to
Allow https from anywhere to webmail.tnpride.com (IP address 146.1.55.123) Forward headers appears to come from server.
Traffic tab is https no check for 128 bit
Listener is on all ip's, Connections is SSL 443, Cert is webmail, Auth is HTTP(Basic) LDAP,
The problem Ive run into so far is the only way I can get the authentication to work is set up the listener with the webmail cert to use HTTP Authentication which brings up a challenge popup and then the form authentication. If I set the listener to use HTML Forms and use the custom exchange ISA form, it brings up the ISA Outlook page but never logs in. If I dont use the custom exchange it sends me ti the ISA server login form. So as of now I can get OWA to work using only http authentication and not forms. I had some rules set up earlier that worked with the same cert that worked fine and silly me didnt get a backup of it before diddling around. go to webmail.tnpride.com/exchan
. I created an RPC over HTTP rule using the same listener as a seperate rule
Exchange Virtual directory has the certificate installed and exported out and into the ISA personal certificate store. the http protocol on the exchange is set to HTML forms auth with no compression.
the OWA rule is set to
Allow https from anywhere to webmail.tnpride.com (IP address 146.1.55.123) Forward headers appears to come from server.
Traffic tab is https no check for 128 bit
Listener is on all ip's, Connections is SSL 443, Cert is webmail, Auth is HTTP(Basic) LDAP,
The problem Ive run into so far is the only way I can get the authentication to work is set up the listener with the webmail cert to use HTTP Authentication which brings up a challenge popup and then the form authentication. If I set the listener to use HTML Forms and use the custom exchange ISA form, it brings up the ISA Outlook page but never logs in. If I dont use the custom exchange it sends me ti the ISA server login form. So as of now I can get OWA to work using only http authentication and not forms. I had some rules set up earlier that worked with the same cert that worked fine and silly me didnt get a backup of it before diddling around. go to webmail.tnpride.com/exchan
. I created an RPC over HTTP rule using the same listener as a seperate rule
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Keith Alabaster
If you enable forms authentication on ISA, you have to disable forms on Exchange. You cannot have forms-authentication on both ISA and Exchange simultaneously.
Fair enough I suppose