Solved

How can I use active directory credentials to log on to OWA?

Posted on 2010-08-27
10
566 Views
Last Modified: 2012-05-10
I have one exchange 2003 server with OWA configured.  I want to be able to log on to OWA without having to enter a username and password when I'm already logged on to a domain computer.  

If I use the server name only it will passthrough authentication just fine, for instance https://EXCH01/exchange.  However if I use http://EXCH01.MYORG.MYDOMAIN.COM/exchange it prompts me for the User/Pass.

Both instances resolve to the same internal IP address and the reason I need the FQDN to work as passthrough is because I have a wildcard certificate that would allow my users to get right into their OWA mailbox without having to click OK to proceed with that ominous red bar on top that makes you feel like you did something wrong, lol.
0
Comment
Question by:fd1906
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33546359
Please check this guide on how to configure Pass through auth for 2003
http://www.msexchange.org/tutorials/Dual-Pass-Through-Authentication-Exchange-2003-Front-EndBack-End.html
0
 

Author Comment

by:fd1906
ID: 33546439
Thank you for your comment but I don't have a front-end/back-end set up.
0
 
LVL 13

Expert Comment

by:lastlostlast
ID: 33546689
Open IIS manager, Expand Default Web Site....

Go to the properties of 'Exchange virtual directory... move to 'Directory Security' tab and set the authentication to 'Integrated Windows authentication' and uncheck all other options...

P.S: You can only set 'Basic' and 'Integrated Windows Authentication' on Exchange virtual directory...

Perform an IISRESET once this is done and check OWA...

let us know how it goes.
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 

Author Comment

by:fd1906
ID: 33546864
I tried that too... No dice.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33546897
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 250 total points
ID: 33547050

This all depends on the configuration of the BROWSER, not the server. The server will already be configured correctly since pass-through works for the direct URL https://servername/exchange.

You need to configure Internet Explorer to add your exch01.myorg.mydomain.com URL to the Local Intranet zone. By default, IE's security settings state that automatic logon will occur if the site is in the Local Intranet zone, but IE can't figure out that the FQDN exch01.myorg.mydomain.com is actually a server on your local Intranet (as far as it's concerned that's an Internet site).

You can assign that URL to the appropriate zone on a domain using Group Policy - look for the Site to Zone Assignment list option: http://technet.microsoft.com/en-us/library/bb457144.aspx

-Matt
0
 

Author Comment

by:fd1906
ID: 33547073
Matt, that makes total sense. Let me try and get back to you.
0
 

Author Comment

by:fd1906
ID: 33547192
That worked.  You're a genius.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33547201
Matt @ good one :)
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 33547749

Thanks, fd1906. Glad it worked out.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question