Solved

How can I use active directory credentials to log on to OWA?

Posted on 2010-08-27
10
559 Views
Last Modified: 2012-05-10
I have one exchange 2003 server with OWA configured.  I want to be able to log on to OWA without having to enter a username and password when I'm already logged on to a domain computer.  

If I use the server name only it will passthrough authentication just fine, for instance https://EXCH01/exchange.  However if I use http://EXCH01.MYORG.MYDOMAIN.COM/exchange it prompts me for the User/Pass.

Both instances resolve to the same internal IP address and the reason I need the FQDN to work as passthrough is because I have a wildcard certificate that would allow my users to get right into their OWA mailbox without having to click OK to proceed with that ominous red bar on top that makes you feel like you did something wrong, lol.
0
Comment
Question by:fd1906
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33546359
Please check this guide on how to configure Pass through auth for 2003
http://www.msexchange.org/tutorials/Dual-Pass-Through-Authentication-Exchange-2003-Front-EndBack-End.html
0
 

Author Comment

by:fd1906
ID: 33546439
Thank you for your comment but I don't have a front-end/back-end set up.
0
 
LVL 13

Expert Comment

by:lastlostlast
ID: 33546689
Open IIS manager, Expand Default Web Site....

Go to the properties of 'Exchange virtual directory... move to 'Directory Security' tab and set the authentication to 'Integrated Windows authentication' and uncheck all other options...

P.S: You can only set 'Basic' and 'Integrated Windows Authentication' on Exchange virtual directory...

Perform an IISRESET once this is done and check OWA...

let us know how it goes.
0
 

Author Comment

by:fd1906
ID: 33546864
I tried that too... No dice.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33546897
0
Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

 
LVL 58

Accepted Solution

by:
tigermatt earned 250 total points
ID: 33547050

This all depends on the configuration of the BROWSER, not the server. The server will already be configured correctly since pass-through works for the direct URL https://servername/exchange.

You need to configure Internet Explorer to add your exch01.myorg.mydomain.com URL to the Local Intranet zone. By default, IE's security settings state that automatic logon will occur if the site is in the Local Intranet zone, but IE can't figure out that the FQDN exch01.myorg.mydomain.com is actually a server on your local Intranet (as far as it's concerned that's an Internet site).

You can assign that URL to the appropriate zone on a domain using Group Policy - look for the Site to Zone Assignment list option: http://technet.microsoft.com/en-us/library/bb457144.aspx

-Matt
0
 

Author Comment

by:fd1906
ID: 33547073
Matt, that makes total sense. Let me try and get back to you.
0
 

Author Comment

by:fd1906
ID: 33547192
That worked.  You're a genius.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33547201
Matt @ good one :)
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 33547749

Thanks, fd1906. Glad it worked out.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now