Solved

OWA Error

Posted on 2011-09-18
8
658 Views
Last Modified: 2012-05-12
I'm trying to setup a new Exchange 2010 server into an existing 2003 environment. I'm using the self signed certificate to test internal access to Exchange and running into problems. When I try to connect to the default site I get the expected certificate probelm and continue to the website, I get the Welcome to IIS7 page. Then if I use the /OWA site it comes up with the expected cert problem / continue, then I get a Windows domain login screen (not the OWA login screen) after a valid UN/PW the page shows "Your request couldn't be completed because no server with the correct security settings was found to handle the request".  Any ideas would be appreciated.
0
Comment
Question by:technosavy
  • 5
  • 3
8 Comments
 
LVL 39

Expert Comment

by:footech
ID: 36557750
For what you're seeing on the login screen, I would say this is because you haven't enabled Forms Based Authentication.

What roles does this new Exchange server hold?  CAS, HT, MBX or some combination?
0
 

Author Comment

by:technosavy
ID: 36557818
I enabled Forms Based Authentication on the default site, but still same results. The server is using CAS, HT and MBX roles.
0
 
LVL 39

Expert Comment

by:footech
ID: 36558062
Do you mean you enabled FBA through IIS Management for the default site?

Please look at this to enable FBA for OWA
http://technet.microsoft.com/en-us/library/aa998867.aspx
This page has a bit more of walk-through:
http://exchangeserverpro.com/exchange-server-2010-outlook-web-app-authentication-settings
Remember to modify the ECP virtual directory to match the authentication settings you configure for the OWA virtual directory.

Is the mailbox you're trying to sign on to on the Exchange 2003 server or the 2010.  There are some steps to go through so that the two will coexist.
0
 
LVL 39

Expert Comment

by:footech
ID: 36558095
Maybe I should back up a bit just to be clear.  Correctly setting up FBA will give you login screen you're accustomed to, but it is not behind the error you are seeing.  In fact you may want to skip the FBA setup until the rest is working.

Most likely you need to configure the -Exchange2003URL property on the OWA virtual directory for your 2010 CAS.  This will be something like
Set-OWAVirtualDirectory -Identity \owa -Exchange2003URL https://legacymail.example.com/exchange
The reason for this is that Exchange 2003 used a different virtual directory for OWA than 2010 does (/Exchange vs. /OWA).
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:technosavy
ID: 36558160
The article on setting FBA worked, I get the forms based login for OWA, I set it for ECP as well. I still get the IIS7 Welcome page though if I just go to the root of the default site. Isn't that supposed to be just for email access only?

I like the idea of -Identity of the legacy server, I'm a little hesitant to set that. Does that mean we can get to both the 2003 and 2010 server? Also, we don't have our legacy set to use https ,just http ;  is that going to be a problem?

We don't have any mailboxes setup on the 2010 server yet.
0
 
LVL 39

Expert Comment

by:footech
ID: 36558511
The root of the site won't redirect to OWA unless you set that up, either with settings in IIS or with a webpage that does the redirect for you.

Yes, you would be able to use the URL for 2010 CAS/OWA to access both the 2010 and 2003 Exchange.  What actually happens is that the CAS will redirect the client to the 2003 OWA site if the mailbox is on the 2003 Exchange.  As far as not using a certificate on the 2003 side, I'm not positive it will create a problem, but I'm leaning towards "Yes".  And I strongly urge you to use SSL if there's going to be any access from the internet.  However, give it a try, you can always change it, and since nothing is on the 2010 box, even if you royally mess things up you can just wipe it out and start from scratch.  :)

If you set up a test user with an account on the 2010 Exchange, you should be able to log on to the 2010 OWA site with it.

Of course another option (depending on your number of users) is to migrate all your mailboxes over to the 2010 Mailbox server in one shot, then you don't have to worry about maintaining access to the 2003 server.  Please reference http://technet.microsoft.com/en-us/library/ff805040.aspx and http://technet.microsoft.com/en-us/library/dd638130.aspx for further instructions and examples.
0
 
LVL 39

Accepted Solution

by:
footech earned 500 total points
ID: 36558563
BTW, if you want some more information on the nitty-gritty behind the proxy/redirection features when using OWA in different scenarios you can reference this:
http://blogs.technet.com/b/exchange/archive/2007/02/07/3399727.aspx
It was written with 2007 co-existence w/ 2003 in mind, but the concepts still apply.
0
 

Author Closing Comment

by:technosavy
ID: 36570461
Thanks for the Excellant Support.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now