OWA Error

Posted on 2011-09-18
Medium Priority
Last Modified: 2012-05-12
I'm trying to setup a new Exchange 2010 server into an existing 2003 environment. I'm using the self signed certificate to test internal access to Exchange and running into problems. When I try to connect to the default site I get the expected certificate probelm and continue to the website, I get the Welcome to IIS7 page. Then if I use the /OWA site it comes up with the expected cert problem / continue, then I get a Windows domain login screen (not the OWA login screen) after a valid UN/PW the page shows "Your request couldn't be completed because no server with the correct security settings was found to handle the request".  Any ideas would be appreciated.
Question by:technosavy
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
LVL 40

Expert Comment

ID: 36557750
For what you're seeing on the login screen, I would say this is because you haven't enabled Forms Based Authentication.

What roles does this new Exchange server hold?  CAS, HT, MBX or some combination?

Author Comment

ID: 36557818
I enabled Forms Based Authentication on the default site, but still same results. The server is using CAS, HT and MBX roles.
LVL 40

Expert Comment

ID: 36558062
Do you mean you enabled FBA through IIS Management for the default site?

Please look at this to enable FBA for OWA
This page has a bit more of walk-through:
Remember to modify the ECP virtual directory to match the authentication settings you configure for the OWA virtual directory.

Is the mailbox you're trying to sign on to on the Exchange 2003 server or the 2010.  There are some steps to go through so that the two will coexist.
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

LVL 40

Expert Comment

ID: 36558095
Maybe I should back up a bit just to be clear.  Correctly setting up FBA will give you login screen you're accustomed to, but it is not behind the error you are seeing.  In fact you may want to skip the FBA setup until the rest is working.

Most likely you need to configure the -Exchange2003URL property on the OWA virtual directory for your 2010 CAS.  This will be something like
Set-OWAVirtualDirectory -Identity \owa -Exchange2003URL https://legacymail.example.com/exchange
The reason for this is that Exchange 2003 used a different virtual directory for OWA than 2010 does (/Exchange vs. /OWA).

Author Comment

ID: 36558160
The article on setting FBA worked, I get the forms based login for OWA, I set it for ECP as well. I still get the IIS7 Welcome page though if I just go to the root of the default site. Isn't that supposed to be just for email access only?

I like the idea of -Identity of the legacy server, I'm a little hesitant to set that. Does that mean we can get to both the 2003 and 2010 server? Also, we don't have our legacy set to use https ,just http ;  is that going to be a problem?

We don't have any mailboxes setup on the 2010 server yet.
LVL 40

Expert Comment

ID: 36558511
The root of the site won't redirect to OWA unless you set that up, either with settings in IIS or with a webpage that does the redirect for you.

Yes, you would be able to use the URL for 2010 CAS/OWA to access both the 2010 and 2003 Exchange.  What actually happens is that the CAS will redirect the client to the 2003 OWA site if the mailbox is on the 2003 Exchange.  As far as not using a certificate on the 2003 side, I'm not positive it will create a problem, but I'm leaning towards "Yes".  And I strongly urge you to use SSL if there's going to be any access from the internet.  However, give it a try, you can always change it, and since nothing is on the 2010 box, even if you royally mess things up you can just wipe it out and start from scratch.  :)

If you set up a test user with an account on the 2010 Exchange, you should be able to log on to the 2010 OWA site with it.

Of course another option (depending on your number of users) is to migrate all your mailboxes over to the 2010 Mailbox server in one shot, then you don't have to worry about maintaining access to the 2003 server.  Please reference http://technet.microsoft.com/en-us/library/ff805040.aspx and http://technet.microsoft.com/en-us/library/dd638130.aspx for further instructions and examples.
LVL 40

Accepted Solution

footech earned 2000 total points
ID: 36558563
BTW, if you want some more information on the nitty-gritty behind the proxy/redirection features when using OWA in different scenarios you can reference this:
It was written with 2007 co-existence w/ 2003 in mind, but the concepts still apply.

Author Closing Comment

ID: 36570461
Thanks for the Excellant Support.

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Suggested Courses
Course of the Month8 days, 15 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question