OWA Error

Posted on 2011-09-18
Last Modified: 2012-05-12
I'm trying to setup a new Exchange 2010 server into an existing 2003 environment. I'm using the self signed certificate to test internal access to Exchange and running into problems. When I try to connect to the default site I get the expected certificate probelm and continue to the website, I get the Welcome to IIS7 page. Then if I use the /OWA site it comes up with the expected cert problem / continue, then I get a Windows domain login screen (not the OWA login screen) after a valid UN/PW the page shows "Your request couldn't be completed because no server with the correct security settings was found to handle the request".  Any ideas would be appreciated.
Question by:technosavy
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
LVL 40

Expert Comment

ID: 36557750
For what you're seeing on the login screen, I would say this is because you haven't enabled Forms Based Authentication.

What roles does this new Exchange server hold?  CAS, HT, MBX or some combination?

Author Comment

ID: 36557818
I enabled Forms Based Authentication on the default site, but still same results. The server is using CAS, HT and MBX roles.
LVL 40

Expert Comment

ID: 36558062
Do you mean you enabled FBA through IIS Management for the default site?

Please look at this to enable FBA for OWA
This page has a bit more of walk-through:
Remember to modify the ECP virtual directory to match the authentication settings you configure for the OWA virtual directory.

Is the mailbox you're trying to sign on to on the Exchange 2003 server or the 2010.  There are some steps to go through so that the two will coexist.
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

LVL 40

Expert Comment

ID: 36558095
Maybe I should back up a bit just to be clear.  Correctly setting up FBA will give you login screen you're accustomed to, but it is not behind the error you are seeing.  In fact you may want to skip the FBA setup until the rest is working.

Most likely you need to configure the -Exchange2003URL property on the OWA virtual directory for your 2010 CAS.  This will be something like
Set-OWAVirtualDirectory -Identity \owa -Exchange2003URL
The reason for this is that Exchange 2003 used a different virtual directory for OWA than 2010 does (/Exchange vs. /OWA).

Author Comment

ID: 36558160
The article on setting FBA worked, I get the forms based login for OWA, I set it for ECP as well. I still get the IIS7 Welcome page though if I just go to the root of the default site. Isn't that supposed to be just for email access only?

I like the idea of -Identity of the legacy server, I'm a little hesitant to set that. Does that mean we can get to both the 2003 and 2010 server? Also, we don't have our legacy set to use https ,just http ;  is that going to be a problem?

We don't have any mailboxes setup on the 2010 server yet.
LVL 40

Expert Comment

ID: 36558511
The root of the site won't redirect to OWA unless you set that up, either with settings in IIS or with a webpage that does the redirect for you.

Yes, you would be able to use the URL for 2010 CAS/OWA to access both the 2010 and 2003 Exchange.  What actually happens is that the CAS will redirect the client to the 2003 OWA site if the mailbox is on the 2003 Exchange.  As far as not using a certificate on the 2003 side, I'm not positive it will create a problem, but I'm leaning towards "Yes".  And I strongly urge you to use SSL if there's going to be any access from the internet.  However, give it a try, you can always change it, and since nothing is on the 2010 box, even if you royally mess things up you can just wipe it out and start from scratch.  :)

If you set up a test user with an account on the 2010 Exchange, you should be able to log on to the 2010 OWA site with it.

Of course another option (depending on your number of users) is to migrate all your mailboxes over to the 2010 Mailbox server in one shot, then you don't have to worry about maintaining access to the 2003 server.  Please reference and for further instructions and examples.
LVL 40

Accepted Solution

footech earned 500 total points
ID: 36558563
BTW, if you want some more information on the nitty-gritty behind the proxy/redirection features when using OWA in different scenarios you can reference this:
It was written with 2007 co-existence w/ 2003 in mind, but the concepts still apply.

Author Closing Comment

ID: 36570461
Thanks for the Excellant Support.

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question