OWA 403 forbidden after reboot of server.

We had a mailflow issue this morning with our exchange front end. I rebooted it and fixed the problem. But now when we go to our OWA site we are getting a 403 Forbidden error. If I start the address with HTTPS it works but doesn't do the correct redirect when we type in just the host and domain like it used to.  I'm sure it is just an easy setting change but I haven't been able to find a solution to my exact issue.


Thanks
nocalertsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

LeeDerbyshireCommented:
The 403 error is just telling you that you need to use https with a resource that has the SSL Required checkbox activated.  You need to find out why the redirect doesn't work.  What happens when you try it without /owa (or /exchange if you have E2000/2003)?  Do you just get the default web site page?
0
nocalertsAuthor Commented:
We have a html document that does the redirect in the web root. so when you go to owa.ourdomain.com you hit that page that sends you to https: we don't have to put the /owa on because the redirect has the full path. We are on 2010.

Thanks
0
LeeDerbyshireCommented:
What do you currently see in the browser when you try to use the redirect (i.e. you go to straight to owa.yourdomain.com without /owa)?  Some kind of error message?  Or a blank page?  Does the address in the address bar change to something else, or does it remain as  https://owa.yourdomain.com ?

Can you find the iis log entries generated by a login where the redirect doesn't work?
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

nocalertsAuthor Commented:
The address doesn't change and this is what I get on the page.

Server Error
403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.
0
LeeDerbyshireCommented:
There are two possible redirects you can set up.  There is a http to https redirect, and a site to site/owa redirect.  Did you have both working, or just the ste to site/owa one?

Can you share the contents of the HTML file you used?  Without real server names, of course.

Also, if you wanted it to do the automatic http to https redirect, and for some reason after the reboot you have ended up with SSL required on the default web site level, then that would cause something like what you are seeing, because if you don't use https in that configuration, then you don't even get to see the redirect code if you only use http.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
nocalertsAuthor Commented:
This is the HTML code we are using. I believe this is the only redirect we have set up, and as I said it was workign before the reboot.

<!--
  default.htm
  Copyright (c) 2002 - 2006 Citrix Systems, Inc. All Rights Reserved.
  Web Interface 4.5.1.8215
-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
    <title>Title</title>
    <meta http-equiv="REFRESH" content="0; URL=login.aspx">
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <meta name="ROBOTS" content="NOINDEX, NOFOLLOW, NOARCHIVE">
</head>
<body onLoad='location="https://OWA.OURDOMAIN.com/owa";'>
 </body>
</html>


 I will check the SSL settings.
Thanks
0
nocalertsAuthor Commented:
That was it. The require SSL box got checked after the reboot for the default site where the redirect was. Un checking that fixed it.

Thanks
0
LeeDerbyshireCommented:
Exchange Service Packs tend to select that without you wanting it to.  if you applied a service pack as part of fixing your mailflow, then that's where it came from.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Browsers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.