Solved

OWA 403 forbidden after reboot of server.

Posted on 2012-03-21
8
673 Views
Last Modified: 2012-08-13
We had a mailflow issue this morning with our exchange front end. I rebooted it and fixed the problem. But now when we go to our OWA site we are getting a 403 Forbidden error. If I start the address with HTTPS it works but doesn't do the correct redirect when we type in just the host and domain like it used to.  I'm sure it is just an easy setting change but I haven't been able to find a solution to my exact issue.


Thanks
0
Comment
Question by:nocalerts
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 37747829
The 403 error is just telling you that you need to use https with a resource that has the SSL Required checkbox activated.  You need to find out why the redirect doesn't work.  What happens when you try it without /owa (or /exchange if you have E2000/2003)?  Do you just get the default web site page?
0
 

Author Comment

by:nocalerts
ID: 37748127
We have a html document that does the redirect in the web root. so when you go to owa.ourdomain.com you hit that page that sends you to https: we don't have to put the /owa on because the redirect has the full path. We are on 2010.

Thanks
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 37748168
What do you currently see in the browser when you try to use the redirect (i.e. you go to straight to owa.yourdomain.com without /owa)?  Some kind of error message?  Or a blank page?  Does the address in the address bar change to something else, or does it remain as  https://owa.yourdomain.com ?

Can you find the iis log entries generated by a login where the redirect doesn't work?
0
Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

 

Author Comment

by:nocalerts
ID: 37748201
The address doesn't change and this is what I get on the page.

Server Error
403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.
0
 
LVL 31

Accepted Solution

by:
LeeDerbyshire earned 500 total points
ID: 37748301
There are two possible redirects you can set up.  There is a http to https redirect, and a site to site/owa redirect.  Did you have both working, or just the ste to site/owa one?

Can you share the contents of the HTML file you used?  Without real server names, of course.

Also, if you wanted it to do the automatic http to https redirect, and for some reason after the reboot you have ended up with SSL required on the default web site level, then that would cause something like what you are seeing, because if you don't use https in that configuration, then you don't even get to see the redirect code if you only use http.
0
 

Author Comment

by:nocalerts
ID: 37748370
This is the HTML code we are using. I believe this is the only redirect we have set up, and as I said it was workign before the reboot.

<!--
  default.htm
  Copyright (c) 2002 - 2006 Citrix Systems, Inc. All Rights Reserved.
  Web Interface 4.5.1.8215
-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
    <title>Title</title>
    <meta http-equiv="REFRESH" content="0; URL=login.aspx">
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <meta name="ROBOTS" content="NOINDEX, NOFOLLOW, NOARCHIVE">
</head>
<body onLoad='location="https://OWA.OURDOMAIN.com/owa";'>
 </body>
</html>


 I will check the SSL settings.
Thanks
0
 

Author Comment

by:nocalerts
ID: 37748385
That was it. The require SSL box got checked after the reboot for the default site where the redirect was. Un checking that fixed it.

Thanks
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 37748411
Exchange Service Packs tend to select that without you wanting it to.  if you applied a service pack as part of fixing your mailflow, then that's where it came from.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

What does UTC stand for?  “Coordinated Universal Time” – Think of this as the true time on Planet Earth that never changes with the exception of minor leap seconds here and there to account for the changes in the planet's rotation.   What does th…
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question