Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 351
  • Last Modified:

Exchange 2007 OWA issues

I recently fixed a crashed Exchange 2007 server installed on an Enterprise 2003 Windows server and was able to re-install everything, however I'm having a couple of issues with OWA. First issue is that when I go to make OWA "Forms based" authentication...It flat out doesnt work. The OWA page sends a "Page Not Displayed" error. The second issue is that when a user authenticates and OWA loads the page doesnt load any graphics and none of the links work. I absolutely positive that this is a permissions issue of some sort but I'm not sure where to go to fix it. Recently I un-installed IIS, and Un-installed the CAS server role which fixed other issues. The process I followed were found in these articles:

http://exchangeshare.wordpress.com/2008/07/16/how-to-recreate-owa-virtual-directory-exchange-2007/

http://my.opera.com/RavenOverride/blog/2009/06/17/how-to-recreate-all-virtual-directories-for-exchange-2007

http://support.microsoft.com/kb/320202

The two issues I need to fix are, how do we fix Forms Based Authentication and How do we fix the permissions issue so that users can login and see the normal OWA page and use it correctly.

Any help would be greatly appreciated.
0
Nathan Hawkins
Asked:
Nathan Hawkins
  • 5
  • 3
1 Solution
 
RepilCommented:
Recreate OWA Virtual Directory ; Below article will help you on this process.

http://exchangeshare.wordpress.com/2008/07/16/how-to-recreate-owa-virtual-directory-exchange-2007/
0
 
Nathan HawkinsTechnical Lead - Network SecurityAuthor Commented:
Repil - When you uninstall/re-install IIS and then uninstall/re-install CAS server role, OWA and all Exchange related directories are recreated in IIS. I've done this a couple of times now in the hopes of permissions being re-initialized...but they are not. Any other ideas?
0
 
LeeDerbyshireCommented:
Can you find the iis log entries for the request for logon.aspx (which is the FBA logon page)?  It will help to see how the server responded.

The graphics problem may be because you no longer have Anonymous Access enabled on the exchweb directory in IIS.  Come to think of it, this might cause the FBA problem, too.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Nathan HawkinsTechnical Lead - Network SecurityAuthor Commented:
Looking at EV...I dont see anything obvious that would be considered IIS Log Entries. Is there somewhere specific you'd like me to look?

The exchweb virtual directory was indeed not set for anonymous access, which I have corrected but whenever I do an "iisreset /noforce" I get the following error:

C:\Documents and Settings\Administrator>iisreset/noforce

Attempting stop...
Restart attempt failed.
The service cannot accept control messages at this time. (2147943461, 80070425)

C:\Documents and Settings\Administrator>

Open in new window


So I do a simple iisreset and when I do that exchweb reverts back to anonymous access not being checked...

Anyway...I just now thought...well if iisreset is resetting the settings on exchweb then they are probably changed on owa as well. I checked and sure enough they were... So I change anonymous for both owa and exchweb resync the IUSR_SERVERNAME PW and unbelievably OWA is working!

So...how do I make the settings take so that if the server bounces or I do an iisreset they stay in place? I havent tried FBA yet...I dont want to jinx anything (...yet)
0
 
LeeDerbyshireCommented:
The iisreset shouldn't be changing anything by itself.  The settings may be coming from the settings in Exchange itself.  I can't remember how you check them in E2007, but try Get-OWAVirtualDirectory | fl , and see what auth settings are listed.  Maybe the iisreset just forces a change to the Exchange settings (the Exchange VDirs get 'special treatment' in this respect), thus replacing something that may have been mistakenly changed in IIS Manager more recently.

IIS log entries are usually text files (.log files) in C:\Windows\System32\Logfiles\W3SVC1
0
 
Nathan HawkinsTechnical Lead - Network SecurityAuthor Commented:
Well I execute "Get-OWAVirtualDirectory | fl" and I got so much returned that it scrolled past the top of the screen. Is there a way to dump it to a file?

Are the log entries for IIS still necessary? If not thanks for that, its still useful.
0
 
LeeDerbyshireCommented:
You should be able to scroll the CMD window.  Or direct it to a text file:

Get-OWAVirtualDirectory | fl > c:\temp.txt

Might not need to iis logs yet.
0
 
Nathan HawkinsTechnical Lead - Network SecurityAuthor Commented:
I looked at the output and I didnt see anything obvious. I attached the file if you wanted to take a look.
0
 
Nathan HawkinsTechnical Lead - Network SecurityAuthor Commented:
FBA and everything works. Nice call!
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now