Exchange
--
Questions
--
Followers
Top Experts
ADFS / WAP and Exchange 2010 OWA
Hi 2gether
I fighting around with publishing Exchange 2010 OWA trought Server 2012 ADFS and Web Application Proxy.
I have an WAP Server joined to my domain and placed in an OPT Zone. I want to use the ADFS Preauthentification for publishing OWA in my DNS SplitScope Scenario.
After i fill in my Usercreds to login to OWA, nothing really happens.
I see that the WAP Server is requesting an kerberos ticket, but the ADFS Server is not able to send the kerberos ticket back. I read the how-to and step by step guide a thousand time...added the SPN, activated constrained delegation..but it does not work at all.
The Logs on the WAP Server are telling me:
EVENT ID 12027, Username and Password wrong (0x8007052e). But i am quiet sure the credentials are right...because EAS and the other published rules work.
On the other side the ADFS Serverlog tells me:
Did anyone had this problem before? The strange thing is...i tested the whole thing before with the same components and it worked in the lab.
thx for any help
I fighting around with publishing Exchange 2010 OWA trought Server 2012 ADFS and Web Application Proxy.
I have an WAP Server joined to my domain and placed in an OPT Zone. I want to use the ADFS Preauthentification for publishing OWA in my DNS SplitScope Scenario.
After i fill in my Usercreds to login to OWA, nothing really happens.
I see that the WAP Server is requesting an kerberos ticket, but the ADFS Server is not able to send the kerberos ticket back. I read the how-to and step by step guide a thousand time...added the SPN, activated constrained delegation..but it does not work at all.The Logs on the WAP Server are telling me:
EVENT ID 12027, Username and Password wrong (0x8007052e). But i am quiet sure the credentials are right...because EAS and the other published rules work.On the other side the ADFS Serverlog tells me:
364:
Encountered error during federation passive request.
Additional Data
Protocol Name:
Relying Party:
Exception details:
Microsoft.IdentityServer.Web.InvalidScopeException: 06a7aa66-3aad-e311-80c1-005056983900
at Microsoft.IdentityServer.Web.Protocols.MSISHttp.MSISHttpProtocolHandler.ValidateSignInContext(MSISHttpSignInRequestContext msisContext, WrappedHttpListenerRequest request)
at Microsoft.IdentityServer.Web.Protocols.MSISHttp.MSISHttpProtocolHandler.CreateProtocolContext(WrappedHttpListenerRequest request)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.GetProtocolHandler(WrappedHttpListenerRequest request, ProtocolContext& protocolContext, PassiveProtocolHandler& protocolHandler)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)Did anyone had this problem before? The strange thing is...i tested the whole thing before with the same components and it worked in the lab.
thx for any help
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
ASKER CERTIFIED SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
Exchange
--
Questions
--
Followers
Top Experts
Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.