Access mailbox on 2nd exch. server via OWA

I have set up a second exch 2010 server in a remote site in the same exch. org. I moved a mailbox from server 1 to server 2 and mail from server 2 in and out works fine through server 1 as server 2 is not internet facing. When I connect to our OWA from the web and log in as my test user that has the mailbox on server 2 I get a second logon at the owa located at server 2. Can anyone direct me on how I can make this a single sign on thing?


Thanks in advance


WP
LVL 6
Smith and AndersenAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Simon Butler (Sembee)ConsultantCommented:
Are you looking to proxy or redirect?

If you want to proxy, then you need to ensure that you do not have an external URL configured on the second server to begin with. That tells Exchange that you want to proxy rather than redirect.
Ensure the authentication is set to Forms Based and the settings are the same on both server.

If you want to redirect, then both servers need to be exposed to the internet, with unique URLs. The external URL value needs to be populated on both servers.
Then to set the silent redirect configure the following:
Set-OWAVirtualDirectory -Identity "SERVER\owa (Default Web site)" -CrossSiteRedirectType Silent

If users could use either URL, then configure it on both servers.

Simon.
Smith and AndersenAuthor Commented:
Hi Simon
I don't have an external URL setup for the second server
I did enable forms based auth on both servers
Do I need to disable all other auth. methods??
Simon Butler (Sembee)ConsultantCommented:
You had FBA enabled within Exchange?
Don't touch IIS.
Ensure that FBA is identical on both servers - which includes whether to have the domain required or not.

If users are accessing it internally, you may want to enable the option anyway, as internally they will be redirected.

Simon.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Smith and AndersenAuthor Commented:
Hi Simon
In exchange under  the properties of the OWA from within server config>client access on the auth. tab I have FBA selected with logon format of domain\username. The settings are the same on both servers.

here is the output from this command
Get-OWAVirtualDirectory -ADPropertiesOnly  |select server,*url*,*auth*

Server                        : Server1EXCH
Url                           : {}
Exchange2003Url               :
FailbackUrl                   :
InternalUrl                   : https://fqdn.com/owa
ExternalUrl                   : https://email.domain.com/owa
ClientAuthCleanupLevel        : High
InternalAuthenticationMethods : {Basic, Fba, Ntlm, WindowsIntegrated}
BasicAuthentication           : False
WindowsAuthentication         : False
DigestAuthentication          : False
FormsAuthentication           : False
LiveIdAuthentication          : False
ExternalAuthenticationMethods : {Fba}

Server                        : DAGEXCH
Url                           : {}
Exchange2003Url               :
FailbackUrl                   :
InternalUrl                   : https://fqdn.com/owa
ExternalUrl                   :
ClientAuthCleanupLevel        : High
InternalAuthenticationMethods : {Basic, Fba, Ntlm, WindowsIntegrated}
BasicAuthentication           : False
WindowsAuthentication         : False
DigestAuthentication          : False
FormsAuthentication           : False
LiveIdAuthentication          : False
ExternalAuthenticationMethods : {Fba}

Server                        : 2ndEXCHANGE
Url                           : {}
Exchange2003Url               :
FailbackUrl                   :
InternalUrl                   : https://fqdn.com/owa
ExternalUrl                   :
ClientAuthCleanupLevel        : High
InternalAuthenticationMethods : {Basic, Fba}
BasicAuthentication           : False
WindowsAuthentication         : False
DigestAuthentication          : False
FormsAuthentication           : False
LiveIdAuthentication          : False
ExternalAuthenticationMethods : {Fba}
Smith and AndersenAuthor Commented:
Hi Guys
This is the error I get now


Request
Url: https://webmail.domain.com:443/owa/ev.owa?oeh=1&ns=HttpProxy&ev=ProxyRequest
User: ITtest
EX Address: /o=Exchange1/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=ITtestb07
SMTP Address: ITtest@domain.com
OWA version: 14.3.224.2
Second CAS for proxy: https://fqdn2ndserver.com/owa

Exception
Exception type: Microsoft.Exchange.Clients.Owa.Core.OwaProxyException
Exception message: None of the CAS servers are responding

Call stack

No callstack available

Inner Exception
Exception type: Microsoft.Exchange.Clients.Owa.Core.OwaAsyncOperationException
Exception message: ProxyPingRequest async operation failed

Call stack

Microsoft.Exchange.Clients.Owa.Core.ProxyPingRequest.EndSend(IAsyncResult asyncResult)
Microsoft.Exchange.Clients.Owa.Core.ProxyEventHandler.SendProxyPingRequestCallback(IAsyncResult asyncResult)

Inner Exception
Exception type: System.Net.WebException
Exception message: Unable to connect to the remote server

Call stack

System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
Microsoft.Exchange.Clients.Owa.Core.ProxyUtilities.EndGetResponse(HttpWebRequest request, IAsyncResult asyncResult, Stopwatch requestClock)
Microsoft.Exchange.Clients.Owa.Core.ProxyPingRequest.GetResponseCallback(IAsyncResult asyncResult)

Inner Exception
Exception type: System.Net.Sockets.SocketException
Exception message: No connection could be made because the target machine actively refused it 10.7.5.29:443

Call stack

System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception& exception)
Simon Butler (Sembee)ConsultantCommented:
Is that internal or external access?
The error would suggest it is trying to proxy, but is unable to do so for some reason.

Does the internal name resolve externally by any chance?

Simon.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.