Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Exchange 2003 OWA Authentication

0 views
Skip to first unread message

Simon Butler

unread,
May 11, 2004, 6:44:01 AM5/11/04
to
Hello,
I have been running round in circles with an
authentication puzzle on Exchange 2003 OWA so I thought I
would ask the group to see if I have missed something.

Brand new Exchange 2003 environment, with a front-end
server.
Exchange OWA installed on to the default web site, no
changes made to the configuration.
Test SSL certificate installed.
All working correctly.
Enabled forms based authentication - still all worked
correctly - client pleased at this point.

However...
The web site that Exchange is installed on will have other
content as Exchange will be part of a portal - on the
default /exchange subdirectory. This is working as well -
no problems there.

The complication comes when I disable anonymous browsing.

This web site will be accessible from the Internet, but
for the client's staff only. Therefore I need to disable
anonymous browsing so they must authenticate either
directly or using integrated authentication.

If I disable anonymous browsing, the web site prompts ok,
and the content can be seen after authentication. Go
to /exchange and the form comes up as expected, enter the
details, press submit - and nothing. The browser
returns "Error 400 invalid request" on the
page /exchweb/bin/auth/owaauth.dll.

If I enable anonymous browsing it works again.
If I disable forms based authentication - it also works.

I am currently running the web site without forms based
authentication as it gives me the web site security the
client requires - we haven't rolled out OWA to all their
staff. However I want the forms based authentication back
so that I get the extra security and the page that tells
the users what they need to enter to authenticate
correctly.

Extensive Googling leads me to believe that it is
permissions, but most of what I find is for Exchange 2000
OWA and doesn't apply or doesn't work with Exchange 2003.
Checking the permissions of Exchweb virtual directory in
IIS Manager shows that Exchweb still has anonymous
browsing enabled.

What have I done wrong? Someone must have done this
before.

Many thanks,
Simon Butler.

--
Simon Butler, MCP, MCSA
Senior Systems Administrator
Amset IT Solutions Ltd.

e: si...@amset-it.com.nospam
w: www.amset-it.com
w: www.amset.info

0 new messages