OWA problems.

  • From: <paul_lemonidis@xxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 22 Sep 2004 02:15:15 +0100

Hi all

I hope someone could possibly help me with a couple of problems I am having 
with OWA on our Exchange 2003 machine. It is running on a Windows 2003 Domain 
controller, although it has none of the FSMO roles on it and is not a Global 
Catalog. We have two other Domain controllers, one of which is our Global 
Catalog. The domain is set to Windows 2000 Native mode and Exchange is set to 
Native mode also. I have installed a Certificate Authority and do have the 
HTTPS site up and working with forms based authentication. However, I have two 
minor problems I hope someone can help me with.

I have created the certificate and on the Exchange server and all is fine when 
you go to the OWA default web page except for one thing. Since getting it all 
up and working no matter what I set the Exchange page in IIS security settings 
too I get the logon page for SSL or the standard non-forms based logon prompt 
for the non SSL site even when logged on to the local internal network on the 
Exchange server or connected in via VPN. Needless to say I didn't before? Any 
ideas why please and if so how I can fix it please? The only setting I have not 
tried is anonymous but I am not keen to enable this unless absolutely essential 
since this is now on our live Exchange server. Any ideas how I stop this 
please? Before someone quite rightly  picks me up on allowing HTTP traffic I 
should mention that I do not allow HTTP on our Cisco PIX 515E firewall. Thus 
only HTTPS traffic would be able to get in. Unfortunately with only one machine 
for testing last time I do not know if this problem existed as the remote OWA 
server was the only domain member.

The second is particularly strange since when I did my testing a few weeks back 
on my test setup it was not a problem. I have copied the certificate from the 
Exchange server to my local machine but despite installing it I still get the 
un-trusted CA warning message when I first open outlook unless I VPN in and 
access the Exchange server and install the certificate whilst specifying the 
internal IP address of the server on place of the external address when 
installing the certificate. Even then it only worked on the 2nd attempt? Our AD 
domain is a fully registered one, thus if you hadn't guessed we have split DNS 
and our internal mail server has a private internal address and a registered 
public address with our external DNS provider. I thus suspect this is a DNS 
issue of some type but am not quite sure what it is. Any ideas on how to stop 
this as not all external mail users will have anything other than OWA access. I 
think it may be of note that none of the internal machines on the LAN suffer 
from this. Then again since it is an AD Enterprise CA that is not so 
surprising. I would add that in both my live and test scenario's the test 
remote machines accessing the test server remotely were not in the Forest.

Many thanks in advance.


Paul Lemonidis.

Other related posts: