RE: ISA 2000 to 2004 OWA Authentication Issue
- From: "Bill Mayo" <bemayo@xxxxxxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Fri, 4 Nov 2005 12:57:55 -0700
Thanks for the response. Sorry if I confused the issue, but I am not
using forms based authentication, nor do we have SBS. The OWA server is
running Exchange 2003 only and the ISA Server is separate. This was
working correctly until ISA was updated from 2000 to 2004.
Bill Mayo
> If you are using FBA then this is by design. If it is SBS then you need
> to install SBS SP1 correctly.
>
> S=20
>
> -----Original Message-----
> From: Mayo, Bill [mailto:bemayo@xxxxxxxxxxxxx]=20
> Sent: Friday, November 04, 2005 3:05 PM
> To: ISA Mailing List
> Subject: [isalist] ISA 2000 to 2004 OWA Authentication Issue
>
> http://www.ISAserver.org
>
> I previously setup OWA through our ISA 2000 server thanks to the great
> tutorial by Dr. Shinder. Everything was working fine with that for a
> long time. Yesterday, we upgraded this server to ISA 2004 and had to
> recreate the OWA rule. Again, this seemed to be working ok in my tests,
> but today I have been made aware of some issues that others are having.
> It seems that people are not able to log into OWA unless they prefix the
> domain name before their username. (This was not the case previously.)
> Further research has indicated that some browsers request a domain name
> in the authentication box and some don't. On the ones that don't, what
> will happen is that putting in a username/password will result in a
> re-prompting for credentials. In the re-prompt, you can see that it has
> prefixed the DNS name of the OWA server in front of the username (i.e.
> webmail.server.com\username). If you change that to the actual domain
> name it works fine. This does not happen internally, only when going
> through ISA Server.
>
> Per the previous instructions, I had just the NetBios name for the
> domain set on the Exchange IIS virtual directory, which I have currently
> set as the fully-qualified internal domain name (doesn't make a
> difference how this is set). I can also confirm that the default domain
> is set on the listener in ISA. I found Dr. Shinder's walkthrough on
> setting up OWA on ISA 2004, which indicates to use forms based
> authentication. I did try that and it just stopped working completely.
> I would also note that isn't really a solution for me because I have
> multiple SSL sites on the ISA Server, and it will not let me listen on
> 443 with different types of authentication, so this isn't a solution for
> me anyway (unless there is someway to work around that limitation). I
> have googled around and found somebody else attributing this issue to
> ISA 2004, but none of the solutions provided there are of any help to
> me. The main recommendation is to get people to logon with the UPN, but
> that is no better than me communicating to them to prefix with the
> domain.
>
> Any and all help is greatly appreciated!
> Bill Mayo
> Pitt County MIS
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> isalist@xxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
