I have an Exchange 2007 SP1 CAS Server published to the internet by an ISA 2006 SP1 server. The CAS is hosting OWA. I originally had OWA published over HTTP using Basic Authentication, just to get things tested out and working properly without going through the trouble of issuing certificates etc.
I recently issued the certificates and now use SSL.
Throughout all of this (and multiple re-installs of Exchange for un-related issues) whenever I've tried to connect to OWA I've had to authenticate twice.
When I first navigate to the URL, I'm presented with this screen:
After I authenticate, again, successfully with this screen (same credentials, entered in exactly the same format) I am taken to my OWA inbox (with perhaps an intermediary prompt for my time zone etc.).
Originally I had thought that this was either intended behaviour, or attributable to using HTTP with Basic Authentication. However, I have spoken with the administrator of another Exchange 2007 setup, his published through ISA 2004, and he says that he only has to authenticate once. Since I am now using SSL, and the problem persists, it was obviously not an issue with HTTP and/or Basic Authentication.
P.S.: If it is at all relevant, the same ISA rule that publishes OWA also published Exchange ActiveSync. My mobile phone works perfectly with this setup -- no authentication problems -- but I'm imagining that, that's a result of Exchange ActiveSync not using forms-based authentication, although I can't be sure it [this information] doesn't help in some way...
< Message edited by Spike15 -- 15.Aug.2009 12:48:42 PM >
This results from you using forms based authentication on both ISA and Exchange. You need to change one of the servers. I recommend Changing the exchange box. You can do this by going to Server Configuration and Client Access, Clicking on owa and then selecting properties. Go to Authentication tab and Check Use on or more standard authentication methods: and choose Integrated Windows Authentication and Basic Authentication.