Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
OWA login and change password
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
OWA login and change password - 31.Jan.2008 4:41:07 PM
|
|
|
dd71
Posts: 51
Joined: 24.Mar.2005
Status: online
|
We have users complaining that they can log onto OWA domain/user.name but cannot use the change password feature. Users can use the change password feature if they log in using domain\user.name. This is only using the internal OWA and not external through ISA. Obviously the answer would be log in as domain\user.name but I've been asked to see if a solution exist? BTW, we are using Integrated Windows Authentication for internal login.
|
|
|
|
RE: OWA login and change password - 31.Jan.2008 6:09:53 PM
|
|
|
Rotorblade
Posts: 976
Joined: 27.Feb.2007
Status: offline
|
Hi,
Is /IISADMPWD/* path in the publishing rule?
Using a domain/username is not valid. You can add the default domain name to "Basic" authentication properties. Basic also should be enabled and you need to use SSL encryption.
HTH
RB
_____________________________
David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003
|
|
|
|
|
RE: OWA login and change password - 31.Jan.2008 6:16:44 PM
|
|
|
Rotorblade
Posts: 976
Joined: 27.Feb.2007
Status: offline
|
Just to clarify, Basic Authentication also needs to be enabled on the Exchange virtual directory (s) using the ESM. You can also set the default domain there as well.
RB
_____________________________
David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003
|
|
|
|
|
RE: OWA login and change password - 4.Feb.2008 12:19:07 PM
|
|
|
dd71
Posts: 51
Joined: 24.Mar.2005
Status: online
|
RB,
I need some further clarification please. I can't completely tell but it seems like your first response is relating to ISA? We are using OWA through ISA on the public side. And yes we do have /IISADMPWD/* path in the publishing rule on the ISA OWA rule. We use Forms Based Authentication for the authentication type. But the problem I'm talking about is on the private side OWA. On the Exchange System Manger we do have have Basic Authentication set for the Exchange path under Exchange Virtual Server. But we have Integrated Windows authentication set for the Default Web Site configuration ins IIS Manager as recommended in other documentation. There are too many authenication types in too many places! BTW, you said "domain/username is not valid" but it is valid to login on the private side but you're right it does not work through ISA.
Thanks,
dd71
|
|
|
|
|
RE: OWA login and change password - 4.Feb.2008 9:24:07 PM
|
|
|
Rotorblade
Posts: 976
Joined: 27.Feb.2007
Status: offline
|
quote:
I need some further clarification please.
Yes, so do I
quote:
BTW, you said "domain/username is not valid" but it is valid to login on the private side but you're right it does not work through ISA
What are you referring too, the Authentication Challenge logon box? You should be using an “\” (back slash) not a “/” forward slash. Why would you not logon using the "\"?
quote:
But the problem I'm talking about is on the private side OWA.
So this is not an ISA problem?
As far as the IIS server and OWA Authentication with Exchange. You manage the Exchange virtual directories through the ESM. Has no bearing on the default IIS Authentication setting. For the Exchange virtual directories, you can set the Default Domain (using the ESM) name for Basic Authentication so your users will not have to type it in.
HTH
RB
_____________________________
David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003
|
|
|
|
|
RE: OWA login and change password - 8.Feb.2008 4:07:22 PM
|
|
|
dd71
Posts: 51
Joined: 24.Mar.2005
Status: online
|
Yes I'm speaking of the authentication logon box. I agree you should use \ but we are a large organization and there are people who will use / by mistake. They end up getting logged in. But then they try to use the change password function and it fails. My point is it should not allow you to log in using the / if the utilities are not supported. I want to tell the users to deal with it and log in correctly with the \ but my management asked that I look into either making it work or disable the ability to log in using the /.
Correct this is not an ISA issue as ISA will not allow the / to login. This is the default OWA login to the Exchange backend on the private side.
We have multiple domains therefore I do not wish to eliminate the domain from the login. But basic authentication is configured in ESM to our default domain where our Exchange servers reside.
So the basic question again is whether the / login can either be disabled in Exchange or if Exchange utilities such as password change can be enabled to allow that login to work?
|
|
|
|
|
RE: OWA login and change password - 9.Feb.2008 7:38:18 PM
|
|
|
Rotorblade
Posts: 976
Joined: 27.Feb.2007
Status: offline
|
I would think that end-user training would be the better option! You might want to hit the MSExchange.org and ask the question there. There are ways of doing what you want by modifying the OWA logon but it would involve advance knowledge in modifying the ASP's.
HTH
RB
_____________________________
David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
