Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Sparatic OWA
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Sparatic OWA - 4.Aug.2004 11:14:00 PM
|
|
|
Cern
Posts: 10
Joined: 14.Jun.2004
Status: offline
|
Hi,
I just installed the final version of ISA Server 2004 and tried publishing OWA. I followed the instruction from http://www.isaserver.org/tutorials/2004owafba.html and when I go to https://mail.domain.com I get the Forms Based Authentication login page like i should. But when I enter a valid username and password I get an error code 500 Internal server error. Network logon failed. (1790). Besides that, the odd thing is that I can refresh the page and sometimes I will only get the left navigation frame and other times I will just get the right frame.
Any ideas?
Thanks in advance
Brian
[ August 04, 2004, 11:17 PM: Message edited by: Cern ]
|
|
|
|
|
RE: Sparatic OWA - 5.Aug.2004 2:30:00 PM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Brian,
Pay VERY CLOSE attention to the names on the certificates, the FQDN name in the request, the FQDN in the redirect and the type of bridging.
HTH,
Tom
|
|
|
|
|
RE: Sparatic OWA - 5.Aug.2004 5:48:00 PM
|
|
|
Cern
Posts: 10
Joined: 14.Jun.2004
Status: offline
|
Thanks for responding Tom,
The name on the certificate and the FQDN in the request are exactly the same mail.domain.com, for the redirection I added an external path of / that corresponds to the internal path /exchange\. As for the bridging, it is set to have a secure connection to the client and server. One thing that I had to tweak was allowing HTTP/HTTPS traffic from the ISA server to my Exchange server. Also it seems to work better if the "require authentication" is checked under the listener and the log off owa when user leaves the site is unchecked.
Another possibility where problems may arise is that because I wanted mail.domain.com to be the external entry point, I had to create an alias record on my internal DNS server to forward mail.domain.com to my internal exchange server, exchange.domain.com which has two internal network interfaces, but the OWA site in IIS is only listening on one of the IP addresses. The OWA site is the only site on the IIS server using SSL.
Also could the "enbable high bit characters used by non-English character sets" cause a problem?
Thanks again,
Brian
|
|
|
|
|
RE: Sparatic OWA - 7.Aug.2004 3:13:00 AM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Cern,
In the doc, did you see the section on creating the HOSTS file entry? I think that was the primary problem. You actually fixed in the preferred way, that is by creating a sort of split DNS, so that that the same name is resolved different by external and external network clients.
The other changes you made aren't required. You don't need to allow HTTP access from the ISA firewall to the Internal network in order for this to work. Also, forcing authentication won't make any differnce. In fact, it should generate two authentication prompts.
Good to hear you got it working and thanks for the follow up!
Tom
|
|
|
|
|
RE: Sparatic OWA - 10.Aug.2004 11:12:00 PM
|
|
|
Cern
Posts: 10
Joined: 14.Jun.2004
Status: offline
|
It still isn't working perfectly, but it is usable.
|
|
|
|
|
RE: Sparatic OWA - 10.Aug.2004 11:31:00 PM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Cern,
It should work perfectly! What isn't working for you now?
Thanks!
Tom
|
|
|
|
|
RE: Sparatic OWA - 13.Aug.2004 4:37:00 AM
|
|
|
Cern
Posts: 10
Joined: 14.Jun.2004
Status: offline
|
After the user name and password is entered the following error is returned:
Error Code: 500 Internal Server Error. The network logon failed. (1790)
After several refreshes OWA is displayed and works perfectly.
Thanks yet again,
Brian
|
|
|
|
|
RE: Sparatic OWA - 13.Aug.2004 5:39:00 AM
|
|
|
Cern
Posts: 10
Joined: 14.Jun.2004
Status: offline
|
It may be a permissions problem. If the user is part of any of the administratorsÆ groups owa works perfectly, otherwise several refreshes are needed.
I just noticed this from home tonight, so I will investigate it at work tomorrow and post my results.
|
|
|
|
|
RE: Sparatic OWA - 13.Aug.2004 12:54:00 PM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Cern,
Are you forcing basic authentication on the OWA directories and are you using SSL to SSL bridging?
Is the OWA site a SecureNAT client?
Are you using delegation of basic authentication?
Are you using the same FQDN from end to end?
Thanks!
Tom
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
