• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Web Listener

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> Web Listener Page: [1]
Message << Older Topic   Newer Topic >>
Web Listener - 23.Apr.2010 11:20:39 AM   


Posts: 25
Joined: 15.Mar.2010
Status: offline
Is it possible to use both OWA and OA with 1 web listener? Assuming that OA uses HTTP Integrated authentication and Kerberos constrained authentication uses the mailserver's SPN to delegate authentication.

If not, please advice what is the best strategy in terms of publishing and authentication.

I currently use 1 weblistener but the problem is that OWA works randomly. On the other hand I notice that OWA sometimes doesn't work with IE8 but it works with 3rd party browsers (of course in light mode)
Post #: 1
RE: Web Listener - 23.Apr.2010 6:42:41 PM   
Jason Jones


Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
Nope, ISA/TMG cannot do this. UAG can if this helps (probably not).

The best you can get with a single web listener is having to accept a password prompt in OA.

How is OWA published? Working randomly sounds unusual...




Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to andreasy)
Post #: 2
RE: Web Listener - 24.Apr.2010 5:16:02 AM   


Posts: 25
Joined: 15.Mar.2010
Status: offline
So, it means that it is possible. I currently have 1 listener with the thought that a second listener would require its own socket (IP/Port) - (Am I correct on this, or is it possible to have 2 listeners on the same socket?)

I don't mind entering Windows password and OWA forms password but unfortunately, here is what happens:
- On some occasions, the Windows logon appears first and the OWA login form second, and sometimes the opposite happens. (I cannot classify this as reasonable)
- Sometimes, after Windows and Form login, the page cannot be displayed and the error is that it is forbidden. After a while, it is not forbidden. (More strange: It happens with IE but not with other browsers, however, other browsers open the light version)
- Sometimes, the page fails from the first time before any login prompt is displayed.
- A very strange point which I assume it has to do with all the mystery, (but I can't figure it out on my own, I need advice), is that I have previously configured port redirection (accept both HTTP and HTTPS connections and redirect all HTTP traffic to HTTPS) and it never worked BUT when everything IS fine, and I enter http://owa.dom.com/owa I just get the error that the page cannot be displayed because it requires SSL. (Happens with all browsers). During those times, if I use HTTPS properly, everything will be fine.
Now, when there is a problem, redirection works. If I enter http://..., it will automatically convert to https:// but later I will get error page cannot display.
All these, led me to ask about Web Listener (One for both or one for each)?
OWA is published with an OWA publishing rule, using the same listener as OA (HTTP/Integrated), same delegation configuration and OWA form on Exchange uses form authentication.
THE SPN I use is how it appears in AD and the one I associated there but the following error appears in ISA:

ISA Server failed to delegate credentials using Kerberos constrained delegation to the Web site published by the rule OWA Publishing. Check that the SPN: http/mailxxx.internal-domain.com configured in ISA Server matches the SPN in Active Directory.

(in reply to Jason Jones)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> Web Listener Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts