Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Discussion of OWA FBA Publishing article

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Exchange Publishing >> Discussion of OWA FBA Publishing article Page: [1] 2 3 4   next >   >>
Login
Message << Older Topic   Newer Topic >>
Discussion of OWA FBA Publishing article - 24.Jul.2004 9:51:00 PM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
This thread is for discussing the OWA FBA Publishing article at http://isaserver.org/tutorials/2004owafba.html

Thanks!
Tom

[ July 24, 2004, 10:07 PM: Message edited by: tshinder ]
Post #: 1
RE: Discussion of OWA FBA Publishing article - 26.Jul.2004 8:50:00 PM   
hansh

 

Posts: 3
Joined: 26.Jul.2004
From: Belgium
Status: offline
Hello,

after following all the steps in this great explanation, I receive this message when trying to connect to https://owa.homeoffice.bz

All help on solving this issue is welcome.

>
The page cannot be displayed
Explanation: There is a problem with the page you are trying to reach and it cannot be displayed.

--------------------------------------------------------------------------------

Try the following:

Refresh page: Search for the page again by clicking the Refresh button. The timeout may have occurred due to Internet congestion.
Check spelling: Check that you typed the Web page address correctly. The address may have been mistyped.
Access from a link: If there is a link to the page you are looking for, try accessing the page from that link.

--------------------------------------------------------------------------------

Technical Information (for support personnel)

Error Code: 500 Internal Server Error. The target principal name is incorrect. (-2146893022)

(in reply to tshinder)
Post #: 2
RE: Discussion of OWA FBA Publishing article - 26.Jul.2004 8:55:00 PM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Hans,

The name on the "To" tab needs to be same at the name on the Web site certificate on the OWA site.

HTH,
Tom

(in reply to tshinder)
Post #: 3
RE: Discussion of OWA FBA Publishing article - 26.Jul.2004 9:08:00 PM   
hansh

 

Posts: 3
Joined: 26.Jul.2004
From: Belgium
Status: offline
Hello,

I solved the issue by registering a record for the external name in my internal DNS and pointing the firwall policy for publishing a mail server to that name, instead of the internal (WINS) name.

Maybe this is something to include in your book?

Kind regards, Hans

(in reply to tshinder)
Post #: 4
RE: Discussion of OWA FBA Publishing article - 27.Jul.2004 2:53:00 AM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Hans,

You bet! Yes, the name on the "To" tab has to match the name on the certificate. Otherwise, you see the name mismatching error.

Thanks!
Tom

(in reply to tshinder)
Post #: 5
RE: Discussion of OWA FBA Publishing article - 27.Jul.2004 9:59:00 PM   
hansh

 

Posts: 3
Joined: 26.Jul.2004
From: Belgium
Status: offline
Hello Tom,

After running fine for about 1 day. I received the error that the ISA server detected a proxy chain loop.

This looks like the ISA server is not using my own DNS, but my provider's to resolve the name.

I will try to create a record in the hosts file and see how this works.

Kind regards,

Hans

(in reply to tshinder)
Post #: 6
RE: Discussion of OWA FBA Publishing article - 28.Jul.2004 1:31:00 AM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Hans,

That's right. If you don't have a split DNS infrastructure in place, you *must* create the HOSTS file entry.

HTH,
Tom

(in reply to tshinder)
Post #: 7
RE: Discussion of OWA FBA Publishing article - 29.Jul.2004 7:28:00 PM   
jen03

 

Posts: 1
Joined: 29.Jul.2004
Status: offline
I am having trouble enabling a secure area of a website. At first I was getting the "dreaded 500 error". After reading Tom's article I made the changes that it seemed to call for and was able to move on... to a new error. I am now getting the 12206 - proxy chain loop error.

Setup:
ISA and IIS are running on the same server. The regular HTTP pages are accessible with no errors. I have the secure pages in their own directory and have that directory setup as its own destination set. I added a line to the HOSTS file to translate the 10.0.0.1 into the www address and restarted the server.
Now I am getting the proxy loop error.
If I change the Web Publishing Rule for the destination set for the secure folders to Require SSL for published site the error changes to 403 access is forbidden.
So I am assuming that the it is being directed back to the "outside" world and trying to come back into the www address a second time when it should be looking to the internal HOSTS file.
How can I fix this?

Jen

PS - sorry if this is basic I am new to this.

(in reply to tshinder)
Post #: 8
RE: Discussion of OWA FBA Publishing article - 29.Jul.2004 8:46:00 PM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Jen,

Not sure about co-located publishing with the Web site on the ISA firewall. Try moving the Web site off the firewall and it should work fine.

HTH,
Tom

(in reply to tshinder)
Post #: 9
RE: Discussion of OWA FBA Publishing article - 3.Aug.2004 9:50:00 PM   
jemoore

 

Posts: 2
Joined: 14.Jun.2004
From: Kansas City, MO
Status: offline
Hello,

I finally got ISA and OWA working the way I wanted. After creating a new access rule allowing https from local host to Exchange FE all is well. I would have thought the Publishing mail server wizard would have taken care of this automatically.

Thanks,
Jim

(in reply to tshinder)
Post #: 10
RE: Discussion of OWA FBA Publishing article - 4.Aug.2004 12:10:00 AM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Jim,

Great! Good to hear you got it working and thanks for the follow up!

Tom

(in reply to tshinder)
Post #: 11
RE: Discussion of OWA FBA Publishing article - 11.Aug.2004 3:05:00 PM   
Guest
I followed the instructions, based on a seperate stand alone CA server, not connected to the Domain I'm working in. Can't do that yet as we still are figuring out how to set up the complete PKI infrastructure and all...

When I open the secure OWA site from the ISA server, I get an error message unlike you showed in the article: "Revocation information for the security certificate for this site is nog available. Do you want to proceed?"

could you give a hint where I went off?

(in reply to tshinder)
  Post #: 12
RE: Discussion of OWA FBA Publishing article - 11.Aug.2004 3:22:00 PM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Fox,

Set the system policy to allow CRL checking, and make sure the ISA Firewall can resolve the name of the CRL site.

HTH,
Tom

(in reply to tshinder)
Post #: 13
RE: Discussion of OWA FBA Publishing article - 11.Aug.2004 3:22:00 PM   
Firefox

 

Posts: 22
Joined: 11.Aug.2004
Status: offline
Nevermind the question above... I re-ran the publishing wizard on the ISA server, and now it works fine...

One other question though: Users would like to connect streight to http://owa.domain.tld, without having to add the /Exchange part.

normally one would solve that by using a forwarder in the root of the site (something like an auto refresh) however, standard there is nothing in the webroot itself published. What would be a secure way to fix that?

(in reply to tshinder)
Post #: 14
RE: Discussion of OWA FBA Publishing article - 12.Aug.2004 2:38:00 AM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Reinder,

Great! Good to hear you got it working and thanks for the follow up!

Tom

(in reply to tshinder)
Post #: 15
RE: Discussion of OWA FBA Publishing article - 12.Aug.2004 4:44:00 PM   
Guest
As per previous posts (not mine), add another path to the OWA publishing rule as follows:

External path: /
Internal path: /Exchange\

This redirects any requests for the root url of your publishing rule to /exchange

(in reply to tshinder)
  Post #: 16
RE: Discussion of OWA FBA Publishing article - 24.Aug.2004 12:16:00 AM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Justin,

You bet! Works a treat.

The reason is that the Exchange server is very tolerent an helps out hapless users who use back slashes instead of forward slashes [Smile]

Thanks!
Tom

(in reply to tshinder)
Post #: 17
RE: Discussion of OWA FBA Publishing article - 26.Aug.2004 8:02:00 AM   
olive-61

 

Posts: 1
Joined: 26.Aug.2004
From: Sydney
Status: offline
Hi Tom,
This is indeed a good article. I followed the steps to publish an OWA server but there is a problem: the OWA wizard uses the HTTPS protocol instead of HTTPS Server protocol and I cannot change that. Of course, it doesn't work, is it something else I should check?

Thank you,
Cristian

(in reply to tshinder)
Post #: 18
RE: Discussion of OWA FBA Publishing article - 13.Sep.2004 2:58:00 PM   
**P.Gordon**

 

Posts: 14
Joined: 19.Jul.2004
From: London
Status: offline
Hi I have followed the article to the word.
I have deleted the publishing rule and re-done it with no success.

My browser displays:
Error code: 12206
Background: The page you requested could not be reached.

I type in https://externally DNS registered domain/exchange

I know the DNS name is functioning as I can resolve the IP accross the internet even though ICMP reply is turned off on the external gateway.

I get the Security Alert displaying the acceptance box for the issued certificate.

OWA works internally using http://internal servers DNS name/exchange

Could someone assist me in understanding my error here please.

Thanks Peter

(in reply to tshinder)
Post #: 19
RE: Discussion of OWA FBA Publishing article - 1.Oct.2004 6:05:00 AM   
clynn

 

Posts: 101
Joined: 8.Feb.2001
From: Farmington Hills, MI
Status: offline
The article was very helpfull, although I get an error at the very last step. I get to the form based authentication page provided by the ISA firewall, but when I enter my UN and PW, I get the following error:

Unknown Request
The request could not be resolved by the server.

I tried every variation I could think of on the username: username, domain/username, domain.com/username, domain.local/username.....

Any ideas?

(in reply to tshinder)
Post #: 20

Page:   [1] 2 3 4   next >   >> << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Exchange Publishing >> Discussion of OWA FBA Publishing article Page: [1] 2 3 4   next >   >>
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts