• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

RE: Discussion of OWA FBA Publishing article

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Exchange Publishing >> RE: Discussion of OWA FBA Publishing article Page: <<   < prev  1 2 [3] 4   next >   >>
Login
Message << Older Topic   Newer Topic >>
RE: Discussion of OWA FBA Publishing article - 29.Jan.2005 7:02:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Come2,

Great to hear you got it working and thanks for the followup!

Tom

(in reply to tshinder)
Post #: 41
RE: Discussion of OWA FBA Publishing article - 29.Jan.2005 7:03:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
quote:
Originally posted by jimmyweston:
Hi there,

I found the article very useful thanks.
One additional question: we have a single Exchange server protected by a dual-homed ISA 2004 server.
Is it possible - on the the same fixed IP address that OWA FBA is now published on, to publish Exchange for Outlook users via RPC over HTTPS.
The problem - as I perceive it is that there will be 2 listeners needed on port 443 now.
Is this possible?
Thanks!

Hi Jimmy,

Yes, but you won't be able to use FBA if you only have a single IP adddres, unless you use the Kai Wilke trick we wrote about on this site.

HTH,
Tom

(in reply to tshinder)
Post #: 42
RE: Discussion of OWA FBA Publishing article - 4.Mar.2005 3:59:00 PM   
Guest
Hello,
i have some questions about the 2004owafba tutorial, because all requests are answered with the error code: 403 Forbidden ... (12202), and i think i have an failure on my certificate.

Can you say which names i have to use when the name of the local domain, (where the exchange server is included) is called "company", the exchange and the CA server name is "exchange" my domain in the internet is called "example.com" and the name of the isa server is "isa"!

local domain: "company"
exchange and the CA server: "exchange"
internet domain: "example.com"
isa server: "isa"

Can you say, which common name for the CA, which common name, which web mail server, which public name i have to use?
Because I dont know, if the name "owa" of the example name in the tutorial owa.liran.org in the tutorial, is the name of the server or a subdomain? Please help me, im a newbie! [Wink]

Thanks

Steffen

(in reply to tshinder)
  Post #: 43
RE: Discussion of OWA FBA Publishing article - 6.Mar.2005 4:53:00 PM   
Guest
Desperately seeking help for small educational charity. ISA 2000 as part of an SBS 2003 Premium setup (donated graciously by Microsoft). 12206 - proxy chain loop nightmare. Have an SSL Certificate and that is when this started. Trying to get to the root of it by reading every article around (host files, cache timing, routing et al) no luck and the charity is losing donations and/or memeberships when people get frustrated with this. Please offer some help and guidance. I'll check here but ovrdrvn@hotmail.com is my address and would be beyond grateful if someone could send me some information.

Thanks.

(in reply to tshinder)
  Post #: 44
RE: Discussion of OWA FBA Publishing article - 29.Mar.2005 12:31:00 PM   
Guest
Hi,

I followed this article, but it isn't working from external.
When I check the monitoring, it is like the rule isn't really listening.
I get an error on 443, denied by default rule.
Although the OWA rule is at the top of list...
From my internal network, as from the ISA I can access the OWA page without errors on the certificate, it has the same name , etc..
When i do a ping from the isa server to the owa site , I get the correct internal address...
I first tried to add a dns entry for my internal network which points the OWA site to the correct address, but doesn't work. I then tried it with the hosts entry-> not working
What am I doing wrong?

Thx for your input...

(in reply to tshinder)
  Post #: 45
RE: Discussion of OWA FBA Publishing article - 29.Mar.2005 12:39:00 PM   
Guest
Update on my previous post:

Just as a test , I tried and installed a new publishing rule for an https server, which became my owa site.
It now works...
I don't really know what happens...

Thx

Benny

(in reply to tshinder)
  Post #: 46
RE: Discussion of OWA FBA Publishing article - 29.Mar.2005 12:45:00 PM   
Guest
Update on my previous post:

Just as a test , I tried and installed a new publishing rule for an https server, which became my owa site.
It now works...
I don't really know what happens...
It really seems that the HTTPS isn't listening while used with the mailservers wizard.

Thx

Benny

(in reply to tshinder)
  Post #: 47
RE: Discussion of OWA FBA Publishing article - 14.Apr.2005 11:53:00 AM   
Guest
The article was fabulous and just the thing I needed to get OWA working.

Now I am working on Active Synch and I keep getting "Error code: HTTP_403.

I've found a microsoft article (Article ID : 817379) that calls for creating a new virtual server and modifying registry entries and not using ssl to verify active synch users.

I'm wary of doing this without knowing what changes I'd have to make to the isa server configuration.

Thanks,

(in reply to tshinder)
  Post #: 48
RE: Discussion of OWA FBA Publishing article - 18.Apr.2005 8:12:00 PM   
NFerreira

 

Posts: 5
Joined: 28.May2002
Status: offline
After follow the
Step-by-Step: Publishing a Single Exchange 2003 OWA with ISA 2004 Firewall Forms Based Authentication by Liran Zamir Tutorial

And doing some internal tests:
- accessing the OWA from ISA server to the exchange server using SSL
- testing the internal dns owa.domainxpto.com that connects to the exchange server
- testing the external dns owa.domainxpto.com that connects to the ISA server
All worked ok.

But from the internet after establishing the SSL connection with the ISA Server(accepting the owa.domainxpto.com certificate) the browser displays that the page cannot be found; HTTP 404 file not found

From the ISA logs I notice that I only manage to make a SSL connection after applying a security rule that allows SSL connection between the exterior and the ISA server.
There are no logs of the OWA Mail server created using the tutorial.

Im I missing something?

Thanks for any help!

Configuration:

ServerA with Exchange 2003

ServerB with ISA2004 Standard as a Single Network Adapter (Web proxy only)

As Firewall a Checkpoint.

(in reply to tshinder)
Post #: 49
RE: Discussion of OWA FBA Publishing article - 26.May2005 7:38:00 PM   
lucky6string

 

Posts: 3
Joined: 25.May2005
From: Burlingame CA
Status: offline
Hello Hope you can help me re this article [Confused]
Step-by-Step: Publishing a Single Exchange 2003 OWA with ISA 2004 Firewall Forms Based Authentication
http://www.isaserver.org/tutorials/2004owafba.html
I have followed this article pretty well but not sure where I have gone wrong or even if I have even made any mistakes.
Basically I have the SSL working behind my firewall when going to https://exchangeserver/exchange I get the certificate prompt then get the form to login
I am able to login so that is great.
Also I can do the same logged in from the ISA Server desktop so thats cool,

My problem is when using the FQDN logging in from the DMZ I have dedicated FQDN for my ISA server IP Address when entering the URL I get the certificate prompt (that is good) then I get the outlook form to login but can not login and I am receiving the following dialog in red on the login form You could not be logged on to Outlook Web Access. Make sure your domain\user name and password are correct, and then try again. Needles to say my account credentials are fine so know it is not that.
Any information on how to troubleshoot my authentication problem would be greatly appreciated.

Thanks
[Cool]
Lucky6String

(in reply to tshinder)
Post #: 50
RE: Discussion of OWA FBA Publishing article - 21.Jun.2005 3:54:00 PM   
ferrix

 

Posts: 547
Joined: 16.Mar.2005
Status: offline
I'm posting here to mention that there is another alternative to get Exchange up and running through ISA with more flexibility and less hassles.

1) Publish Exchange via the very helpful ISA 2004 wizard.
2) Use WebDirect to funnel requests from HTTP to HTTPS, and to add the /Exchange path if not present.
3) Use FlexAuth to provide seamless, customizable FBA as well as Basic Auth to your OMA/ActiveSync clients (all on the same listener!)

Also, if (for some reason) you cannot put your ISA into the domain, FlexAuth supports LDAP and LDAP-SSL as authenticators (so you can still use Windows groups and users in your access rules).

The products I described above are available (with free evaluations of course) at http://www.collectivesoftware.com .

Hope this helps!

(in reply to tshinder)
Post #: 51
RE: Discussion of OWA FBA Publishing article - 21.Jun.2005 8:07:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Greg,

This is really exciting news! Now I know what I'm doing tonight.
Thanks!
Tom

(in reply to tshinder)
Post #: 52
RE: Discussion of OWA FBA Publishing article - 4.Jul.2005 8:36:00 PM   
BryceS

 

Posts: 6
Joined: 2.Dec.2004
From: New Zealand
Status: offline
Hi Tom,

I read your article and have setup our FBA on ISA2004 connecting to our only Exchange server 2003.

From the internet if I select the 'Basic' logon using FBA and everything works fine, can view everything.

If I select the 'Premium' logon it almost works.
The problem here is that the actual messages are linked by our internal exchange servers name (which is not known to an external client) instead of the internet common name. So the messages can't be viewed.

I have link translation turned on for the ISA publishing rule to translate internal name to external name but it doesn't touch these links.

Any ideas please?

Thanks,
Bryce Stenberg
Harness Racing New Zealand Inc.
IT Department.

(in reply to tshinder)
Post #: 53
RE: Discussion of OWA FBA Publishing article - 11.Jul.2005 5:14:00 AM   
Guest
Hello.
I foollowed this article to publish my internal EXCH2K3 server as OWA server.
The externals cleitns come to the formbased authentication page, but when thy enter their credentials, they receive a 403 error. Not authorized. the server refused the url.
There is no problem form the isa server (except that from it, there is no form-base authentication, but that is natural )
Thank s!

(in reply to tshinder)
  Post #: 54
RE: Discussion of OWA FBA Publishing article - 11.Jul.2005 5:21:00 AM   
Guest
More precisions.
If i configure my exchange not to use SSL authenti^cation, and publish the owa serrver so that i have no SSL between the exchaneg and the isa. everything is fine.
So i think i did it wrong between the isa and th exchange ?

(in reply to tshinder)
  Post #: 55
RE: Discussion of OWA FBA Publishing article - 8.Aug.2005 5:54:00 PM   
Guest
Hi guys,
I follow the steps, but I have already generated certificate with IIS 6 Resource Kit Tools - SelfSSL. And the the place of the certificate is in the personal place. Then I exported it and I imported in the ISA 2004. And when I reached the New Listener wizard and check SSL and then Select certificate it says that I must install at least one identical certificate on each member machine. Why is that?...I have identical certificate on the both machine!

(in reply to tshinder)
  Post #: 56
RE: Discussion of OWA FBA Publishing article - 20.Dec.2005 9:10:58 PM   
zanate

 

Posts: 1
Joined: 20.Dec.2005
Status: offline
OK I followed the article to the letter (i think?).  I won't change my external dns until testing is complete so name resolution is handled by the host file on my test machine out on the Internet.

When I try to connect to my OWA page I get:

Page Cannot Be Displayed
Cannot find server or DNS Error
Internet Explorer

Pinging the FQDN resolves correctly.

If I look at the logs on the ISA server, it looks like the traffic is being denied by the default rule even though my OWA publishing rule is #1 on the list.

Any ideas on how I should proceed?

Thanks,

Jason

(in reply to tshinder)
Post #: 57
RE: Discussion of OWA FBA Publishing article - 22.Dec.2005 6:23:02 PM   
lasalsatx

 

Posts: 1
Joined: 22.Dec.2005
Status: offline
I've followed the instructions but it does not work for me, I can access the form based page from the outside but the when I try to logon I get the following message:
You could not be logged on to Outlook Web Access. Make sure your domain\user name and password are correct, and then try again.


(in reply to tshinder)
Post #: 58
RE: Discussion of OWA FBA Publishing article - 5.Jun.2006 4:16:02 PM   
cyrcocq

 

Posts: 8
Joined: 22.Mar.2005
Status: offline
quote:

Solved, but since I haven't been able to find this (although it may be because of my bad english cause I'm french and I wasn't a good student   :-) ) I will explain my case...

I've followed that great tutorial and then when I'd tried to athenticate... It's come back to my authetication form without any error message. And it does this as I typed correct information so as I typed incorrects ones...

I've looked everywhere on the Internet without finding my answer... I've tried undoing all my configuration (witch leads me to errors in my AD about certificates wuch I aven't solved totally for example my second DC seems to be unable to enroll a certificate).

It was really simple... It was only the chekbutton telling (in french to english) demands seems to come from ISA server which was checked in the rule. After moving it to demands seems to come from the orgininal client It's starts working fine...



That was my previous version of my post...
It doesn't work anymore!!!

It loops again on the form authentication page.
I've checked everything. Remade my rule.

Help

(I work with a SBS 2003 SP1 with exchange OWA form and my certification autority and another serveur 2003 sp1 standard with isa 2004 SP2 on it)

Any idea?

< Message edited by cyrcocq -- 5.Jun.2006 6:20:38 PM >

(in reply to tshinder)
Post #: 59
RE: Discussion of OWA FBA Publishing article - 15.Jun.2006 2:38:08 PM   
wainz75

 

Posts: 2
Joined: 15.Jun.2006
Status: offline
Good morning all....

I've a big problem with my OWA configuration.


Our configurations is:
- Cluster Windows server 2003 and Exchange 2003  BE
-  Windows 2003 Server as FE
- ISA 2004 SP2

I want use also http and https for the OWA external users, and i want use FBA of ISA.
Then HTTP all work.
On HTTPS, i receive the certificate, then i arrived to FBA for the login and i insert my username and my password but i received this error:
  • Error Code: 500 Internal Server Error. The network logon failed. (1790) I can't understand where is the problem.

    Can you help me?
    Thank's
    Vincenzo from Milan...

    (in reply to tshinder)
  • Post #: 60

    Page:   <<   < prev  1 2 [3] 4   next >   >> << Older Topic    Newer Topic >>
    All Forums >> [ISA Server 2004 General ] >> Exchange Publishing >> RE: Discussion of OWA FBA Publishing article Page: <<   < prev  1 2 [3] 4   next >   >>
    Jump to:

    New Messages No New Messages
    Hot Topic w/ New Messages Hot Topic w/o New Messages
    Locked w/ New Messages Locked w/o New Messages
     Post New Thread
     Reply to Message
     Post New Poll
     Submit Vote
     Delete My Own Post
     Delete My Own Thread
     Rate Posts