RE: OWA

Hi George,

How are you doing? Do you have any updates regarding the information I
provided in my previous response to your post? Please do not hesitate to
let me know if you have any further concerns. I am looking forward to your
reply.

Have a nice day!

Sincerely,

Jenny Wu

Microsoft Online Partner Support
--------------------
X-Tomcat-ID: 145168302
References: <8BEACBDD-B25C-4E92-B271-129C7B9B4628@xxxxxxxxxxxxx>
<00DA329E-C797-40D5-BB55-F829ED634966@xxxxxxxxxxxxx>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
From: v-yanniw@xxxxxxxxxxxxxxxxxxxx ("Jenny wu [MSFT]")
Organization: Microsoft
Date: Mon, 07 Aug 2006 09:04:33 GMT
Subject: RE: OWA
X-Tomcat-NG: microsoft.public.exchange.admin
Message-ID: <fLLaCCguGHA.760@xxxxxxxxxxxxxxxxxxxxx>
Newsgroups: microsoft.public.exchange.admin
Lines: 189
Path: TK2MSFTNGXA01.phx.gbl
Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.exchange.admin:561580
NNTP-Posting-Host: TOMCATIMPORT1 10.201.218.122

Hi George,

Thanks for posting here. Also thanks for Knightly's input.

I am sorry for the delayed response due to weekend. Please understand that
the newsgroups are staffed weekdays by Microsoft Support professionals to
answer your systems and applications questions. Your understanding is
greatly appreciated!

For time critical issues (not business down), we encourage you to contact
CSS directly for more immediate assistance:
International Support (non-US/Canada):
http://support.microsoft.com/common/international.aspx

US and Canada:
http://support.microsoft.com/default.aspx?scid=fh;EN-US;OfferProPhone

To continue working with me in the newsgroups, please see the following:

From your description, I understand the issue is that user can access
mailbox without inputting username and password in OWA if you access the
mailbox with the URL: //exchange server name/exchange/username. If I am
off
base, please don't hesitate to let me know.

Let us perform the steps below to trouble shoot the issue:

I. Please double confirm the security settings configured properly in IIS
server. To do so:

1. Re-run CEICW wizard (Server management console -> Configuration E-mail
and Internet connection wizard) to go through all the steps in the wizard
to configure your SBS network and IIS as well. You can refer to the
following article to get detail steps:

825763 How to configure Internet access in Windows Small Business Server
2003
http://support.microsoft.com/?id=825763

2. Then please verify the virtual server: exchange, ExchWeb settings are
correct.

1). Exchange VD settings:

a. Open IIS snap-in, go to Default Web Site/exchange and open its
properties page.
b. Under Directory Security tab, please click Edit under "Authentication
and access control" and ensure the option "Enable anonymous access" is
Unchecked and the option "Basic Authentication" is checked.
c. Under Directory Security tab, please click Edit under "Secure
communications", please make sure that "Require secure channel (SSL)" and
"Require 128-bit encryption" is checked.

2). ExchWeb settings:

a. Open IIS snap-in, go to Default Web Site/ExchWeb and open its
properties
page.
b. Under Directory Security tab, please click Edit under "Secure
communications", please make sure that "Require secure channel (SSL)" and
"Require 128-bit encryption" is checked.

After verifying above settings, please run command "iisreset" (no
quotation
marks) to refresh the IIS server. Then please test the issue to see if the
issue resolved.

II. If it is not above situation, the issue may be related to permissions
issue.

Please double check if the user can access any other users' mailboxes in
OWA by that method. If yes, please check the following settings:

1. From ADUC, check if "Domain users" is in the following groups: Exchange
Enterprise Servers or Exchange Domain Servers group. If so, remove it out
of the group.

2. Check if everyone has full mailbox access to the organization or
mailbox
stores.

1). Start Exchange System Manager, right click the org and then
Properties.
On the security tab, make sure everyone/Domain users should have explicit
"DENY" on "Receive As" and "Send As".

Note: If the Security tab doesn't appear, you can modify the registry key
to show it.

-- Click Start and then click Run.
-- In the Open box, type regedit, and then press ENTER.
-- In Registry Editor, locate the following subkey in the registry:
HKEY_CURRENT_USER\Software\Microsoft\Exchange\EXAdmin
-- On the Edit menu, point to New, and then click DWORD Value.
-- Type ShowSecurityPage, and then press ENTER.
-- Press ENTER.
-- In the Edit DWORD Value dialog box, type 1 in the Value data box, and
then click OK.
-- Quit Registry Editor.

2) Still in ESM, locate to the mailbox store object and open its
Properties. On the Security tab, make sure that everyone/Domain users has
"DENY" rights on "Receive As" and "Send As" and no explicit "Allow"
permissions on "Receive As" and "Send As".

For more information, you can refer to the following article:
How to Assign Service Account Access to All Mailboxes in Exchange Server
2003:
http://support.microsoft.com/?id=821897

If the issue persists, please collect the following information, so I can
perform further investigation.

1. Does the issue happen on all users' mailboxes? Please try to test and
let me know the result.

2. Please try to logon another computers to test the issue, does the issue
is re-produced?

3. Please run command "msinfo32" (no quotation marks) on the SBS server
box
to launch System Information console. And click File and then Save. Save
the system information to a .nfo file to send to me. My working mailbox:
v-yanniw@xxxxxxxxxxxxx

4. Please help me collect the IIS metabase for analyze:

-To collect the IIS Metabase:

a. Download the IIS Resource Kit tools from the following page:
http://www.microsoft.com/downloads/details.aspx?FamilyId=56FC92EE-A71A-4C73
-
B628-ADE629C89499&displaylang=en
b. Install it, run MBExplorer (Metabase Explorer)
c. Right click the "LM" node and choose "Export to file".
d. Specify a file name, specify the password and finish the export.
e. Send the file and the password to me.

Please compress all files and send to my working mailbox:
v-yanniw@xxxxxxxxxxxxx

I appreciate your time. I am happy to be of assistance to you and look
forward to your reply.

Sincerely,
Jenny Wu, MCSE 2000/2003, MCSA 2000/2003, MCDBA, MCSD
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
Thread-Topic: OWA
thread-index: Aca33YHl4kuxCyIMQgyFgw0LFSIc0w==
X-WBNR-Posting-Host: 12.152.67.72
From: =?Utf-8?B?a25pZ2h0bHk=?= <knightly@xxxxxxxxxxxxxxxxxxxxxxxxx>
References: <8BEACBDD-B25C-4E92-B271-129C7B9B4628@xxxxxxxxxxxxx>
Subject: RE: OWA
Date: Fri, 4 Aug 2006 08:49:02 -0700
Lines: 12
Message-ID: <00DA329E-C797-40D5-BB55-F829ED634966@xxxxxxxxxxxxx>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
Newsgroups: microsoft.public.exchange.admin
Path: TK2MSFTNGXA01.phx.gbl
Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.exchange.admin:561312
NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
X-Tomcat-NG: microsoft.public.exchange.admin

disable integrated windows authentication.

Perhaps turn on FBA (assuming you've got SSL enabled) and require ssl on
the
/exchange virtual dir and just use basic auth...this would encrypt the
form
with ssl and always force fba to be used.

"George Schneider" wrote:

I have a strage probelm. When I open up outlook web access by using
//exchange server name/exchange/username I go right into my email box
without
a prompt for a user name and password like it use to. Why is this and
what
can be done to fix this issue.




.

Relevant Pages

  • Excange 2003 to 2007
    ... Host name mail.sunshine.com does not match any name found on the server certificate CN=MAIL09 ... Exchange Remote Connectivity Analyzer has encountered an error. ... Recovery Storage Group on one of your production mailbox servers. ... Recovery storage groups and 32 bit Exchange ...
    (microsoft.public.exchange.admin)
  • Re: SBS 2003 PDA Sync Problem - Error 0x85010014
    ... Export all mails in Mailbox as .PST file. ... Remove the Exchange Attribute for problematic user with corrupt Exchange ... Please verify Authentication settings by the following steps. ... Open IIS Manager ...
    (microsoft.public.backoffice.smallbiz)
  • RE: Troubles with Exchange 2003 Queue - waiting Mails for 1 user!
    ... First you restored server with ghost, that is not recommended on Windows ... you can backup and restore SBS with SBS backup. ... Exchange attributes. ... Export all mails in Mailbox as .PST file. ...
    (microsoft.public.windows.server.sbs)
  • Re: Backing Up Exchange/Outlook
    ... First off I can confirm that Outlook is looking to Exchange for mail ... Therefore, when I go into NTbackup on the server, I need to back up ... and the First Storage Group consists of Mailbox Store and ... the Public Folder Store??? ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: cannot connect to mailbox after new install
    ... the new exch server was selected already. ... As for removing old exch svr, i don't have the old svr anymore; ... Can you verify the manual removal of your old Exchange Server? ... I did a find for users with exch mailbox and was able to find 41 ...
    (microsoft.public.exchange.setup)
Quantcast