Re: OWA Form Resetting
- From: "ZVR" <no_spam_ever@xxxxxx>
- Date: Wed, 15 Mar 2006 12:20:18 -0500
1. Are you using Exchange 2003? If yes, do you have FBA (forms based
authentication) enabled on both your ISA and Exchange servers? That can be
your issue - only one of them can be active at a time. If you prefer FBA for
external connections rather than internal ones, you need to enable FBA for
the web listener in ISA, and disable it in Exchange System Manager. See the
following article (the "note" under the "Forms-Based Authentication"
section):
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/owapublishing.mspx
2. The reason why you are getting alerts regarding the certificate being
issues by a company you don't trust, is that you don't have the
Certification Authority's (CA) own certificate in the list of trusted
certification authorities. You need to import the CA certificate (for a root
CA, usually a self-signed certificate) into the "Trusted Root Certification
Authorities" container of the "Local Computer" account, on both the ISA
server computer (very important!) as well as the external client computers.
This step is optional for the external clients; not having that CA
certificate in the list of trusted providers should not prevent them for
connecting to the published server, but you will continue to get that alert
if you don't perform this step. Obviously your laptop already has the CA
certificate in the list.
See the following article for tips regarding import and export of
certificates:
http://technet2.microsoft.com/WindowsServer/en/Library/2746cc74-5401-443b-898f-5dc53b1cbcb01033.mspx
3. What kind of connection are you using between the external clients and
ISA, and between ISA and the internal Exchange server? In other words, how
are you bridging requests: HTTPS to HTTPS (SSL bridging), HTTPS to HTTP
(encryption is only used on the external client side), or HTTP to HTTPS
(encryption only used on the LAN side... note that you should never user
this because of the security implications).
4. Finally a link to a very good article by Tom Shinder about publishing OWA
using a commercial certificate:
http://www.isaserver.org/tutorials/Using-Commercial-Web-Site-Certificate-Publish-Outlook-Web-Access-Part1.html
Virgil
"Wow" <Fan@O&A.XM> wrote in message
news:OsDBzEESGHA.4792@xxxxxxxxxxxxxxxxxxxxxxx
Help desperately need!
I have read through countless articles from ISAServer.org & Microsoft.com
but my OWA still doesn't work. Saturday, I installed a new Win2003 server
as my new ISA 2004 server. This server replaced my Win2000 / ISA 2000
server. I have an Exchange server loaded on a Win2000 server. These
servers and a two others are part of our Win2000 domain. I have purchased
a Certificate two years ago that was installed on the ISA2000 server.
Today, I was able to get the OWA to work on our internal network using
https://servername/exchange. The SSL cert it is using is one I purchased
two years ago. Internally, I can view the cert and the certs associated
with it (the cert path). When I logon externally, I get a Security Alert
that the cert is issued by a company I don't trust. When I view the cert I
get - This cert cannot be verified up to a trusted cert authority. If I
click "Yes" to proceed I get the OWA logon form. When I type in my
username & password the form just resets. I get no error.
On my laptop I was able to get to the OWA logon form with no Cert
problems. The cert was good but the OWA logon form just resets everytime I
try to logon.
Any thoughts?
-Marty
.
- Follow-Ups:
- Re: OWA Form Resetting
- From: Wow
- Re: OWA Form Resetting
- References:
- OWA Form Resetting
- From: Wow
- OWA Form Resetting
- Prev by Date: Re: error http 404
- Next by Date: Re: Port 8080 allocation error in web proxy filter
- Previous by thread: OWA Form Resetting
- Next by thread: Re: OWA Form Resetting
- Index(es):
Relevant Pages
|
Loading
