Re: OWA Form Resetting
- From: "ZVR" <no_spam_ever@xxxxxx>
- Date: Thu, 16 Mar 2006 10:04:11 -0500
You're welcome; glad to hear you got it working :-)
Virgil
"Wow" <Fan@O&A.XM> wrote in message
news:%23udcfoPSGHA.5808@xxxxxxxxxxxxxxxxxxxxxxx
Thank you very much!!!
It seems that I had FBA turned on on both the ISA & Exchange server. I set
the ISA OWA Listener to Integrated Authentication and the FBA set on
Exchange. Also, I was issued a new SSL certificate from InstantSSL.com.
After installing the new cert and REBOOTING, everything came online.
Greatly Appreciate it!!!
-Marty
"ZVR" <no_spam_ever@xxxxxx> wrote in message
news:44186644$0$3688$9a6e19ea@xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Depends on the client browsers... integrated is better but not all
browsers support it. IE and Firefox do.
Basic authentication forwards the user and pass in clear-text, so that's
why you should not use it... unless you're using HTTPS for the client
connection to ISA, in which case that's protected by the SSL layer
already so no need to worry. That's what I usually do... basic
authentication on the ISA listener coupled with SSL encryption.
Virgil
"Wow" <Fan@O&A.XM> wrote in message
news:uV%23JPoFSGHA.4452@xxxxxxxxxxxxxxxxxxxxxxx
Listener - Authentication on the ISA 2004 Server. That is.
"Wow" <Fan@O&A.XM> wrote in message
news:uYEDqgFSGHA.6084@xxxxxxxxxxxxxxxxxxxxxxx
If I want FBA on the Exchange server what setting do I set for the
Listener - Authentication (Basic, Integrated...?)
Thanks,
Marty
"ZVR" <no_spam_ever@xxxxxx> wrote in message
news:44184cd0$0$5733$9a6e19ea@xxxxxxxxxxxxxxxxxxxxxxxxxxxx
1. Are you using Exchange 2003? If yes, do you have FBA (forms based
authentication) enabled on both your ISA and Exchange servers? That
can be your issue - only one of them can be active at a time. If you
prefer FBA for external connections rather than internal ones, you
need to enable FBA for the web listener in ISA, and disable it in
Exchange System Manager. See the following article (the "note" under
the "Forms-Based Authentication" section):
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/owapublishing.mspx
2. The reason why you are getting alerts regarding the certificate
being issues by a company you don't trust, is that you don't have the
Certification Authority's (CA) own certificate in the list of trusted
certification authorities. You need to import the CA certificate (for
a root CA, usually a self-signed certificate) into the "Trusted Root
Certification Authorities" container of the "Local Computer" account,
on both the ISA server computer (very important!) as well as the
external client computers. This step is optional for the external
clients; not having that CA certificate in the list of trusted
providers should not prevent them for connecting to the published
server, but you will continue to get that alert if you don't perform
this step. Obviously your laptop already has the CA certificate in the
list.
See the following article for tips regarding import and export of
certificates:
http://technet2.microsoft.com/WindowsServer/en/Library/2746cc74-5401-443b-898f-5dc53b1cbcb01033.mspx
3. What kind of connection are you using between the external clients
and ISA, and between ISA and the internal Exchange server? In other
words, how are you bridging requests: HTTPS to HTTPS (SSL bridging),
HTTPS to HTTP (encryption is only used on the external client side),
or HTTP to HTTPS (encryption only used on the LAN side... note that
you should never user this because of the security implications).
4. Finally a link to a very good article by Tom Shinder about
publishing OWA using a commercial certificate:
http://www.isaserver.org/tutorials/Using-Commercial-Web-Site-Certificate-Publish-Outlook-Web-Access-Part1.html
Virgil
"Wow" <Fan@O&A.XM> wrote in message
news:OsDBzEESGHA.4792@xxxxxxxxxxxxxxxxxxxxxxx
Help desperately need!
I have read through countless articles from ISAServer.org &
Microsoft.com but my OWA still doesn't work. Saturday, I installed a
new Win2003 server as my new ISA 2004 server. This server replaced my
Win2000 / ISA 2000 server. I have an Exchange server loaded on a
Win2000 server. These servers and a two others are part of our
Win2000 domain. I have purchased a Certificate two years ago that was
installed on the ISA2000 server.
Today, I was able to get the OWA to work on our internal network
using https://servername/exchange. The SSL cert it is using is one I
purchased two years ago. Internally, I can view the cert and the
certs associated with it (the cert path). When I logon externally, I
get a Security Alert that the cert is issued by a company I don't
trust. When I view the cert I get - This cert cannot be verified up
to a trusted cert authority. If I click "Yes" to proceed I get the
OWA logon form. When I type in my username & password the form just
resets. I get no error.
On my laptop I was able to get to the OWA logon form with no Cert
problems. The cert was good but the OWA logon form just resets
everytime I try to logon.
Any thoughts?
-Marty
.
- References:
- OWA Form Resetting
- From: Wow
- Re: OWA Form Resetting
- From: ZVR
- Re: OWA Form Resetting
- From: Wow
- Re: OWA Form Resetting
- From: Wow
- Re: OWA Form Resetting
- From: ZVR
- Re: OWA Form Resetting
- From: Wow
- OWA Form Resetting
- Prev by Date: Re: error http 404
- Next by Date: Re: More than 10 users in reports
- Previous by thread: Re: OWA Form Resetting
- Next by thread: Port 8080 allocation error in web proxy filter
- Index(es):
Relevant Pages
|
