User can't access OWA or RWW
- From: "Mike in Nebraska" <Mike_in_Nebraska@xxxxxxxxxxxxxxxx>
- Date: Tue, 3 Feb 2009 08:30:23 -0600
Running SBS 2003 Premium with Exchange 2003; all current with patches and
SPs.
=============
New staff member aboard; heading out on a business trip so I'm walking her through the process of accessing her email and desktop remotely. (Her user account was setup using the Add User wizard.) However, she can't get into either. Keeps getting the note that either her login or password are bad.
She can login locally with no problems. I verified that my login and password will work from her desktop and laptop, both inside and outside the LAN, and then tried her login and password - same result.
Checked her group membership and Exchange tabs for anything different than anyone else - nothing. She's in the right groups, Exchange Features tab is correct, Group Policy Modeling produces the right results. Her OU and the computer's OU are correct and have the GP's applied. Her OS is Vista Business.
<later>
I did a backup of the user's files,settings, folders, and mailbox, then deleted the user. I then used the Add User wizard in Server Management to create a new account for her. Unfortunately, she STILL cannot login to OWA (http://<servername>/exchange) or RWW (http://<servername>/remote). On the former the message is that her 'login or password is incorrect; try again', and on the latter, 'that her login or password are incorrect; if it persists, the user may not have permissions'.
Nothing in the server logs, nor the local computer. I tried her account from within the network on 2 different computers - same result. She tried on her personal laptop which is outside the network, same results.
In ADUC, her account is a member of: Domain Users (primary group), Domain Power Users, Internet Users, Mobile Users, <distribution group>, Remote Desktop Users, and Remote Web Workplace.
Here's an odd thing. I filtered the Security log on the server using her name in the User box and unchecked Success. No hits.
Ah ..... It just hit me to try something else; I did a different filter just now clearing her name and unchecking Success. Now I see Event 533's for her account when I tried it this morning <a few days ago>. Here's a sample:
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 533
Date: 1/30/2009
Time: 6:30:57 AM
User: NT AUTHORITY\SYSTEM
Computer: <computername>
Description:
Logon Failure:
Reason: User not allowed to logon at this computer
User Name: jessica
Domain: <computername>
Logon Type: 3
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: <computername>
Caller User Name: IUSR_<computername>
Caller Domain: <domainname>
Caller Logon ID: (0x0,0x3B5E3)
Caller Process ID: 6008 <this is w3wp.exe, called by user NETWORK
SERVICE>
Transited Services: -
Source Network Address: -
Source Port: -
I know we're getting somewhere, but I need a "nudge" in the right direction. <thinking out loud> The IUSR account is for anonymous internet access, a guest account. Her account is a member of Domain Power Users, Domain Users, Internet Users, Mobile Users, Remote Desktop Users, and Remote Web Workplace Users groups. The Guest account on the server is disabled. </thinking out
loud>
I'm at a loss right now on where to turn. Can you give me an idea?
--
Mike Webb
Platte River Whooping Crane Maintenance Trust, Inc.
a conservation non-profit (501 (c)(3)) organization
Wood River, NE
.
- Follow-Ups:
- Re: User can't access OWA or RWW
- From: Meinolf Weber [MVP-DS]
- Re: User can't access OWA or RWW
- From: Lanwench [MVP - Exchange]
- Re: User can't access OWA or RWW
- Prev by Date: Re: List directories access (ACL) of a group or user
- Next by Date: Rendom /upload Error
- Previous by thread: Windows 2008 Limitlogin
- Next by thread: Re: User can't access OWA or RWW
- Index(es):
Relevant Pages
|
Loading
