Questions

OWA keeps asking for password

+
0 Votes
Locked

OWA keeps asking for password

I-am-Trackman
The OWA keeps asking for password from remote users: Outlook access is fine for same users:
When attempting to access mail via OWA it retains user ID but keeps rolling back with blank password screen:
Have tried adding domain name in front of ID same results:

H E L P
  • +
    0 Votes
    gary

    After all, if you are in a public location and OWA saved the password anyone would be able to read your email - NOT SECURE!

    +
    0 Votes
    I-am-Trackman

    This is my second time around in the guild:
    Used to be one could expect a very concise and thought out reply: I have over thirty years in the industry and what I have read of the current posts to other questions and this jem really saddens me.
    Perhaps I was a bit vague in my querie but I did say it loops on the login. With or without the domain preceeding the ID.
    Although my own certification has not gone beyond Exchange 5.5 I believe this is pretty
    straight forward but for the moment its a matter of my "not being able to see the forest thru the trees". I have given it some thought myself and am leaning toward reseting the default virtual directories.
    Hoping for some more positive input before
    handing Bill Gates anymore money

    +
    0 Votes
    gary

    Ok, Let's fix this without getting into an argument on semantics, experience and how crap we all are here.

    I'm assuming what you actually meant to ask is why when you put your domain credentials into OWA it lets you logon then persistently asks you for your logon details, if you cancel certain page elements are missing? Would I be right?

    I've not seen this on OWA but I have on sharepoint and its down to a few options. The simple fix is to check the NTFS permissions on the IIS directories. Changing the permissions type to plain text WILL fix the problem but introduces a security hole. you are CFO and what not so can make that call.

    The correct fix is actually a lot more work but I suspect you are too busy so get the IS dept to contact me and I'll explain it.

    Gary (Not Jerry, Bob, mike or anything else).

    +
    0 Votes
    Dumphrey

    but have you tried restarting the OWA web root? Not sure if that will fix your problem or not, but I was having problems with web folders appearing, disapperaing, and having weird permssions issues. I restarted the web root and the problem went away and has stayed away.

    +
    0 Votes
    trigonman3

    I recently was 1st-level support for a government agency, and our users were experiencing this. We were instructed to have the users bypass our proxy for the OWA server, and the multiple prompts went away. Supposedly the proxy was stupid and would time out the connection immediately. This might not be your problem but I hope it helps.

    +
    0 Votes
    technochic64

    We installed a new front end server and had the same issue. There are several things I learned.

    First, you did not say if you were using a front end server or if you only have one mail server, nor did you mention which exchange version you are using.

    If OWA is being served up via a front end server, and it is an exchange 2003 server, you have to change the peremissions on that server via exchange system manager.

    What you need to know is that a front end server in exchange does not allow windows authentication (commonly known as pass through authentication). You have to set the front end to basic authentication. Then set the back end server to windows authenticaion and basic authentication.

    http://technet.microsoft.com/en-us/library/eb063679-51a8-4cc0-9773-e5f1eb6edf31.aspx

    If you are running exchange 2000 the change has to be made in IIS.

    Exchange 2003 System manager settings will overwrite IIS settings after 15 minutes, which is why you have to make the changes for exchange 2003 in the system manager, not IIS. Go to the server name, protocols, HTTP, Exchange Virtual Server and right-click the Exchange folder, go to properties then the access tab and click the "authentication" button. Again, front end servers need to have basic ONLY checked. Back end servers need basic AND windows authentication checked.

    Other issues may be your DNS host name entries or cname alias entries, but someone else can tackle that part if they wish.

  • +
    0 Votes
    gary

    After all, if you are in a public location and OWA saved the password anyone would be able to read your email - NOT SECURE!

    +
    0 Votes
    I-am-Trackman

    This is my second time around in the guild:
    Used to be one could expect a very concise and thought out reply: I have over thirty years in the industry and what I have read of the current posts to other questions and this jem really saddens me.
    Perhaps I was a bit vague in my querie but I did say it loops on the login. With or without the domain preceeding the ID.
    Although my own certification has not gone beyond Exchange 5.5 I believe this is pretty
    straight forward but for the moment its a matter of my "not being able to see the forest thru the trees". I have given it some thought myself and am leaning toward reseting the default virtual directories.
    Hoping for some more positive input before
    handing Bill Gates anymore money

    +
    0 Votes
    gary

    Ok, Let's fix this without getting into an argument on semantics, experience and how crap we all are here.

    I'm assuming what you actually meant to ask is why when you put your domain credentials into OWA it lets you logon then persistently asks you for your logon details, if you cancel certain page elements are missing? Would I be right?

    I've not seen this on OWA but I have on sharepoint and its down to a few options. The simple fix is to check the NTFS permissions on the IIS directories. Changing the permissions type to plain text WILL fix the problem but introduces a security hole. you are CFO and what not so can make that call.

    The correct fix is actually a lot more work but I suspect you are too busy so get the IS dept to contact me and I'll explain it.

    Gary (Not Jerry, Bob, mike or anything else).

    +
    0 Votes
    Dumphrey

    but have you tried restarting the OWA web root? Not sure if that will fix your problem or not, but I was having problems with web folders appearing, disapperaing, and having weird permssions issues. I restarted the web root and the problem went away and has stayed away.

    +
    0 Votes
    trigonman3

    I recently was 1st-level support for a government agency, and our users were experiencing this. We were instructed to have the users bypass our proxy for the OWA server, and the multiple prompts went away. Supposedly the proxy was stupid and would time out the connection immediately. This might not be your problem but I hope it helps.

    +
    0 Votes
    technochic64

    We installed a new front end server and had the same issue. There are several things I learned.

    First, you did not say if you were using a front end server or if you only have one mail server, nor did you mention which exchange version you are using.

    If OWA is being served up via a front end server, and it is an exchange 2003 server, you have to change the peremissions on that server via exchange system manager.

    What you need to know is that a front end server in exchange does not allow windows authentication (commonly known as pass through authentication). You have to set the front end to basic authentication. Then set the back end server to windows authenticaion and basic authentication.

    http://technet.microsoft.com/en-us/library/eb063679-51a8-4cc0-9773-e5f1eb6edf31.aspx

    If you are running exchange 2000 the change has to be made in IIS.

    Exchange 2003 System manager settings will overwrite IIS settings after 15 minutes, which is why you have to make the changes for exchange 2003 in the system manager, not IIS. Go to the server name, protocols, HTTP, Exchange Virtual Server and right-click the Exchange folder, go to properties then the access tab and click the "authentication" button. Again, front end servers need to have basic ONLY checked. Back end servers need basic AND windows authentication checked.

    Other issues may be your DNS host name entries or cname alias entries, but someone else can tackle that part if they wish.