Questions

Single user unable to access OWA

Tags:
+
0 Votes
Locked

Single user unable to access OWA

LauraA
I have a single user (out of over 100) in a w2008 domain, who is unable to login via OWA to our Exchange 2007 server while away from the office. She can login to the domain at her computer and get to email via Outlook 2007 at all times. She gets no error message, other than the invalid username/password prompt, when she attempts to access OWA. She can login to the domain at different computers, and we've even set up her outlook account on a laptop to verify that the settings are good. This user has been a memeber of the domain for over a year, but just recently has had family health problems keeping her out of the office and I have just found out that she's never been able to access OWA. I checked the EMC and OWA is enabled as a feature. I've cross checked several other users to see if there is anything different in her mailbox settings and found nothing that looks to be out of the ordinary. I looked at the Windows logs and found no references to this user in either Application or Security logs.

Any assistance in this area will be greatly appreciated!

Laura
  • +
    0 Votes
    Wizard-09

    Is the user using domain/username - also what about given the user VPN access to you resolve the issue, how is the user accessing the page, have you tested on a working laptop that someone else can log into the OWA ? Try setting your internet security settings to medium, also maybe this link can help you out - http://support.microsoft.com/default.aspx?scid=kb;en-us;280823&Product=exch2003

    +
    0 Votes

    YEP

    LauraA

    Yes, we've tried both the domain/username as well as just username. I have 35 users that only access email from a the https://owa.domainname.org shortcut that I have set up on their computers throught our county. I also have a link on our webpage to enable users out of the office an easy shortcut as well. And none of them are having ANY issues with it. Security settings are at medium.

    +
    0 Votes
    robo_dev

    If this user was migrated from another exchange server.

    Of course, SSL session authentication issues can happen if the time settings on the PC are wrong.

    +
    0 Votes
    LauraA

    All but a few of the existing users were migrated last November when we upgraded. "Include inheritable permissions from this objects parent" is checked. As far as I know, she is the only one not to get access to OWA when she attempts (although I'm sure that other employee's never care about their email unless they are in the office, and as such there could be others).

    +
    0 Votes
    CG IT

    she should be able to open the OWA page on the LAN using the https://(server name or IP address)/owa

    or however you have the FQDN set for OWA

    If this is an authentication problem, and your using Active Directory, verify that the user account is authorized to access OWA as a member of the appropriate security group. You'll find the account properties in Active Directory Users and Computers/user account properties page.

    +
    0 Votes
    LauraA

    We tried it that way and it works. But we went in the typical way, thru the agency website, and it also worked. I hadn't made any changes to the user account settings, as i couldn't find anything to change :). She is and has been a member of OWA.

    She did tell me she was prompted to change her password yesterday, but this has been an issue for over a year. She's going to try it from home this evening, so fingers crossed!

    BTW, sorry i didn't see your post before today.

    +
    0 Votes
    maclovin

    Sounds like the DNS settings are set incorrectly on this machine to me. I had a similar issue and the DNS it is using on that machine isn't changing/being allowed to change to go to the proper OWA address when they are outside the office.

    Obviously, your OWA address outside the network should be different than the server name inside the network.

    If the DNS is set properly, then I would check the hosts file to be sure there's not a manual entry in there, which is actually how I fixed this issue for a client once.

    +
    0 Votes
    LauraA

    The laptop she used is an agency one, belongs to the domain, and I've been able to successfully log in to OWA using it outside the office. We used her credentials to log on to the computer, both hers and mine to try to get OWA, and only mine worked.

    She gets to the correct address, was prompted for the username password, but got the 'bad username/password' message.

    She was to try it at home last night since she was successfully able to do it from within the office, by going to our website and selecting the employee email button (which hadn't worked before for her, even while in the office) but she didn't get a chance to. I'm curious to see if it works from home as well. As i said, i made no changes to her properties either in AD or Exchange.

    +
    0 Votes
    Sue T

    on her account. you said you migrated her with permissions, well maybe something just did not copy right and it just needs to be redone.

    +
    0 Votes
    LauraA

    It appears as though this cleared itself up, without any help or changes from me; she hade changed her password, but that was the only difference between tries. I had the user test while on the network using the same link that we would from outside and it worked. She still has yet to tell me if if worked from home. At this point I consider the request from her closed, unless and until I hear differently from her.

    Thanks for all the suggestions!

    +
    0 Votes
    robo_dev

    OWA is supposed to clear out any cached credentials in the browser. By changing the password, the cached credentials are re-synchronized.

  • +
    0 Votes
    Wizard-09

    Is the user using domain/username - also what about given the user VPN access to you resolve the issue, how is the user accessing the page, have you tested on a working laptop that someone else can log into the OWA ? Try setting your internet security settings to medium, also maybe this link can help you out - http://support.microsoft.com/default.aspx?scid=kb;en-us;280823&Product=exch2003

    +
    0 Votes

    YEP

    LauraA

    Yes, we've tried both the domain/username as well as just username. I have 35 users that only access email from a the https://owa.domainname.org shortcut that I have set up on their computers throught our county. I also have a link on our webpage to enable users out of the office an easy shortcut as well. And none of them are having ANY issues with it. Security settings are at medium.

    +
    0 Votes
    robo_dev

    If this user was migrated from another exchange server.

    Of course, SSL session authentication issues can happen if the time settings on the PC are wrong.

    +
    0 Votes
    LauraA

    All but a few of the existing users were migrated last November when we upgraded. "Include inheritable permissions from this objects parent" is checked. As far as I know, she is the only one not to get access to OWA when she attempts (although I'm sure that other employee's never care about their email unless they are in the office, and as such there could be others).

    +
    0 Votes
    CG IT

    she should be able to open the OWA page on the LAN using the https://(server name or IP address)/owa

    or however you have the FQDN set for OWA

    If this is an authentication problem, and your using Active Directory, verify that the user account is authorized to access OWA as a member of the appropriate security group. You'll find the account properties in Active Directory Users and Computers/user account properties page.

    +
    0 Votes
    LauraA

    We tried it that way and it works. But we went in the typical way, thru the agency website, and it also worked. I hadn't made any changes to the user account settings, as i couldn't find anything to change :). She is and has been a member of OWA.

    She did tell me she was prompted to change her password yesterday, but this has been an issue for over a year. She's going to try it from home this evening, so fingers crossed!

    BTW, sorry i didn't see your post before today.

    +
    0 Votes
    maclovin

    Sounds like the DNS settings are set incorrectly on this machine to me. I had a similar issue and the DNS it is using on that machine isn't changing/being allowed to change to go to the proper OWA address when they are outside the office.

    Obviously, your OWA address outside the network should be different than the server name inside the network.

    If the DNS is set properly, then I would check the hosts file to be sure there's not a manual entry in there, which is actually how I fixed this issue for a client once.

    +
    0 Votes
    LauraA

    The laptop she used is an agency one, belongs to the domain, and I've been able to successfully log in to OWA using it outside the office. We used her credentials to log on to the computer, both hers and mine to try to get OWA, and only mine worked.

    She gets to the correct address, was prompted for the username password, but got the 'bad username/password' message.

    She was to try it at home last night since she was successfully able to do it from within the office, by going to our website and selecting the employee email button (which hadn't worked before for her, even while in the office) but she didn't get a chance to. I'm curious to see if it works from home as well. As i said, i made no changes to her properties either in AD or Exchange.

    +
    0 Votes
    Sue T

    on her account. you said you migrated her with permissions, well maybe something just did not copy right and it just needs to be redone.

    +
    0 Votes
    LauraA

    It appears as though this cleared itself up, without any help or changes from me; she hade changed her password, but that was the only difference between tries. I had the user test while on the network using the same link that we would from outside and it worked. She still has yet to tell me if if worked from home. At this point I consider the request from her closed, unless and until I hear differently from her.

    Thanks for all the suggestions!

    +
    0 Votes
    robo_dev

    OWA is supposed to clear out any cached credentials in the browser. By changing the password, the cached credentials are re-synchronized.