By default, forms-based authentication is not enabled for Outlook Web Access in Exchange2007. Forms-based authentication stores the user’s user name and password in a cookie instead of in the browser. When the user leaves an OWA session or after the expiration of the inactivity period, the cookie is cleared. As a result, the user must re-authenticate to use OWA again. This is a good security measure.To enable the Outlook Web Access logon page, do the following:
- Open the Exchange Management Console.
- Choose Server Configuration > Client Access.
- Click the “Owa (Default Web Site)” entry.
- From the Action pane, choose the Properties option.
- From the Owa (Default Web Site) Properties page, click the Authentication tab.
Under the “Use Forms-Based Authentication” option there are three options for enforcing a particular logon format. The Domain\User Name option is self-explanatory and is useful if you have multiple domains. The User Principal Name (UPN) option, or e-mail address format, is probably the easiest for users to remember since they use it all the time. The User Name Only option is the last option, which is also self explanatory. If you choose the User Name Only format, you also need to choose a Logon Domain.
- Click OK
Because this change affects IIS, you must restart IIS. From a command line on the Outlook Web Access server, issue the command iisreset /noforce.