Hi Folks - Have done a considerable amount of research on this issue and have come up empty-handed -- am hoping someone out there can give some insight as to what the heck may be going on here. Here's the issue: We have two freshly-installed Exchange 2010/SP2 servers running the CAS + Hub roles. Our current Exchange 2003 (SP2) setup consists of a 2-node back-end cluster and two front-ends that are hardware load-balanced. Everything works like a champ. We're trying to get the 2010 machines to properly redirect to the 2003 front-ends for OWA, and when entering credentials, the browser just hangs at auth.owa -- a blank page is displayed, with no error. We've used the -Exchange2003Url switch w/ the Set-OWAVirtualDirectory cmdlet as we did in test but it has not helped. The Microsoft Exchange Forms Based Authentication Service is started. Event logs are clean. This occurs with either CAS/Hub we try it on. We're not doing anything with CAS Arrays, different host names, etc. yet just to keep things as close to default as possible. The current 2003 front-ends DO have forms-based authentication enabled and have had it working for years. We're using the same SSL certificate on both setups -- a wildcard certificate. This worked perfectly fine in test, so I can't see that being the show-stopper here.. Any help would be greatly, greatly appreciated. THANK YOU! -Craig UPDATE: Some folks suggested running the following command.. this is the error I get: [PS] C:\Windows\system32>test-owaconnectivity -URL:https://servername/owa -MailboxCredential:(get-credential domain/username) WARNING: An unexpected error has occurred and a Watson dump is being generated: Can't connect to the mailbox of user because the ExchangePrincipal object contains outdated information. The mailbox may have been moved recently. Can't connect to the mailbox of user because the ExchangePrincipal object contains outdated information. The mailbox m ay have been moved recently. + CategoryInfo : NotSpecified: (:) [Test-OwaConnectivity], MailboxInfoStaleException + FullyQualifiedErrorId : Microsoft.Exchange.Data.Storage.MailboxInfoStaleException,Microsoft.Exchange.Monitoring. The mailbox I'm trying to access lives on the 2003 setup....

Run ExBPA against the entire org and scan all servers - are there any permission errors listed? what is the content of the Exchange2003URL? can you paste that here, and just change domain to be domain.com? Also what happens when you test the OWA 2003 web site 2003 box entering the URL to the browser(i.e. not doing the redirect) ?Cheers, Rhoderick

Hi Rhoderick - Thank you for your reply -- I appreciate it! To answer your questions: I ran the ExBPA as you suggested. Two permissions errors did show up -- one says 'Permissions inheritance block on Public Folder tree object' and the other (on the back-end virtual server where the 2003 mailboxes live!) says 'Permissions inheritance block on Exchange server object'. Could this be the root of my issue? The content of the Exchange2003URL is https://machinename.domain.com/exchange. OWA 2003 works perfectly from everywhere I try. -Craig

Hi Rhoderick - Thank you for your reply -- I appreciate it! To answer your questions: I ran the ExBPA as you suggested. Two permissions errors did show up -- one says 'Permissions inheritance block on Public Folder tree object' and the other (on the back-end virtual server where the 2003 mailboxes live!) says 'Permissions inheritance block on Exchange server object'. Could this be the root of my issue? The content of the Exchange2003URL is https://machinename.domain.com/exchange. OWA 2003 works perfectly from everywhere I try. -Craig

Hi Rhoderick - Thank you for your reply -- I appreciate it! To answer your questions: I ran the ExBPA as you suggested. Two permissions errors did show up -- one says 'Permissions inheritance block on Public Folder tree object' and the other (on the back-end virtual server where the 2003 mailboxes live!) says 'Permissions inheritance block on Exchange server object'. Could this be the root of my issue? The content of the Exchange2003URL is https://machinename.domain.com/exchange. OWA 2003 works perfectly from everywhere I try. -Craig

Hi Craig - yes that back end permission needs to be fixed. Can you get that resolved, and re-test?Cheers, Rhoderick NOTICE: My posts are provided AS IS without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose

Hi Craig - yes that back end permission needs to be fixed. Can you get that resolved, and re-test?Cheers, Rhoderick NOTICE: My posts are provided AS IS without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose

Hi Craig - yes that back end permission needs to be fixed. Can you get that resolved, and re-test?Cheers, Rhoderick NOTICE: My posts are provided AS IS without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose

Hi Rhoderick - Absolutely. Will resolve that first thing tomorrow AM and report back! THANK YOU! -Craig

Hi Rhoderick - Absolutely. Will resolve that first thing tomorrow AM and report back! THANK YOU! -Craig

Hi Rhoderick - Absolutely. Will resolve that first thing tomorrow AM and report back! THANK YOU! -Craig

Run ExBPA against the entire org and scan all servers - are there any permission errors listed? what is the content of the Exchange2003URL? can you paste that here, and just change domain to be domain.com? Also what happens when you test the OWA 2003 web site 2003 box entering the URL to the browser(i.e. not doing the redirect) ?Cheers, Rhoderick

Hi Rhoderick - Great news -- changing those security settings cased OWA redirect to begin to work! I had to use a different -Exchange2003URL value, but I'm good to go (with this aspect of our upgrade at least) now. THANK YOU! Your help is very much appreciated! -Craig

Good stuff - thanks for reporting back the status :) Cheers, Rhoderick NOTICE: My posts are provided AS IS without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose

Good stuff - thanks for reporting back the status :) Cheers, Rhoderick NOTICE: My posts are provided AS IS without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose

Good stuff - thanks for reporting back the status :) Cheers, Rhoderick NOTICE: My posts are provided AS IS without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose

Hi Rhoderick - Great news -- changing those security settings cased OWA redirect to begin to work! I had to use a different -Exchange2003URL value, but I'm good to go (with this aspect of our upgrade at least) now. THANK YOU! Your help is very much appreciated! -Craig