Must use domain\username in co-existance with exchange in Exchange 2007 server
I am currently working on Exchange 2007. I am running into a same problem with users that are trying to access OWA using the
https://mycompany.com/exchange virtual directory. I have setup Basic auth on all my virtual directories and set them with correct domain. When a 2003 mailbox user authenticates they are presented
with their 2003 OWA mailbox without any problems. If a 2007 mailbox user accesses
https://mycompany.coml/exchange and use only their user name "john" they are prompted with "The user name or password that you entered is not valid. Try entering it again.". If
I use "mycompany\john" they are proxied to the /OWA virtual directory correctly and are presented with their OWA 2007 Mailbox as they should be. This is going to be a huge headache if I cannot have my users access the same URL. Here are my environment
details.
O/S - Windows 2008 Enterprise edition SP2
MS Exchange 2007 SP3 (CAS and Mailbox roles are installed on different machine)
IIS-7
Could you please share with me how you have resolved this problem? Dilip Kumar Gupta, . http://diliptechnotes.blogspot.com/ http://dilipinexchange.blogspot.com/
February 9th, 2011 7:37am
Hello,
Have you checked in EMC, Server Configuration, Client Access, select a server, right click owa (Default Web Site), properties, tab authentication? Here u can set if domain name needs to be entered when logging in to OWA.
Regards,
Jelle
Free Windows Admin Tool Kit Click here and download it now
February 9th, 2011 7:51am
Hi Jelle,
I am using Basic authentication for logging-in '/owa' and '/exchange' virtual directories. Please let me know what are the necessary changes for achieving this (mentioned in my previous post).
Dilip Kumar Gupta, . http://diliptechnotes.blogspot.com/ http://dilipinexchange.blogspot.com/
February 10th, 2011 1:18am
On the tab I described choose forms authentication and highlight User name only.
In our mixed 2003 / 2010 environment users don't need to enter their domain when authenticating to OWA.
If you want to make it even simpler, choose standard auth / Integrated Windows auth. In that way users don't need to login at all if their current Windows session (the one where they press CTRL + ALT + DEL when powering on their machie) is ok. OWA will take
that session to authenticate to you're Exchange servers.
PS for forum moderators, would be handy if these forums gave me the option to add screenshots)
Free Windows Admin Tool Kit Click here and download it now
February 10th, 2011 4:41am
Well, I have some restriction since we are giving solution to our customer and he wants solution from us for same configurations.
Exchange server version: 2007 sp3
Authentication type: BASIC (required)
IIS server: IIS7
Please suggest me about this.
Dilip Kumar Gupta, . http://diliptechnotes.blogspot.com/ http://dilipinexchange.blogspot.com/
February 10th, 2011 7:43am
Have you even opened the tab I suggested ?
Free Windows Admin Tool Kit Click here and download it now
February 10th, 2011 9:49am
Hi dilipinmicrosoft,
Do you change the configuration on the CAS Server, by default Logon Format is set to
domain/username?
If have not changed that, you can change the configuration(on the CAS Server) by this way:
Exchange Management Console->Sever Configuration->Client Access->Select owa (Default Web Site)->Select Authentication->Under Use forms-based authentication: select User name only->Click
Browse and select the domain name->OK.
Note: After you change the configuration on the CAS server, please restart the IIS to make these changes effective.
Thanks,
Evan
Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
February 13th, 2011 11:37pm
Hi Evan,
Yes, this changes are available in Exchange 2007's Form Based authentication and not included in
Basic authentication which is required in my project.
Also, I would like to share again that all roles of Exchange servers installed on a single machine. Even active directory and mailbox server are in same domain and in a single machine... Here I would like to ask? Is there any possibility where all exchange
users belong to single machine and BASIC authentication works similar in both cases (with domain and without domain as a prefix). Should I try to configure Exchange users with different domain (parent and child domain).Dilip Kumar Gupta, . http://diliptechnotes.blogspot.com/ http://dilipinexchange.blogspot.com/
Free Windows Admin Tool Kit Click here and download it now
February 15th, 2011 2:35am
Hi dilipinmicrosoft,
In your first post you said “MS Exchange 2007 SP3 (CAS and Mailbox roles are installed on different machine)”, but then you mentioned that
“I would like to share again that all roles of Exchange servers installed on a single machine. Even active directory and mailbox server are in same domain and in a single machine...”. so I want to clarify the environment for you Exchange Server,
please let me know your exchange topology in detail, it is important to this issue.
Here is a document about Outlook Web Access and Exchange 2007, 2003 coexistence, hope it can give you some help:
Outlook Web Access and Exchange 2007, 2003 and 2000 coexistence
http://msexchangeteam.com/archive/2007/02/07/434523.aspx
Thanks,
EvanPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
February 15th, 2011 10:18am
Hi Evan,
Sorry for misunderstanding.
Basically, I have 2 environments. One which is having different machines and the second which is on single machine.
And we need to solve my issue for different machines (customer environment).
First environment takes "domain\username" while authenticating to 'exchange' virtual directory ('owa' virtual directory takes username only) and second environment takes only username (for 'owa' and 'exchange' virtual directories). I need to use
only username for BASIC authentication.
Environment details for different machines are,
Exchange 2007 SP3 on IIS7 server. All different roles of Exchange server belong to different machine on
child domain .
Please suggest me on this issue.
Dilip Kumar Gupta, . http://diliptechnotes.blogspot.com/ http://dilipinexchange.blogspot.com/
Free Windows Admin Tool Kit Click here and download it now
February 16th, 2011 1:19am
Hi All,
Still, I am looking for solution of this issue.... Please let me know if you can provide any help regarding this.Dilip Kumar Gupta, . http://diliptechnotes.blogspot.com/ http://dilipinexchange.blogspot.com/
February 18th, 2011 1:12am
Hi,
How about working your way with setting the REALM & DOMAIN settings on the IIS 7 Vdirs ? because you are using basic auth, i guess the IIS needs to "understand" that..
http://technet.microsoft.com/en-us/library/cc772009%28WS.10%29.aspx
Hope this helps,
Ilantz
Free Windows Admin Tool Kit Click here and download it now
February 22nd, 2011 3:00pm