OWA login - Get Windows dialog box instead of standard OWA login screen (Full Version)

All Forums >> [Microsoft Exchange 2003] >> Outlook Web Access



Message


srace -> OWA login - Get Windows dialog box instead of standard OWA login screen (7.Jun.2007 12:38:28 AM)

This is an SBS 2003 server, SP1.  Not sure what settings have been changed, but the users cannot use "outlook over http"....it appears to be because when you load the webmail, a pop-up box comes up asking for the domain username and password...the title is "Connecting to owa.mydomain.com" and it asks for username/password.  If you enter username and password into that popup, your Inbox comes up and all looks good.

I'm trying to figure out how to return this config to the standard login screen and not get the pop-up login screen.  I've compared settings and permissions to a standard 2003 SBS install, and I haven't found any inconsistenties.  Any idea what I might check?  Thanks!!




sergebsn -> RE: OWA login - Get Windows dialog box instead of standard OWA login screen (7.Jun.2007 3:04:25 AM)

What's about - ESM-Protocols-HTTP-Virtual Server

The 'Settings' - what do you have?




leederbyshire -> RE: OWA login - Get Windows dialog box instead of standard OWA login screen (7.Jun.2007 8:18:24 AM)

It sounds like either:
1.Forms-based Authentication is turned off on your Exchange Virtual Server.
2.You removed the requirement for SSL on your Exchange VDir in IIS Manager.  If you don't use SSL, then the FBA screen will not appear.




jdascott -> RE: OWA login - Get Windows dialog box instead of standard OWA login screen (8.Jun.2007 3:03:34 PM)

You both are correct, thank you for tips. Yes, the checkbox to "Use forms based authentication" is unchecked, and if I check it, it says that SSL needs to be enabled, which isn't yet (which is another problem).  So...I'm thinking I can get an SSL certificate installed, check the box to require SSL in the properties of the ExchWeb folder in IIS, then enable the forms based authentication?  Thanks for the help!!




leederbyshire -> RE: OWA login - Get Windows dialog box instead of standard OWA login screen (8.Jun.2007 8:13:41 PM)

Yes.  If you check the checkbox now, then FBA will not appear until you use SSL.  You don't have to actually /require/ SSL, it's just that your users will only see the FBA login page if they use https:// URLs.  I only mention that because some people like to force SSL for external use by only passing port 443 at the firewall.  External users will the see the FBA screen. They then allow internal users to use plain old http, but they would not then see the FBA screen.  This is the difference between requiring and not requiring SSL.  Just because it's not required doesn't mean it can't be used.




jdascott -> RE: OWA login - Get Windows dialog box instead of standard OWA login screen (11.Jun.2007 7:00:09 PM)

So, I am understanding it correctly that the using of HTTP or HTTPS will determine how the login data is sent to the server?  So, outside the firewall, if someone connects to http://owa.mysite.com and gets the pop-up, data there is still sent plain-text, while if the FBA was up and they used the http://owa.mysite.com link to access it, they'd still pass it in plain text?

Thanks for all the answers, this has been very helpful!




leederbyshire -> RE: OWA login - Get Windows dialog box instead of standard OWA login screen (11.Jun.2007 10:10:04 PM)

The server reacts differently if https is used.  If https is not used, then it will not use the FBA login page at all, but will send a normal login challenge.  Without https, if Integrated Auth is enabled, and IE is used as the client, then the credentials are encrypted, but the actual email pages are not.  If only Basic Auth is used, or a non-MS browser is used (only IE 'understands' Integrated Auth), then then credentials are sent Base64 encoded (which is not an encryption method), and again the email pages are in plain HTMl source.  If you use https (ssl) then the FBA login page will appear, and the entire session (credentials, pages, everything) is encrypted.




ceisi -> RE: OWA login - Get Windows dialog box instead of standard OWA login screen (15.Nov.2007 8:00:35 AM)

i have nearly the same issue.
can you exactly tell me, where i can find this options?




Page: [1]