• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Problem - FBA for External and Internal OWA 2010 users

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2010] >> Outlook Web Access >> Problem - FBA for External and Internal OWA 2010 users Page: [1]
Login
Message << Older Topic   Newer Topic >>
Problem - FBA for External and Internal OWA 2010 users - 18.Oct.2012 12:09:48 PM   
tjcarst

 

Posts: 33
Joined: 28.Sep.2004
From: Lincoln, NE USA
Status: offline
http://www.msexchange.org/articles_tutorials/exchange-server-2010/management-administration/enabling-forms-based-authentication-external-internal-owa-2010-users-exchange-2010-published-using-forefront-tmg-2010-part1.html

2 all in one Exchange 2010 SP2 U4v2 boxes

Default web site bound to * all IPs
New web site bound to single new IP

I have followed your doc for configuring FBA for internal users, and basic for external users, publishing external using ISA 2006.

When I change FBA authentication on the owa and ecp IIS directories for either site, the same authentication settings get applied to both sites. I moved the owa and ecp directories on the new FBA site to the FBA app pool, but the same thing is happening. It seems that FBA must be the same on both IIS directories, either enabled or disabled. The Basic authentication setting does not seem to change on one site if I change it on the other.
Post #: 1
RE: Problem - FBA for External and Internal OWA 2010 users - 18.Oct.2012 2:05:30 PM   
tjcarst

 

Posts: 33
Joined: 28.Sep.2004
From: Lincoln, NE USA
Status: offline
Following the original document by Henrik, I did not see that you were supposed to copy the\owa and \ecp directories to another location and update the properties of the copied directories within IIS. Therefore, whenever I changed authentication properties of OWA or ECP in IIS, it was changing both because tge IIS web sites for both pointed to the same location.

http://johnyassa.wordpress.com/2012/06/07/publish-multiple-owa-ecp-virtual-directories-on-one-exchange-2010-cas-server/

I followed the above document, copying the \owa and \ecp directories elsewhere.

When following #6, I only changed the path to the \owa and \ecp directories.

I do notice that the authentication stays set correct in IIS, but not in EMC. I am not even able to see the properties of OWA or ECP. I end up having to do a winrm quickconfig.

I now get the FBA login page, but 2010 mailbox users get an error https://<serverip>/owa/auth.owa - 404 file not found. 2003 mailbox users get correctly redirected to the old owa server.

I have set the authentication to "Windows" in the web.config file in the new \owa and \ecp directories as instructed here (still get the FBA login as desired)
http://www.microsoft.com/technet/support/ee/transform.aspx?ProdName=Exchange&ProdVer=8.0&EvtID=29&EvtSrc=MSExchange+OWA&LCID=1033

I can login to the Basic auth site of the same server as a 2010 and 2003 mailbox user. It is just the new fba site that will not login a 2010 mailbox user, but does login a 2003 mailbox user.

< Message edited by tjcarst -- 18.Oct.2012 3:02:56 PM >

(in reply to tjcarst)
Post #: 2
RE: Problem - FBA for External and Internal OWA 2010 users - 19.Oct.2012 9:33:11 AM   
tjcarst

 

Posts: 33
Joined: 28.Sep.2004
From: Lincoln, NE USA
Status: offline
The authentication type keeps changing back to Basic + FBA in EMC, even with the different web site and different subdirectories.

(in reply to tjcarst)
Post #: 3
RE: Problem - FBA for External and Internal OWA 2010 users - 19.Oct.2012 12:58:26 PM   
tjcarst

 

Posts: 33
Joined: 28.Sep.2004
From: Lincoln, NE USA
Status: offline
I removed the OWA and ECP virtual directories and re-added them.

I then saw this error in the App Event Log:

quote:

There's an error in your configuration.

The authentication type specified in the D:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\owa\web.config file is incorrect. The correct authentication type is "Windows".


Looking at my Web.Config, it was set to Forms. This had to have been done by EMC or IIS when choosing Forms Authentication.


SO, now my default web sites are working and I am back to my original problem of provoding internal and external FBA.

If I get it working, I'll post back here.

(in reply to tjcarst)
Post #: 4
RE: Problem - FBA for External and Internal OWA 2010 users - 20.Dec.2012 3:23:10 AM   
jakesddfj

 

Posts: 4
Joined: 20.Dec.2012
Status: offline
changing back to Basic + FBA in EMC, even with the different web site and different subdirectories




-----------------------------------------
wow gold|diablo 3 gold

(in reply to tjcarst)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2010] >> Outlook Web Access >> Problem - FBA for External and Internal OWA 2010 users Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter