OWA authentication

[jimorus]

Exchange 5.5 on Win2k sp3 with IIS4 on the exchange server.
OWA authentication takes place normally with no problems 99% of the time. Every now and then the users will get to the OWA login and insert their username. They get to the two line login page and after they enter username and password and hit OK or enter the authentication does not happen. They sit at a blank screen and must finally shut down IE to get it to move

I have looked in the log files and find that no attempts at login have failed for the given user at the given time or a half an hour on either side of the time they give me.

A few hours later, they will get in without incident.

Needless to say it is upper management wih the problem.

It is quite sporadic and happens with access from the internet as well as from the WAN.

 

[compgirlfhredi]

By default, Outlook Web Access (OWA) forces an incoming client to log on to the site. In most cases, the IIS computer is configured to use Basic authentication with SSL. Because OWA forces the client to log on and the server requires Basic authentication, a dialog box appears to the client to enter his or her credentials when they attempt to access OWA from the Logon.asp page (

http://servername/exchange/logon.asp).

In instances where a site is required to present authentication at the root of the site (for example,

http://servername),

and then go to the Exchange directory after authentication, it may be necessary to avoid the force of authentication that OWA initiates. In these situations, when the user tries to log on to the page (Logon.asp), they are presented with another dialog box to gain authentication to the OWA mailbox even though they have already provided them previously.
To work around this, you need to modify the following section of code, which is located in Logonfrm.asp:
'=======================
' MainLogon
' Authenticates, and logs on user
'
'=======================
Sub MainLogon

On Error Goto 0

urlIsNewWindow = Request.QueryString("isnewwindow&quot
CheckSession

' Logoff if already logged on
ClearSession
SetSessionStuff

bstrMailbox = Request.QueryString("mailbox&quot
<BR/>

If Session(CURRENT_MAILBOX) <> bstrMailbox Then
Session(CURRENT_MAILBOX) = bstrMailbox
Response.Buffer = TRUE
Response.Status = (&quot;401 Unauthorized&quot
Response.end
End If



The section of this code that must be modified is the following &quot;If...then&quot; statement:

If Session(CURRENT_MAILBOX) <> bstrMailbox Then
Session(CURRENT_MAILBOX) = bstrMailbox
Response.Buffer = TRUE
'Response.Status = (&quot;401 Unauthorized&quot
'Response.end
End If

Both the 'Response.Status = (&quot;401 Unauthorized&quot' and Response.end statements need to be remarked (') out. The &quot;401 Unauthorized&quot; error message that is being set is sent back to the client the first time regardless of whether the client has already logged on successfully to the Web site. This is the statement that actually forces the second authentication prompt. The last statement (Response.end) stops any further code execution from occurring.

The OWA code will still properly assign the variables that are needed to bring up the appropriate mailbox without another authentication dialog box.


Right now, you occupy a point where three lines reach across the expanse of time and space and intersect only there, and that you and only you possess.