From: "Lee Derbyshire [MVP]" email a on
I don't think so, although you could ask the same question in an IIS group,
since that would be more of an IIS question. If you had Integrated on both,
it wouldn't be an issue, of course, but I'm pretty sure that the Basic Auth
spec (which isn't one of MS's own inventions) doesn't cover it. Come to
think of it, it would probably be regarded as a possible security
vulnerability.


"Nik" <test> wrote in message news:unQfumTwKHA.4552(a)TK2MSFTNGP04.phx.gbl...
> Ok, I configured the integrated authentication as mentioned and I don't
> have an issue when I go directly to the exchange2/exchange.
> However, can't I configure exchange2 to trust authentication request
> coming from exchange1
>
> "Lee Derbyshire [MVP]" <email a@t leederbyshire d.0.t c.0.m> wrote in
> message news:OGVFJNTwKHA.5936(a)TK2MSFTNGP04.phx.gbl...
>>
>> The problem is that it is behaving as expected, so there's nothing to
>> 'fix', as such. Your best bet is to move the mailboxes as quickly as
>> possible, so that they can go direct to the new server, and there is no
>> redirection. Another thing you could do is to use Integrated
>> Authentication on one or both of the servers, so that they either do not
>> need to log in at all, or just log in once (assuming that your OWA users
>> are already logged into the LAN). If you want to continue to use
>> Forms-Based Auth or Basic Auth on both servers, then your users will
>> always have to log in twice if they initially go to a server that does
>> not host their mailbox.
>>
>> I assume that you have no FE server? If you are talking about a new BE
>> server here, then they should not be having to login twice.
>>
>>
>> "Nik" <test> wrote in message
>> news:%23Gl4$FTwKHA.3952(a)TK2MSFTNGP06.phx.gbl...
>>> Ok. I can understand that so what are your suggestions for resolving it?
>>>
>>> "Lee Derbyshire [MVP]" <email a@t leederbyshire d.0.t c.0.m> wrote in
>>> message news:OXMgLuSwKHA.3896(a)TK2MSFTNGP02.phx.gbl...
>>>> "Nik" <test> wrote in message
>>>> news:%23k1iQeSwKHA.3408(a)TK2MSFTNGP06.phx.gbl...
>>>>> Hi Guys,
>>>>> I'm moving mailboxes from one server to another. All servers are in
>>>>> the same administrative group. However, when my users login to OWA
>>>>> they are then asked to re-authenticate against the server they have
>>>>> been moved to. Any ideas on how to resolve this.
>>>>> both servers are Windows 2003EESp2/Exchange2003sp2
>>>>
>>>> As far as your browser is concerned, it is dealing with two different
>>>> web sites (because the server names are different), so it will not even
>>>> attempt to use the credentials supplied to the first server when it is
>>>> directed to the second.
>>>>
>>>> Lee.
>>>>
>>>> --
>>>> ______________________________________
>>>>
>>>> Outlook Web Access For PDA , OWA For WAP
>>>> www.leederbyshire.com
>>>> lee a.t leederbyshire d.o.t c.o.m
>>>> ______________________________________
>>>>
>>
>>


From: Nik on
Ok! Since you mentioned the security issue. I also had spoken with my
Security Admin and he suggests its no big issues if they have to login twice
for now. So I'm moving ahead with my mailbox moves.
Thanks for all the help

"Lee Derbyshire [MVP]" <email a@t leederbyshire d.0.t c.0.m> wrote in
message news:eWiLjDVwKHA.3896(a)TK2MSFTNGP02.phx.gbl...
> I don't think so, although you could ask the same question in an IIS
> group, since that would be more of an IIS question. If you had Integrated
> on both, it wouldn't be an issue, of course, but I'm pretty sure that the
> Basic Auth spec (which isn't one of MS's own inventions) doesn't cover it.
> Come to think of it, it would probably be regarded as a possible security
> vulnerability.
>
>
> "Nik" <test> wrote in message
> news:unQfumTwKHA.4552(a)TK2MSFTNGP04.phx.gbl...
>> Ok, I configured the integrated authentication as mentioned and I don't
>> have an issue when I go directly to the exchange2/exchange.
>> However, can't I configure exchange2 to trust authentication request
>> coming from exchange1
>>
>> "Lee Derbyshire [MVP]" <email a@t leederbyshire d.0.t c.0.m> wrote in
>> message news:OGVFJNTwKHA.5936(a)TK2MSFTNGP04.phx.gbl...
>>>
>>> The problem is that it is behaving as expected, so there's nothing to
>>> 'fix', as such. Your best bet is to move the mailboxes as quickly as
>>> possible, so that they can go direct to the new server, and there is no
>>> redirection. Another thing you could do is to use Integrated
>>> Authentication on one or both of the servers, so that they either do not
>>> need to log in at all, or just log in once (assuming that your OWA users
>>> are already logged into the LAN). If you want to continue to use
>>> Forms-Based Auth or Basic Auth on both servers, then your users will
>>> always have to log in twice if they initially go to a server that does
>>> not host their mailbox.
>>>
>>> I assume that you have no FE server? If you are talking about a new BE
>>> server here, then they should not be having to login twice.
>>>
>>>
>>> "Nik" <test> wrote in message
>>> news:%23Gl4$FTwKHA.3952(a)TK2MSFTNGP06.phx.gbl...
>>>> Ok. I can understand that so what are your suggestions for resolving
>>>> it?
>>>>
>>>> "Lee Derbyshire [MVP]" <email a@t leederbyshire d.0.t c.0.m> wrote in
>>>> message news:OXMgLuSwKHA.3896(a)TK2MSFTNGP02.phx.gbl...
>>>>> "Nik" <test> wrote in message
>>>>> news:%23k1iQeSwKHA.3408(a)TK2MSFTNGP06.phx.gbl...
>>>>>> Hi Guys,
>>>>>> I'm moving mailboxes from one server to another. All servers are in
>>>>>> the same administrative group. However, when my users login to OWA
>>>>>> they are then asked to re-authenticate against the server they have
>>>>>> been moved to. Any ideas on how to resolve this.
>>>>>> both servers are Windows 2003EESp2/Exchange2003sp2
>>>>>
>>>>> As far as your browser is concerned, it is dealing with two different
>>>>> web sites (because the server names are different), so it will not
>>>>> even attempt to use the credentials supplied to the first server when
>>>>> it is directed to the second.
>>>>>
>>>>> Lee.
>>>>>
>>>>> --
>>>>> ______________________________________
>>>>>
>>>>> Outlook Web Access For PDA , OWA For WAP
>>>>> www.leederbyshire.com
>>>>> lee a.t leederbyshire d.o.t c.o.m
>>>>> ______________________________________
>>>>>
>>>
>>>
>
>