OWA won't allow logon, simply refreshes the logon screen
|
From: Chris Palmer on 14 May 2010 03:11 We are using SBS 2003 and OWA. It has worked in the past but after PCI complaince we don't seem to be able to logon any longer. We can still see the interface via the web and we are still presented with a logon page: Domain\username and also password entry. I have tried every conceivable variation for more than one user but the screen meerly refreshes and asks for us to logon once more. Of course the simple answer is to undo the compliance but that has other issues which are far more risky. I am all service packed up and have ran the remote wizard on the server, it makes no difference. One of the changes the compliance forced was changing the registry to only allow certain levels of SSL.
From: Cliff Galiher - MVP on 14 May 2010 03:29 SBS 2003 *is not* PCI-DSS compliant. You have a choice to make... -Cliff "Chris Palmer" <ChrisPalmer(a)discussions.microsoft.com> wrote in message news:4D72C460-6E90-4BB9-8E53-4E2CA4671D2A(a)microsoft.com... > We are using SBS 2003 and OWA. It has worked in the past but after PCI > complaince we don't seem to be able to logon any longer. We can still see > the > interface via the web and we are still presented with a logon page: > Domain\username and also password entry. I have tried every conceivable > variation for more than one user but the screen meerly refreshes and asks > for > us to logon once more. Of course the simple answer is to undo the > compliance > but that has other issues which are far more risky. I am all service > packed > up and have ran the remote wizard on the server, it makes no difference. > One > of the changes the compliance forced was changing the registry to only > allow > certain levels of SSL.
From: Ace Fekay [MVP - Directory Services, MCT] on 17 May 2010 01:07 On Fri, 14 May 2010 00:11:01 -0700, Chris Palmer <ChrisPalmer(a)discussions.microsoft.com> wrote: >We are using SBS 2003 and OWA. It has worked in the past but after PCI >complaince we don't seem to be able to logon any longer. We can still see the >interface via the web and we are still presented with a logon page: >Domain\username and also password entry. I have tried every conceivable >variation for more than one user but the screen meerly refreshes and asks for >us to logon once more. Of course the simple answer is to undo the compliance >but that has other issues which are far more risky. I am all service packed >up and have ran the remote wizard on the server, it makes no difference. One >of the changes the compliance forced was changing the registry to only allow >certain levels of SSL. It sounds like you removed Anonymous on the default website? IIRC, it needs that for the initial connection. If not, what were the IIS changes done to make it compliant? And as Cliff mentioned, I really didn't think SBS was complicantable (is that a word?), so it really depends on what was changed. Maybe you can back that portion out, otherwise, you need to remove everything that was altered to IIS or to Exchange, for that matter. Ace This posting is provided "AS-IS" with no warranties or guarantees and confers no rights. Please reply back to the newsgroup or forum for collaboration benefit among responding engineers, and to help others benefit from your resolution. Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services If you feel this is an urgent issue and require immediate assistance, please contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.
From: "Robbin Meng [MSFT]" on 17 May 2010 03:25 Hi Chris, Thanks for your post and Cliff and Ace's suggestions. In addition, in case you have not tried, please just rerun the CEICW wizard on the SBS server and see if it changes. Also, I would like to suggest you double check and reset the Exchange OWA virtual directories settings via IIS console and then test OWA again: Note: if you had already perform the steps in this KB, please confirm again. Virtual Internet Information Services (IIS) Directories That Are Used by Outlook Web Access in Exchange Server 2003 http://support.microsoft.com/kb/821898/en-us Default settings of 'Default Website', Virtual Directories under Default Website and Companyweb on a SBS 2003 Server http://blogs.technet.com/asksbs/archive/2008/08/12/default-settings-of-default-website-virtual-directories-under-default-website-and-companyweb-on-a-sbs-2003-server.aspx More information: How to reset the default virtual directories that are required to provide Outlook Web Access, Exchange ActiveSync, and Outlook Mobile Access services in Exchange Server 2003 http://support.microsoft.com/kb/883380/en-us Please have a try. Hope this helps. Best regards, Robbin Meng(MSFT) Microsoft Online Newsgroup Support ================================================================== Please post your SBS 2008 related questions to the SBS newsgroup on Connect website: https://connect.microsoft.com/sbs08/community/discussion/richui/default.aspx Please post your EBS related questions to the EBS newsgroup on Connect website: https://connect.microsoft.com/ebs08/community/discussion/richui/default.aspx If you want to use a newsreader other than a web forum to access these newsgroups, please refer to the following blog to apply NNTP password and configure a newsreader: http://msmvps.com/blogs/bradley/archive/2008/11/02/signing-up-for-the-sbs-2008-newsgroups.aspx ================================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ================================================================== This posting is provided "AS IS" with no warranties, and confers no rights. ==================================================================
|
Pages: 1 Prev: Extend C drive to get more space Next: sbs 2008 premium to sbsb 2008 essential premium |