OWA asks users to log in twice

Mark Rae · Joined: 05 Aug 2007 Posts: 2

Hi,

Last year I received some excellent advice from Lee Derbyshire about how to
log directly into an Exchange 5.5 mailbox using the following syntax:

http://%2F:@/Exchange

I also cribbed from Lee's site how to modify LOGON.asp to remove all the
graphics etc.

This worked perfectly.

However, last week we had a severe issue with the OWA server to the extent
where we had to rebuild it from scratch. In fact, we replaced it with a
completely new machine. As far as I can tell, it is identical to the
previous OWA server in every way: Windows 2K Server + SP4 & Exchange 5.5 OWA
+ SP4.

We are now experiencing a strange phenomenon whereby the above URL does not
log into the mailbox directly. Instead, it pops the logon dialog, which it
has populated the UserID field with the %2F details from
the URL. However, if the users cancel this box and then click the URL a
second time, they get straight in!

Is this a known issue? Is there anything we should check e.g. the
Authentication mode on the Exchange virtual directory and/or the default web
site? The fact that the users are able to get into their mailbox at the
second attempt leads me to believe that there almost certainly isn't a
permissions problem involved.

Any assistance gratefully received.

Best regards,

Mark Rae

Archived from group: microsoft>public>exchange>applications

Lee Derbyshire · Joined: 05 Aug 2007 Posts: 10

"Mark Rae" wrote in message@TK2MSFTNGP12.phx.gbl...
> Hi,
>
> Last year I received some excellent advice from Lee Derbyshire about how
to
> log directly into an Exchange 5.5 mailbox using the following syntax:
>
> http://%2F:@/Exchange
>
> I also cribbed from Lee's site how to modify LOGON.asp to remove all the
> graphics etc.
>
> This worked perfectly.
>
> However, last week we had a severe issue with the OWA server to the extent
> where we had to rebuild it from scratch. In fact, we replaced it with a
> completely new machine. As far as I can tell, it is identical to the
> previous OWA server in every way: Windows 2K Server + SP4 & Exchange 5.5
OWA
> + SP4.
>
> We are now experiencing a strange phenomenon whereby the above URL does
not
> log into the mailbox directly. Instead, it pops the logon dialog, which it
> has populated the UserID field with the %2F details from
> the URL. However, if the users cancel this box and then click the URL a
> second time, they get straight in!
>
> Is this a known issue? Is there anything we should check e.g. the
> Authentication mode on the Exchange virtual directory and/or the default
web
> site? The fact that the users are able to get into their mailbox at the
> second attempt leads me to believe that there almost certainly isn't a
> permissions problem involved.
>
> Any assistance gratefully received.
>
> Best regards,
>
> Mark Rae

Hi Mark,

Do you know I sent you an email about this last week? But I got am immediate
reply from your server saying it was deleted without being read. Sounds like
you have an overactive spam filter running somewhere.

Anyway... Does it ask you to log in /before/ you type in the mailbox name
into logon.asp as well as after? If so, then it sounds like you don't have
anonymous access enabled on your /Exchange virtual directory. If you were
hoping to disable anonymous access, then it will always ask you to log in
twice, because the second login box is hard-coded into the scripts.

Lee.

--
_______________________________________

Outlook Web Access For PDA , OWA For WAP:
www.leederbyshire.com
email a@t leederbyshire d.0.t c.0.m
_______________________________________

Lee Derbyshire · Joined: 05 Aug 2007 Posts: 10

BTW. It's a /really/ bad idea to use a real email address in NGs right now,
as you may have discovered.

Lee.

--
_______________________________________

Outlook Web Access For PDA , OWA For WAP:
www.leederbyshire.com
email a@t leederbyshire d.0.t c.0.m
_______________________________________

Mark Rae · Joined: 05 Aug 2007 Posts: 2

"Lee Derbyshire" wrote in message$ove7a$1@ID-163854.news.uni-berlin.de...

Lee,

Thanks very much for your response.

> Do you know I sent you an email about this last week? But I got am
immediate
> reply from your server saying it was deleted without being read. Sounds
like
> you have an overactive spam filter running somewhere.

Sorry about that - I'll check it out.

> Anyway... Does it ask you to log in /before/ you type in the mailbox name
> into logon.asp as well as after? If so, then it sounds like you don't have
> anonymous access enabled on your /Exchange virtual directory. If you were
> hoping to disable anonymous access, then it will always ask you to log in
> twice, because the second login box is hard-coded into the scripts.

So is anonymous access the only authentication mode which should be enabled
on the Exchange virtual directory? And does the authentication mode on the
default web site matter?

Mark

Lee Derbyshire · Joined: 05 Aug 2007 Posts: 10

"Mark Rae" wrote in message
news:%23rnZF91lDHA.2416@TK2MSFTNGP10.phx.gbl...
> "Lee Derbyshire" wrote in message
> $ove7a$1@ID-163854.news.uni-berlin.de...
>
> Lee,
>
> Thanks very much for your response.
>
> > Do you know I sent you an email about this last week? But I got am
> immediate
> > reply from your server saying it was deleted without being read. Sounds
> like
> > you have an overactive spam filter running somewhere.
>
> Sorry about that - I'll check it out.
>
> > Anyway... Does it ask you to log in /before/ you type in the mailbox
name
> > into logon.asp as well as after? If so, then it sounds like you don't
have
> > anonymous access enabled on your /Exchange virtual directory. If you
were
> > hoping to disable anonymous access, then it will always ask you to log
in
> > twice, because the second login box is hard-coded into the scripts.
>
> So is anonymous access the only authentication mode which should be
enabled
> on the Exchange virtual directory? And does the authentication mode on the
> default web site matter?
>
> Mark
>

The default is to have Anon and Basic both selected. Anonymous is enabled so
that you can get to the first logon page without logging in, and Basic
because CDO won't be able to open your mailbox without it.

Some people just have Basic, and remove Anonymous, but then you have to edit
logon.asp (or is it logonfrm.asp) to remove all the bits that say

response.status = "401 - Unauthorized"
response.flush

because those are the lines that force the second logon, even if you already
logged on once.

Lee.

--
_______________________________________

Outlook Web Access For PDA , OWA For WAP:
www.leederbyshire.com
email a@t leederbyshire d.0.t c.0.m
_______________________________________

Allow Singel Users To View 5 Users Folders! Hi Guys i Have Exchnage 2003 and i would like that one Singel Users can View 5 others users Folders in the network , Full Access. What Should I Do ? Thanks For help :) David

Users can't change passwords. Hi, I'm trying to make users to change their own password, but when I enable this option in Active Directory, they can't do the change, an error messege prompt. How can I do this? Thanks in advance. Daniel

Change users password Hi, the problem is the following... We've got an Exchange server and we want to permit the user to change theis own password. The structure we have is the next: W2k server with actyve directory and exchange server, we've got a domain but the stations aren

Can't reply to or foward messages in OWA for some users We have an issue with Outlook Web Access for Exchange 5.5. Certain users aren't able to reply to or foward messages; they can view them without a problem. My account (in the group) doesn't have the problem. I have been able to reproduce

transfering users i have windows 2000 server with exchange 2000, whats the best methode for i can take all the mailbox offline to another domain in another forest, and if its with with exmarge how to take users with the mailbox too ?