none
OWA Logon accepts forward slash? (DOMAIN/username)

    Question

  • Somewhat of an oddball question...

    Recently I discovered that logging onto OWA using a forward slash (/) for the domain separator instead of a back slash (\) is authenticated by my 2010 OWA installation. \

    DOMAIN\username works (normal format)

    DOMAIN/username works (oddball format)

    I discovered this while looking for a specific user sign on entry in the IIS logs.  I tested the behavior on my own account and it seems to work.  (We have the requirement to use domain names for logons since we have multiple domains)

    Has anyone else noticed this, or could this be an issue with my OWA installation? (SP2 RU8)

    Thanks!

    Tuesday, January 07, 2014 3:58 PM

Answers

  • I Was unable to find any specifics but I am leaning towards the fact that IIS authentication can accept either "/" or "\" and that is the reason why Exchange can accept both as well.

    Jason Apt, Microsoft Certified Master | Exchange 2010 My Blog

    • Marked as answer by Ravenmike Tuesday, January 07, 2014 8:57 PM
    Tuesday, January 07, 2014 8:13 PM

All replies

  • Is this a straight connection to OWA or is TMG or another proxy in place?

    Jason Apt, Microsoft Certified Master | Exchange 2010 My Blog

    Tuesday, January 07, 2014 5:47 PM
  • Straight connection.  

    While we do have a reverse proxy for external connections, this was tested internally using the internal URL, bypassing the proxy.

    Tuesday, January 07, 2014 6:21 PM
  • I have 2010 SP2 and can use either format to connect.

    HossFly, Exchange Administrator

    Tuesday, January 07, 2014 8:06 PM
  • I Was unable to find any specifics but I am leaning towards the fact that IIS authentication can accept either "/" or "\" and that is the reason why Exchange can accept both as well.

    Jason Apt, Microsoft Certified Master | Exchange 2010 My Blog

    • Marked as answer by Ravenmike Tuesday, January 07, 2014 8:57 PM
    Tuesday, January 07, 2014 8:13 PM
  • Very interesting.  

    The main reason this came up was with our reporting tool.  It would parse the IIS logs, but not recognize a logon attempt from a forward slash username.  It would drop the information from the report...which proved problematic when looking for a specific logon attempt.  

    Thanks for the insight.  You learn something new every day :)

    MT

    Tuesday, January 07, 2014 8:57 PM