none
403 - Forbidden: Access is denied

    Question

  • Dear valuable users

     

    We are in the process of testing HNLB FOR CAS AND HUB.

    when we try to access owa through HNLB it is gets the following error

    403 - Forbidden: Access is denied

    You do not have permission to view this directory or page using the credentials that you su

    But through WNLB everything  wokking as normal

    any help or hint greatly apprecited




     

     

     


    Ashraf
    Saturday, September 17, 2011 2:14 PM

Answers

All replies

  • Hi Ashraf,

    Can you inform the below things

    1. are you getting this error, when entering the URL https://mail.companyname.com/owa ? are you trying the URL from External domain?

    2. This error, its appearing after the credentials in OWA login page?

    3. your HNLB will have a common IP address, is that NAT to Public IP, which will resolve mail.company.com name to HNLB

    Access Denied, it will be only because of in proper credential. Make sure, you are check owa for a user having valid mailbox and you are entering proper credential to access OWA.

    Thank you

    Sunday, September 18, 2011 4:19 AM
  •  

    Hi Rajkumar

    1.yes we are getting this error  when we try to access https://mail.company.com/owa

    2.Firstly it gets this error I mean before the login

    3.HNLB have common IP address and this error getting when we try to access from our Internal network. From outside we did not checked

    But for using same  HNLB Outlook is working

     

     

     


    Ashraf
    Sunday, September 18, 2011 5:20 AM
  • Hi Ashraf,

    I am suspecting it is caused by virtual directory related issue, see http://support.microsoft.com/kb/943891 (I assume there is no firewall exist when you receive this error).

    To troubleshoot this error, please launch IE in each CAS server and try to access https://localhost/owa.

    Besides, verify the /owa settings on each CAS server based on the article: http://blogs.technet.com/b/exchange/archive/2010/09/23/3411146.aspx.

    Hope it is useful. Let me know if you have any further question.


    Fiona
    Monday, September 19, 2011 7:11 AM
  • any update?
    Fiona
    Tuesday, September 20, 2011 7:30 AM
  •  

    Still we are working on it.

    When we uncheck the ssl settings in IIS of CAS1 .It is working throgh HNLB and no error.

    But CAS2 and CAS3 with SSL also working

    So now we confused where we need look the problem

     


    Ashraf
    Tuesday, September 20, 2011 8:03 AM
  • Hi Ashraf,

    SSL is recommended to enabled on /OWA virtual directory. I'd suggest you verify the IIS log in server CAS1 to see the detaile error code, for example, 403.7 - Client certificate required.

    Besides, check the root web site to see if there is redirect configuration, or incorrect IP binding.

     


    Fiona
    Wednesday, September 21, 2011 2:54 AM
  • Any update?
    Fiona
    Thursday, September 22, 2011 8:33 AM
  •  

    I did not find any erros in IIS server

    is it in Event viewer right?


    Ashraf
    Thursday, September 22, 2011 11:42 AM
  • No the IIS log under the webroot folder on the system drive.

    What i find funny is that it works on HTTP but not on HTTPS. Check the bindings on your default web site.

    Thursday, September 22, 2011 12:02 PM