none
OWA and OWA Lite

    Question

  • I have OWA setup for integrated Windows authentication for Exchange 2010 RC.  It is working fine, but I believe I am only getting OWA Lite as there isn't a place to do any message tracking or distribution list managment, etc.  I have 3 different clients and they all get the same thing.  I don't see a setting under the OWA (default site) in the EMC that would set this for all users.  I also found a post about this and relating to the disability impaired screens, but I don't have the option to change that and did not initially check that option.  So I'm not sure why I am not seeing the full OWA or the addtional ECP type options.  Any help would be greatly appreciated.  Thanks.

    Sandy

    Thursday, September 10, 2009 2:32 PM

Answers

  • Hi Sandy.

    I believe your issue is caused by using IIS admin tools to administer the ECP virtual directory instead of Exchange Management Console.  The auth settings for NTLM should look like this:

    InternalAuthenticationMethods : {Ntlm, WindowsIntegrated}
    BasicAuthentication           : False
    WindowsAuthentication         : True
    DigestAuthentication          : False
    FormsAuthentication           : False
    LiveIdAuthentication          : False

    Yours look like this:

    InternalAuthenticationMethods : {Basic, Fba}
    BasicAuthentication           : False
    WindowsAuthentication         : True
    DigestAuthentication          : False
    FormsAuthentication           : False
    LiveIdAuthentication          : False

    While the flag for WindowsAuthentication says $true, the InternalAuthenticationMethods property directs IIS to apply FBA.  The fix would be to go into Exchange Management Console and set Windows Auth setting there.  If it's already set, change it to FBA first, apply, then back to Windows and apply again.  When you run Get-ECPVirtualDirectory | fl *Authentication*  on cmdline you should get settings similar to my first example.

    Hope this helps.
    Max Vaysburd | Exchange - ECP dev lead
    • Marked as answer by Sandy Harvey Monday, September 21, 2009 3:37 PM
    Thursday, September 17, 2009 1:56 PM

All replies

  • Did you try by changing Authentication settings to Windows Auth. in EMC -> Server Configuration -> Client Access -> properties of OWA & ECP virtual directory?

    Amit Tank | MVP – Exchange Server | MCITP: EMA | MCSA: M | http://ExchangeShare.WordPress.com

    Thursday, September 10, 2009 4:36 PM
  • It is currently setup as Windows Auth. in EMC for the client properties of both OWA and ECP.  And it works for OWA, but I don't see any of the other options like message tracking or distribution lists, etc. because it looks like it is using Lite.  Thanks.
    Thursday, September 10, 2009 5:45 PM

  • ...try to navigate directly to ECP using this url
    https://servername/ecp/

    for example if you use browser Opera or Safari for Windows you always get Light version of OWA, and there no link menu to ECP but if you directly go to ECP its works, not mater what browser or auth method are you use.



    Arman Obosyan, http://postmaster.ge/blog
    Thursday, September 10, 2009 6:29 PM
  • If I do this, I get the authentication (forms authentication, even though ECP is disabled for forms authentication and set to only use integrated windows authentication) and I type in my credentials.  Then I get "the page cannot be found" on the URL --> https://server/owa/auth.owa.  Oh, and I am using only IE in this lab environment.

    Thanks,
    Sandy
    Thursday, September 10, 2009 6:56 PM

  • After you change Auth method in Exchange Management Console, you also need to check IIS for correct Auth method on ECP virtual directory, check IIS ECP and make sure that there is Windows Auth is enabled, also reset parametr in EMC, and do iisreset

    p.s.
    I have similar issue wane I publish ECP throw ISA Server and not correctly setup auth method, after login in ECP I get in url owa/auth.owa 


    Arman Obosyan, http://postmaster.ge/blog
    Friday, September 11, 2009 4:03 AM
  • Yes, both OWA and ECP are set for windows integrated authentication in EMC and have verified in IIS Management console for authentication.  They are set the same on both in EMC and IIS.  Any other ideas?

    Also, in using the Get-OWAVirtualDirectory  |FL cmdlet, I see an attribute called OWALightEnabled=True.  I do want it set to true, but wonder if this is keeping OWA from displaying the full web client in the RC build?  Any thoughts?

    UPDATE: I did a Set-OWAVirtualDirectory -identity "server\owa (default Web site)" -OWALightEnabled $false and turned this identity off.  My IE (version 6.0.2900.5512....) gave me this error --> This browser doesn't provide the full Outlook Web application experience.  For the best experience: Install the latest version of Windows Internet Explorer.  Outlook Web app also works great with: The latest version of Mozilla Firefox.

    Interesting! And it doesn't give you any other options to proceed at this point.  Is anyone aware of the minimum IE requirements for OWA on Exchange 2010 going forward?

    Also, just opened OWA with IE (version 7.0.6000.16890) and it opened without the error from IE6, but when I click options, it prompts me for my credentials again, and then does the same thing as it does when I try to hit \ecp directly and won't let me into that web application.  Any ideas on this?  Once this is resolved, I'll probably be able to use Message Tracking (my other post). 

    Thanks!
    Friday, September 11, 2009 2:59 PM
  • Sandy,

    Browser requirements for OWA are IE7 or above,  Firefox 3.x, and Safari 3.x and 4.x on Mac OS.  I don't believe premium client is is supported for Safari on Windows yet.  In order for us to support Firefox and Safari, we had to stop support for IE6 which didn't comply with web standards enough.

    With regards to ECP, what exactly happens when ECP doesn't let you into application?  What errors do you get from the app itself?  What errors do you have in the application event log from "Microsoft Exchange - Control Panel" source or from ASP.NET source?

    Max.
    Saturday, September 12, 2009 4:08 PM
  • Forgive me for my ignorance, but I am looking at the event viewer and can see Applications and Services Logs > Microsoft > Exchange, but there is only HighAvailability and MailboxDatabaseFailover under that.  At the top, under Custom Views, there is a Microsoft Exchange with Database Availability Group.  Otherwise, I don't see where you refer to Control Panel and I can't find where the ASP.NET source would be either.  I'm new to all this so please forgive me for not knowing where to look further.  All I know is that I get a "the page cannot be found" in my browser on the URL --> https://server/owa/auth.owa.  Thanks.

    Sandy
    Monday, September 14, 2009 6:38 PM
  • That's ok Sandy.  The logs I speak of would be in the Windows Logs -> Application.  Source column would be the one reading "control Panel" or "ASP.NET". 

    What's suspicious is that your CAS is asking you to authenticate at https://server/owa/auth.owa even though forms-based auth is off and integrated auth is on.  Could you e-mail me complete output for the following 2 powershell commands:

    "get-owavirtualdirectory | fl"
    "get-ecpvirtualdirectory | fl"

    You can find link to Powershell under Start->Programs->Microsoft Exchange 2010->Exchange Management Shell.

    Max.
    Max Vaysburd | Exchange - ECP dev lead
    Tuesday, September 15, 2009 4:00 AM
  • Sorry I didn't respond quicker.  I never got the alert of your posting and I've been on call, so it's been pretty hectic.  I didn't see any Source ASP.NET or Control Panel in the Event log.  But here are the output of the two powershell commands you asked for.  Thank you so much for helping out.

    OWAVirtualDirectory =

    RunspaceId                                          : f920ead7-5b2c-40c8-9c10-85365c96fa3b
    DirectFileAccessOnPublicComputersEnabled            : True
    DirectFileAccessOnPrivateComputersEnabled           : True
    WebReadyDocumentViewingOnPublicComputersEnabled     : True
    WebReadyDocumentViewingOnPrivateComputersEnabled    : True
    ForceWebReadyDocumentViewingFirstOnPublicComputers  : False
    ForceWebReadyDocumentViewingFirstOnPrivateComputers : False
    RemoteDocumentsActionForUnknownServers              : Block
    ActionForUnknownFileAndMIMETypes                    : ForceSave
    WebReadyFileTypes                                   : {.xlsx, .pptx, .docx, .xls, .rtf, .ppt, .pps, .pdf, .dot, .doc}
    WebReadyMimeTypes                                   : {application/vnd.openxmlformats-officedocument.presentationml.pre
                                                          sentation, application/vnd.openxmlformats-officedocument.wordproc
                                                          essingml.document, application/vnd.openxmlformats-officedocument.
                                                          spreadsheetml.sheet, application/vnd.ms-powerpoint, application/x
                                                          -mspowerpoint, application/vnd.ms-excel, application/x-msexcel, a
                                                          pplication/msword, application/pdf}
    WebReadyDocumentViewingForAllSupportedTypes         : True
    WebReadyDocumentViewingSupportedMimeTypes           : {application/msword, application/vnd.ms-excel, application/x-msex
                                                          cel, application/vnd.ms-powerpoint, application/x-mspowerpoint, a
                                                          pplication/pdf, application/vnd.openxmlformats-officedocument.wor
                                                          dprocessingml.document, application/vnd.openxmlformats-officedocu
                                                          ment.spreadsheetml.sheet, application/vnd.openxmlformats-officedo
                                                          cument.presentationml.presentation}
    WebReadyDocumentViewingSupportedFileTypes           : {.doc, .dot, .rtf, .xls, .ppt, .pps, .pdf, .docx, .xlsx, .pptx}
    AllowedFileTypes                                    : {.rpmsg, .xlsx, .xlsm, .xlsb, .tiff, .pptx, .pptm, .ppsx, .ppsm,
                                                          .docx, .docm, .zip, .xls, .wmv, .wma, .wav...}
    AllowedMimeTypes                                    : {image/jpeg, image/png, image/gif, image/bmp}
    ForceSaveFileTypes                                  : {.vsmacros, .ps2xml, .ps1xml, .mshxml, .gadget, .psc2, .psc1, .as
                                                          px, .wsh, .wsf, .wsc, .vsw, .vst, .vss, .vbs, .vbe...}
    ForceSaveMimeTypes                                  : {Application/x-shockwave-flash, Application/octet-stream, Applica
                                                          tion/futuresplash, Application/x-director}
    BlockedFileTypes                                    : {.vsmacros, .msh2xml, .msh1xml, .ps2xml, .ps1xml, .mshxml, .gadge
                                                          t, .mhtml, .psc2, .psc1, .msh2, .msh1, .aspx, .xml, .wsh, .wsf...
                                                          }
    BlockedMimeTypes                                    : {application/x-javascript, application/javascript, application/ms
                                                          access, x-internet-signup, text/javascript, application/xml, appl
                                                          ication/prg, application/hta, text/scriplet, text/xml}
    RemoteDocumentsAllowedServers                       : {}
    RemoteDocumentsBlockedServers                       : {}
    RemoteDocumentsInternalDomainSuffixList             : {}
    FolderPathname                                      :
    Url                                                 : {}
    LogonFormat                                         : FullDomain
    ClientAuthCleanupLevel                              : High
    FilterWebBeaconsAndHtmlForms                        : UserFilterChoice
    NotificationInterval                                : 120
    DefaultTheme                                        :
    UserContextTimeout                                  : 60
    ExchwebProxyDestination                             :
    VirtualDirectoryType                                :
    OwaVersion                                          : Exchange2010
    ServerName                                          : USEXV10
    RedirectToOptimalOWAServer                          : True
    DefaultClientLanguage                               : 0
    LogonAndErrorLanguage                               : 0
    UseGB18030                                          : False
    UseISO885915                                        : False
    OutboundCharset                                     : AutoDetect
    GlobalAddressListEnabled                            : True
    OrganizationEnabled                                 : True
    ExplicitLogonEnabled                                : True
    OWALightEnabled                                     : False
    DelegateAccessEnabled                               : True
    IRMEnabled                                          : True
    CalendarEnabled                                     : True
    ContactsEnabled                                     : True
    TasksEnabled                                        : True
    JournalEnabled                                      : True
    NotesEnabled                                        : True
    RemindersAndNotificationsEnabled                    : True
    PremiumClientEnabled                                : True
    SpellCheckerEnabled                                 : True
    SearchFoldersEnabled                                : True
    SignaturesEnabled                                   : True
    ThemeSelectionEnabled                               : True
    JunkEmailEnabled                                    : True
    UMIntegrationEnabled                                : True
    WSSAccessOnPublicComputersEnabled                   : True
    WSSAccessOnPrivateComputersEnabled                  : True
    ChangePasswordEnabled                               : True
    UNCAccessOnPublicComputersEnabled                   : True
    UNCAccessOnPrivateComputersEnabled                  : True
    ActiveSyncIntegrationEnabled                        : True
    AllAddressListsEnabled                              : True
    RulesEnabled                                        : True
    PublicFoldersEnabled                                : True
    SMimeEnabled                                        : True
    RecoverDeletedItemsEnabled                          : True
    InstantMessagingEnabled                             : True
    TextMessagingEnabled                                : True
    InstantMessagingType                                : None
    Exchange2003Url                                     :
    LegacyRedirectType                                  : Silent
    Name                                                : owa (Default Web Site)
    InternalAuthenticationMethods                       : {Ntlm, WindowsIntegrated}
    MetabasePath                                        : IIS://USEXV10.qa-na.qa-intranet.msd/W3SVC/1/ROOT/owa
    BasicAuthentication                                 : False
    WindowsAuthentication                               : True
    DigestAuthentication                                : False
    FormsAuthentication                                 : False
    LiveIdAuthentication                                : False
    DefaultDomain                                       :
    GzipLevel                                           : High
    WebSite                                             : Default Web Site
    DisplayName                                         : owa
    Path                                                : C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\owa
    Server                                              : USEXV10
    InternalUrl                                         : https://usexv10.qa-na.qa-intranet.msd/owa
    ExternalUrl                                         :
    ExternalAuthenticationMethods                       : {Fba}
    AdminDisplayName                                    :
    ExchangeVersion                                     : 0.10 (14.0.100.0)
    DistinguishedName                                   : CN=owa (Default Web Site),CN=HTTP,CN=Protocols,CN=USEXV10,CN=Serv
                                                          ers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Adminis
                                                          trative Groups,CN=QA-NA,CN=Microsoft Exchange,CN=Services,CN=Conf
                                                          iguration,DC=qa-intranet,DC=msd
    Identity                                            : USEXV10\owa (Default Web Site)
    Guid                                                : b7889ee5-69a1-4545-8877-2e63b46d21c7
    ObjectCategory                                      : qa-intranet.msd/Configuration/Schema/ms-Exch-OWA-Virtual-Director
                                                          y
    ObjectClass                                         : {top, msExchVirtualDirectory, msExchOWAVirtualDirectory}
    WhenChanged                                         : 9/11/2009 11:13:06 AM
    WhenCreated                                         : 9/1/2009 2:03:18 PM
    WhenChangedUTC                                      : 9/11/2009 3:13:06 PM
    WhenCreatedUTC                                      : 9/1/2009 6:03:18 PM
    OrganizationId                                      :
    OriginatingServer                                   : USADADCV01.qa-intranet.msd
    IsValid                                             : True

    RunspaceId                                          : f920ead7-5b2c-40c8-9c10-85365c96fa3b
    DirectFileAccessOnPublicComputersEnabled            : True
    DirectFileAccessOnPrivateComputersEnabled           : True
    WebReadyDocumentViewingOnPublicComputersEnabled     : True
    WebReadyDocumentViewingOnPrivateComputersEnabled    : True
    ForceWebReadyDocumentViewingFirstOnPublicComputers  : False
    ForceWebReadyDocumentViewingFirstOnPrivateComputers : False
    RemoteDocumentsActionForUnknownServers              : Block
    ActionForUnknownFileAndMIMETypes                    : ForceSave
    WebReadyFileTypes                                   : {.xlsx, .pptx, .docx, .xls, .rtf, .ppt, .pps, .pdf, .dot, .doc}
    WebReadyMimeTypes                                   : {application/vnd.openxmlformats-officedocument.presentationml.pre
                                                          sentation, application/vnd.openxmlformats-officedocument.wordproc
                                                          essingml.document, application/vnd.openxmlformats-officedocument.
                                                          spreadsheetml.sheet, application/vnd.ms-powerpoint, application/x
                                                          -mspowerpoint, application/vnd.ms-excel, application/x-msexcel, a
                                                          pplication/msword, application/pdf}
    WebReadyDocumentViewingForAllSupportedTypes         : True
    WebReadyDocumentViewingSupportedMimeTypes           : {application/msword, application/vnd.ms-excel, application/x-msex
                                                          cel, application/vnd.ms-powerpoint, application/x-mspowerpoint, a
                                                          pplication/pdf, application/vnd.openxmlformats-officedocument.wor
                                                          dprocessingml.document, application/vnd.openxmlformats-officedocu
                                                          ment.spreadsheetml.sheet, application/vnd.openxmlformats-officedo
                                                          cument.presentationml.presentation}
    WebReadyDocumentViewingSupportedFileTypes           : {.doc, .dot, .rtf, .xls, .ppt, .pps, .pdf, .docx, .xlsx, .pptx}
    AllowedFileTypes                                    : {.rpmsg, .xlsx, .xlsm, .xlsb, .tiff, .pptx, .pptm, .ppsx, .ppsm,
                                                          .docx, .docm, .zip, .xls, .wmv, .wma, .wav...}
    AllowedMimeTypes                                    : {image/jpeg, image/png, image/gif, image/bmp}
    ForceSaveFileTypes                                  : {.vsmacros, .ps2xml, .ps1xml, .mshxml, .gadget, .psc2, .psc1, .as
                                                          px, .wsh, .wsf, .wsc, .vsw, .vst, .vss, .vbs, .vbe...}
    ForceSaveMimeTypes                                  : {Application/x-shockwave-flash, Application/octet-stream, Applica
                                                          tion/futuresplash, Application/x-director}
    BlockedFileTypes                                    : {.vsmacros, .msh2xml, .msh1xml, .ps2xml, .ps1xml, .mshxml, .gadge
                                                          t, .mhtml, .psc2, .psc1, .msh2, .msh1, .aspx, .xml, .wsh, .wsf...
                                                          }
    BlockedMimeTypes                                    : {application/x-javascript, application/javascript, application/ms
                                                          access, x-internet-signup, text/javascript, application/xml, appl
                                                          ication/prg, application/hta, text/scriplet, text/xml}
    RemoteDocumentsAllowedServers                       : {}
    RemoteDocumentsBlockedServers                       : {}
    RemoteDocumentsInternalDomainSuffixList             : {}
    FolderPathname                                      :
    Url                                                 : {}
    LogonFormat                                         : FullDomain
    ClientAuthCleanupLevel                              : High
    FilterWebBeaconsAndHtmlForms                        : UserFilterChoice
    NotificationInterval                                : 120
    DefaultTheme                                        :
    UserContextTimeout                                  : 60
    ExchwebProxyDestination                             :
    VirtualDirectoryType                                :
    OwaVersion                                          : Exchange2010
    ServerName                                          : USEXV08
    RedirectToOptimalOWAServer                          : True
    DefaultClientLanguage                               : 0
    LogonAndErrorLanguage                               : 0
    UseGB18030                                          : False
    UseISO885915                                        : False
    OutboundCharset                                     : AutoDetect
    GlobalAddressListEnabled                            : True
    OrganizationEnabled                                 : True
    ExplicitLogonEnabled                                : True
    OWALightEnabled                                     : True
    DelegateAccessEnabled                               : True
    IRMEnabled                                          : True
    CalendarEnabled                                     : True
    ContactsEnabled                                     : True
    TasksEnabled                                        : True
    JournalEnabled                                      : True
    NotesEnabled                                        : True
    RemindersAndNotificationsEnabled                    : True
    PremiumClientEnabled                                : True
    SpellCheckerEnabled                                 : True
    SearchFoldersEnabled                                : True
    SignaturesEnabled                                   : True
    ThemeSelectionEnabled                               : True
    JunkEmailEnabled                                    : True
    UMIntegrationEnabled                                : True
    WSSAccessOnPublicComputersEnabled                   : True
    WSSAccessOnPrivateComputersEnabled                  : True
    ChangePasswordEnabled                               : True
    UNCAccessOnPublicComputersEnabled                   : True
    UNCAccessOnPrivateComputersEnabled                  : True
    ActiveSyncIntegrationEnabled                        : True
    AllAddressListsEnabled                              : True
    RulesEnabled                                        : True
    PublicFoldersEnabled                                : True
    SMimeEnabled                                        : True
    RecoverDeletedItemsEnabled                          : True
    InstantMessagingEnabled                             : True
    TextMessagingEnabled                                : True
    InstantMessagingType                                : None
    Exchange2003Url                                     :
    LegacyRedirectType                                  : Silent
    Name                                                : owa (Default Web Site)
    InternalAuthenticationMethods                       : {Ntlm, WindowsIntegrated}
    MetabasePath                                        : IIS://USEXV08.qa-na.qa-intranet.msd/W3SVC/1/ROOT/owa
    BasicAuthentication                                 : False
    WindowsAuthentication                               : True
    DigestAuthentication                                : False
    FormsAuthentication                                 : False
    LiveIdAuthentication                                : False
    DefaultDomain                                       :
    GzipLevel                                           : High
    WebSite                                             : Default Web Site
    DisplayName                                         : owa
    Path                                                : C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\owa
    Server                                              : USEXV08
    InternalUrl                                         : https://usexv08.qa-na.qa-intranet.msd/owa
    ExternalUrl                                         :
    ExternalAuthenticationMethods                       : {Fba}
    AdminDisplayName                                    :
    ExchangeVersion                                     : 0.10 (14.0.100.0)
    DistinguishedName                                   : CN=owa (Default Web Site),CN=HTTP,CN=Protocols,CN=USEXV08,CN=Serv
                                                          ers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Adminis
                                                          trative Groups,CN=QA-NA,CN=Microsoft Exchange,CN=Services,CN=Conf
                                                          iguration,DC=qa-intranet,DC=msd
    Identity                                            : USEXV08\owa (Default Web Site)
    Guid                                                : 62eeae3d-254a-4aa5-b71e-97c17aaba9f7
    ObjectCategory                                      : qa-intranet.msd/Configuration/Schema/ms-Exch-OWA-Virtual-Director
                                                          y
    ObjectClass                                         : {top, msExchVirtualDirectory, msExchOWAVirtualDirectory}
    WhenChanged                                         : 9/3/2009 1:40:26 PM
    WhenCreated                                         : 9/2/2009 3:04:21 PM
    WhenChangedUTC                                      : 9/3/2009 5:40:26 PM
    WhenCreatedUTC                                      : 9/2/2009 7:04:21 PM
    OrganizationId                                      :
    OriginatingServer                                   : USADADCV01.qa-intranet.msd
    IsValid                                             : True

    ECPVirtualDirectory =

    RunspaceId                    : f920ead7-5b2c-40c8-9c10-85365c96fa3b
    Name                          : ecp (Default Web Site)
    InternalAuthenticationMethods : {Basic, Fba}
    MetabasePath                  : IIS://USEXV10.qa-na.qa-intranet.msd/W3SVC/1/ROOT/ecp
    BasicAuthentication           : False
    WindowsAuthentication         : True
    DigestAuthentication          : False
    FormsAuthentication           : False
    LiveIdAuthentication          : False
    DefaultDomain                 :
    GzipLevel                     : High
    WebSite                       : Default Web Site
    DisplayName                   : ecp
    Path                          : C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\ecp
    Server                        : USEXV10
    InternalUrl                   : https://usexv10.qa-na.qa-intranet.msd/ecp
    ExternalUrl                   :
    ExternalAuthenticationMethods : {Fba}
    AdminDisplayName              :
    ExchangeVersion               : 0.10 (14.0.100.0)
    DistinguishedName             : CN=ecp (Default Web Site),CN=HTTP,CN=Protocols,CN=USEXV10,CN=Servers,CN=Exchange Admini
                                    strative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=QA-NA,CN=Microsoft Exchang
                                    e,CN=Services,CN=Configuration,DC=qa-intranet,DC=msd
    Identity                      : USEXV10\ecp (Default Web Site)
    Guid                          : 23900a0f-6ea9-4a14-b9ec-ef2baf5a018d
    ObjectCategory                : qa-intranet.msd/Configuration/Schema/ms-Exch-ECP-Virtual-Directory
    ObjectClass                   : {top, msExchVirtualDirectory, msExchECPVirtualDirectory}
    WhenChanged                   : 9/1/2009 2:03:43 PM
    WhenCreated                   : 9/1/2009 2:03:24 PM
    WhenChangedUTC                : 9/1/2009 6:03:43 PM
    WhenCreatedUTC                : 9/1/2009 6:03:24 PM
    OrganizationId                :
    OriginatingServer             : USADADCV01.qa-intranet.msd
    IsValid                       : True

    RunspaceId                    : f920ead7-5b2c-40c8-9c10-85365c96fa3b
    Name                          : ecp (Default Web Site)
    InternalAuthenticationMethods : {Basic, Fba}
    MetabasePath                  : IIS://USEXV08.qa-na.qa-intranet.msd/W3SVC/1/ROOT/ecp
    BasicAuthentication           : False
    WindowsAuthentication         : True
    DigestAuthentication          : False
    FormsAuthentication           : False
    LiveIdAuthentication          : False
    DefaultDomain                 :
    GzipLevel                     : High
    WebSite                       : Default Web Site
    DisplayName                   : ecp
    Path                          : C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\ecp
    Server                        : USEXV08
    InternalUrl                   : https://usexv08.qa-na.qa-intranet.msd/ecp
    ExternalUrl                   :
    ExternalAuthenticationMethods : {Fba}
    AdminDisplayName              :
    ExchangeVersion               : 0.10 (14.0.100.0)
    DistinguishedName             : CN=ecp (Default Web Site),CN=HTTP,CN=Protocols,CN=USEXV08,CN=Servers,CN=Exchange Admini
                                    strative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=QA-NA,CN=Microsoft Exchang
                                    e,CN=Services,CN=Configuration,DC=qa-intranet,DC=msd
    Identity                      : USEXV08\ecp (Default Web Site)
    Guid                          : d848d2b9-7e88-47ad-ab21-9b7d083c4e2e
    ObjectCategory                : qa-intranet.msd/Configuration/Schema/ms-Exch-ECP-Virtual-Directory
    ObjectClass                   : {top, msExchVirtualDirectory, msExchECPVirtualDirectory}
    WhenChanged                   : 9/2/2009 3:05:04 PM
    WhenCreated                   : 9/2/2009 3:04:27 PM
    WhenChangedUTC                : 9/2/2009 7:05:04 PM
    WhenCreatedUTC                : 9/2/2009 7:04:27 PM
    OrganizationId                :
    OriginatingServer             : USADADCV01.qa-intranet.msd
    IsValid                       : True

    Thanks again!!

    Tuesday, September 15, 2009 7:57 PM
  • Hi Sandy.

    I believe your issue is caused by using IIS admin tools to administer the ECP virtual directory instead of Exchange Management Console.  The auth settings for NTLM should look like this:

    InternalAuthenticationMethods : {Ntlm, WindowsIntegrated}
    BasicAuthentication           : False
    WindowsAuthentication         : True
    DigestAuthentication          : False
    FormsAuthentication           : False
    LiveIdAuthentication          : False

    Yours look like this:

    InternalAuthenticationMethods : {Basic, Fba}
    BasicAuthentication           : False
    WindowsAuthentication         : True
    DigestAuthentication          : False
    FormsAuthentication           : False
    LiveIdAuthentication          : False

    While the flag for WindowsAuthentication says $true, the InternalAuthenticationMethods property directs IIS to apply FBA.  The fix would be to go into Exchange Management Console and set Windows Auth setting there.  If it's already set, change it to FBA first, apply, then back to Windows and apply again.  When you run Get-ECPVirtualDirectory | fl *Authentication*  on cmdline you should get settings similar to my first example.

    Hope this helps.
    Max Vaysburd | Exchange - ECP dev lead
    • Marked as answer by Sandy Harvey Monday, September 21, 2009 3:37 PM
    Thursday, September 17, 2009 1:56 PM
  • That was it!!  Perfect.  And it fixed the Message Tracking Tool issue from EMC as well.  I had no idea that changing the settings via IIS Manager would make it not work since the pop-up box tells you to do it when you change the OWA settings.  Maybe it shouldn't tell you to do that or be more clear in where to change it, not in IIS manager, but in the EMC itself.  But that worked.  I'm so grateful.  Thank you again!!

    Sandy
    Monday, September 21, 2009 3:39 PM
  • Thanks been looking for this answer everywhere.
    Wednesday, March 31, 2010 11:49 AM
  • Thanks Max it solved my issue too
    Friday, June 24, 2011 2:07 AM
  • Thank you. It is working (EMC side)
    Thursday, February 23, 2012 9:20 PM
  • I have this same issue, however, when I apply FBA, and then reset IIS, then change back to Windows and apply again from EMC, it makes no changes to get-ecpvirtualdirectory | fl *authentication*

    It still lists InternalAuthenticationMethods as Basic, Fba
    and WindowsAuthentication is still set to False.

    *Edit* Found that I was changing the authentication under Outlook web app instead of Exchange Control panel. When I changed it to FBA and back then it fixed my issue.

    Thank you,
    Andy

    • Edited by blah1231231 Friday, May 04, 2012 1:18 AM Found an error I was making
    Friday, May 04, 2012 12:47 AM