locked
Problem accessing /exchange virtual directory in Exchange 2007 RRS feed

  • Question

  • Environment Details

    ·         IBM Tivoli Access Manager for e-Business 6.1 on Windows server 2003 SP1

    ·         IBM Tivoli Access Manager WebSEAL 6.1 on Windows server 2003 SP1

    ·         MS Exchange Server 2007 SP3 (CAS and Mailbox roles installed on different boxes) - Windows server 2008 SP1

    ·         IIS 7.0

     

    Problem Summary

    We have established Single Sign-on between TAM and Exchanger Server using following link published on the IBM site titled IBM Tivoli Access Manager Microsoft Exchange 2007 Integration Adapter.

    http://www-01.ibm.com/support/docview.wss?rs=0&context=SSCK6AJ&dc=D400&uid=swg24003732&loc=en_US&cs=utf-8&lang=

    We have followed steps mentioned in this paper and established SSO for /OWA application hosted on Exchanger Server (CAS role). So when we hit url, https://CASserver.domain.com/owa, we are able to login through webSEAL and establishing SSO with backend Exchange Server and presented with mail box details of the logged in user. But the problem is when we hit https://CASserver.domain.com/exchange on the same browser session, we are presented with “Internal Server Error 500” screen.

    Our exchange server deployment consists of two different roles on two different boxes. CAS (Front end server with OWA) is installed on one server and Mailbox role is installed on another. All requests to the mailbox are routed to CAS first and then sent to backend mailbox server. This is a default exchange behavior. We have tested both the above mentioned URls without webSEAL/SSO and everything is working fine there. https://CASserver.domain.com/exchange url, gets the mailbox details of the logged in user. But when we access them through WebSEAL, we are getting errors.

    Can anybody provide some input on the issue?


    Dilip Kumar Gupta,
    http://diliptechnotes.blogspot.com/
    http://dilipinexchange.blogspot.com/
    Wednesday, March 16, 2011 11:23 AM

Answers

  • You might want to post this to a WebSEAL forum.

    Why would you want to use the /exchange virtual directory?  That's only provided for access to Exchange 2003 mailboxes.  You didn't say anything about having Exchange 2003.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Saturday, March 19, 2011 4:06 AM
  • Hi,

     

    Since you tested without webSEAL/SSO, everything is fine, this issue only occur when you access them through WebSEAL. I suggest you post this problem to WebSEAL forum.

     

    IBM forums

    https://www.ibm.com/developerworks/forums/index.html

     

    Thanks for understanding.

     

    Evan

     


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Monday, March 21, 2011 6:07 AM
    Moderator

All replies

  • You might want to post this to a WebSEAL forum.

    Why would you want to use the /exchange virtual directory?  That's only provided for access to Exchange 2003 mailboxes.  You didn't say anything about having Exchange 2003.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Saturday, March 19, 2011 4:06 AM
  • Hi,

     

    Since you tested without webSEAL/SSO, everything is fine, this issue only occur when you access them through WebSEAL. I suggest you post this problem to WebSEAL forum.

     

    IBM forums

    https://www.ibm.com/developerworks/forums/index.html

     

    Thanks for understanding.

     

    Evan

     


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Monday, March 21, 2011 6:07 AM
    Moderator
  • Hi,

    I got a suggestion that if I install and configure the custom module required to establish SSO between Tivoli WebSEAL & Exchange to /exchange virtual directory, I might be able to catch the header from the request and impersonate the user into IIS on MBX server.


    The problem is I am not able to browse exchange directory, getting \\.\BackOfficeStorage.......path. I need to put some configurations in web.config file as I do with OWA virtual directory.


    Can somebody help in configuring HTTP module under exchange virtual directory on MBX or CAS?
    Dilip Kumar Gupta,
    http://diliptechnotes.blogspot.com/
    http://dilipinexchange.blogspot.com/
    Tuesday, April 12, 2011 5:50 AM