You receive an "HTTP Error 403" error message when you try to log on to your mailbox in Outlook Web Access (899384)
The information in this article applies to:
- Microsoft Exchange Server 2003 Enterprise Edition
- Microsoft Exchange Server 2003 Standard Edition
Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base: 256986 Description of the Microsoft Windows registry SYMPTOMSWhen you try to log on to your mailbox in Microsoft Outlook Web Access (OWA), you receive an error message that is similar to the following: You are not authorized to view this page. You do not have permission to view this directory or page using the credentials that you supplied. Please try the following:
Contact the Web site administrator if you believe you should be able to view this directory or page. Click the Refresh button to try again with different credentials. HTTP Error 403 - Forbidden: Access is denied. Internet Information Services (IIS). CAUSEThis issue occurs if one or more of the following conditions are true: - There are front-end Microsoft Exchange computers and back-end Exchange computers in your organization. Additionally, there is a firewall or another network device that does not permit a Kerberos session to the back-end Exchange computers.
- There is a time difference among the following components:
- The front-end Exchange computers
- The back-end Exchange computers
- The global catalog servers
- The domain controllers
By default, the permitted time difference is five minutes. Authentication fails if the time difference exceeds five minutes.
RESOLUTIONWarning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk. To resolve this issue, synchronize the clocks among the front-end Exchange computers, the back-end Exchange computers, the global catalog servers, and the domain controllers. If you still receive the error message that is mentioned in the "Symptoms" section, follow these steps to change the front-end-to-back-end authentication method to basic authentication: - Click Start, click Run, type regedit in the Open box, and then click OK.
- Expand the following registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Service\MSExchangeWeb - Right-click MSExchangeWeb, point to New, and then click Key.
-
Type Dav to name the new key, and then press ENTER.
-
Right-click Dav, and then create the following registry entry:
Registry entry name: UseBasicAuthToBE Value type: DWORD Value data: 1 - Quit Registry Editor.
Modification Type: | Major | Last Reviewed: | 5/9/2006 |
---|
Keywords: | kbtshoot kbprb KB899384 kbAudITPRO |
---|
|