You cannot access the Exchange Server computer by using OWA after you turn on forms-based authentication in ISA Server 2004 (838704)


The information in this article applies to:

  • Microsoft Internet Security and Acceleration Server 2004, Standard Edition
  • Microsoft Exchange Server 2003 Standard Edition


Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry

SYMPTOMS

After you turn on forms-based authentication in your Microsoft Outlook Web Access (OWA) mail server publishing rule in Microsoft Internet Security and Acceleration (ISA) Server 2004, you cannot access the Microsoft Exchange Server computer by using OWA.

Note You can do Forms Based Authentication on the ISA Server 2004-based computer or the Microsoft Exchange Server-based computer by using OWA. However, you cannot do both at the same time.

When you try to connect to the Exchange Server computer by using OWA, you are repeatedly prompted for your credentials. You may receive the following error message after you enter your credentials and then click Log On:
Your session has expired. To continue, please re-enter your domain\user name and password, and then click Log On.

CAUSE

This problem occurs if you turn on forms-based authentication on the ISA Server 2004 Web listener, but you do not also turn off forms-based authentication on the Exchange Server computer.

RESOLUTION

Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

To resolve this problem, turn off forms-based authentication on the Exchange Server virtual server. To do this, follow these steps:
  1. On the Exchange Server computer, start Exchange System Manager.
  2. Expand Servers, expand ComputerName, expand Protocols, expand HTTP, right-click Exchange Virtual Server, and then click Properties.
  3. Click the Settings tab, click to clear the Enable Forms Based Authentication check box, and then click OK.
  4. Restart Microsoft Internet Information Services (IIS). To do this, follow these steps:
    1. Click Start, click Run, type cmd in the Open box, and then click OK.
    2. Type iisreset, and then press ENTER.

MORE INFORMATION

For more information about how to configure ISA Server 2004, visit the documentation in the Solutiondocs.exe file. To obtain this file, visit the following Microsoft Web site:

http://go.microsoft.com/fwlink/?LinkId=20794

Modification Type:MinorLast Reviewed:11/24/2004
Keywords:kbFirewall kbenv kberrmsg kbprb KB838704 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.