Technology Tips and News
Hey all,
After setting up my Exchange 2013 Server all is working fine now.
I am facing one thing though I am not happy about but this is just visual based.
The image below shows my current logon screen:
And the image it should look like is this one:
Anyone know where this went wrong?
Thanks for the help!
Hello,
When I use the url: https://localhost/ecp?ExchClientVer=15 to access ecp, I get a certificate issue. But I don't get the box "Windows Security".
In my environment, when I run the Get-EcpVritualDirectory "xxx" | fl cmdlet , I check the InternalAuthenticationMethods are Basic and Fba authentication.
I recommend you follow the Amit's suggestion to check if the FormsAuthentication is true.
If you have any feedback on our support, please click here
Here is the output.
[PS] C:\Windows\system32>Get-ecpVirtualDirectory | FL
RunspaceId : dfcde6a1-f13d-4a54-bf37-c907742b5d07
AdminEnabled : True
OwaOptionsEnabled : True
Name : ecp (Default Web Site)
InternalAuthenticationMethods : {Basic, Fba}
MetabasePath : IIS://EXCH01.MIEGROUPHQ.intra/W3SVC/1/ROOT/ecp
BasicAuthentication : True
WindowsAuthentication : False
DigestAuthentication : False
FormsAuthentication : True
LiveIdAuthentication : False
AdfsAuthentication : False
OAuthAuthentication : False
DefaultDomain :
GzipLevel : Low
WebSite : Default Web Site
DisplayName : ecp
Path : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\ecp
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
AdminDisplayVersion : Version 15.0 (Build 847.32)
Server : EXCH01
InternalUrl :
https://mail.miegroup.nl/ecp
ExternalUrl :
https://mail.miegroup.nl/ecp
ExternalAuthenticationMethods : {Fba}
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
The FormsAuthentication was set to false, i changed that to true.
When i try to logon now i get the correct logon screen.
After entering the credentials i get the iexplorer logon screen again.
After loging in to the iexplorer screen it redirects to https://localhost/owa/auth.owa HTTP400 Bad Request.
I did restart the IIS service already.
Here is the output.
[PS] C:\Windows\system32>Get-ecpVirtualDirectory | FL
RunspaceId : dfcde6a1-f13d-4a54-bf37-c907742b5d07
AdminEnabled : True
OwaOptionsEnabled : True
Name : ecp (Default Web Site)
InternalAuthenticationMethods : {Basic, Fba}
MetabasePath : IIS://EXCH01.MIEGROUPHQ.intra/W3SVC/1/ROOT/ecp
BasicAuthentication : True
WindowsAuthentication : False
DigestAuthentication : False
FormsAuthentication : True
LiveIdAuthentication : False
AdfsAuthentication : False
OAuthAuthentication : False
DefaultDomain :
GzipLevel : Low
WebSite : Default Web Site
DisplayName : ecp
Path : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\ecp
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
AdminDisplayVersion : Version 15.0 (Build 847.32)
Server : EXCH01
InternalUrl :
https://mail.miegroup.nl/ecp
ExternalUrl :
https://mail.miegroup.nl/ecp
ExternalAuthenticationMethods : {Fba}
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
The FormsAuthentication was set to false, i changed that to true.
When i try to logon now i get the correct logon screen.
After entering the credentials i get the iexplorer logon screen again.
After loging in to the iexplorer screen it redirects to https://localhost/owa/auth.owa HTTP400 Bad Request.
I did restart the IIS service already.
OWA and ECP needs to have the same authentication settings set, so do the same on the OWAVirtualdirectory if it doesn't have FBA set already.The FormsAuthentication was set to false, i changed that to true.
The FormsAuthentication was set to false, i changed that to true.
OWA and ECP needs to have the same authentication settings set, so do the same on the OWAVirtualdirectory if it doesn't have FBA se
The FormsAuthentication was set to false, i changed that to true.
OWA and ECP needs to have the same authentication settings set, so do the same on the OWAVirtualdirectory if it doesn't have FBA se
Ah, you are right Martina! I missed that, Thanks for adding it... :)
When i change the OWA formsauthentication to true, i have to change my web publishing rule in TMG2010
Hmmm, I use the same listener within TMG for Outlook Anywhere, Active Sync and OWA.
Changing these settings on OWA will interupt mail to all employees. Especially when i might have overlooked more.
What bothers me is that from external OWA and ECP are reachable, however ECP is internally not reachable.
OWA on the other hand will open but display only mail from last night, not newer email.
Using FBA on the Exchange VDirs would still work, if you changed the Authentication Delegation settings on the rules in TMG to: "No delegation, but client may authenticate directly"
I think we can try to remove BasicAuthentication from InternalAuthenticationMethods.
InternalAuthenticationMethods : {Basic, Fba}
As we don't need it. And then let's check the result by using this url: https:// server FQDN /ecp
Okay, status update.
The OWA not showing mail was a glitch i think. After a day rest i log back in to OWA and mail shows.
So now remains the ECP from inside.
Richard, could you provide the correct powershell rule to remove BasicAuthentication from InternalAuthenticationMethods. I am going to work on that next week.
Okay, status update.
The OWA not showing mail was a glitch i think. After a day rest i log back in to OWA and mail shows.
So now remains the ECP from inside.
Richard, could you provide the correct powershell rule to remove BasicAuthentication from InternalAuthenticationMethods. I am going to work on that next week.
Hi, maybe we don't need to change the InternalAuthenticationMethods. I did some tests in several labs, I found they were also {Basic, Fba} and I can access the ECP without supplying my credential.
How about using another account or PC ?
Hi All,
Has this issue been resolved?
This topic is archived. No further replies will be accepted.
Other recent topics
Click here to get your free copy of Network Administrator. Over 25 plugins to make your life easier