OWA, the UPN, and email address
Hello all.
We just purchased and installed a new Exchange Server 2007 installation and we are switching off of hosted exchange services, so this is the first time an exchange server has been in our environment.
Currently, our users log on to OWA with their email address and password. We're trying to replicate this functionality with our new installation, but we're having issues.
Our AD domain looks like corp.mycompany.com and our email addresses look like @mycompany.com. Worse still, our AD usernames look like john-smith@corp.mycompany.com, and our email address usernames look like jsmith@mycompany.com. We set up an email address policy so that john-smith automatically gets a jsmith@mycompany.com email and that is working great.
So when we set OWA to use UPNs for the authentication, despite the fact that it says "Email Address:" on the login page, it is expecting john-smith@corp.mycompany.com. We want to avoid having to change user's AD names and domain, because with 70+ users that would be a nightmare having to retrain them, since our IT staff is 2 people strong. Plus, we have about 15 mobile users across the states that would have to bring their laptops in to re-authenticate to the new domain which would be near impossible. I saw the articles about adding mycompany.com to the UPN list for the domain, but that doesn't help with retaining the current AD login structure and naming conventions.
How can we configure OWA to ACTUALLY use the email address of the mailbox for authentication? Please tell me this is possible.
Thanks for any replies.
July 10th, 2008 6:05pm
are you using Forms Based auth?
OWA is not using the smtp address, its using the UPN when specifying the user account when you login.
tip. you gain simplicity by having the SMTP domain name the same as UPN domain, and also by having AD account the same as Exchange alias.
Free Windows Admin Tool Kit Click here and download it now
July 11th, 2008 12:47am
The OWA 2007 logon page requests "User name" and Password. You could specify the default domain for the default website on your CA server, there by defining what domain IIS will pair up with the username. Then the users will simply have to use there AD account name in the username field (Example: john-smith).
To set the default domain in IIS, go to the IIS admin console on the CA server(s), right-click on the default website, select Porperties. Go to the 'Directory Security' Tab and cliekc on the first 'Edit...' button. Select Basic authenitacation check box, and enter the default domain name. My current domain is listed in the 'Realm' field (and working). In my previous company I had it listed in the 'Default domain' field. So try either one.
Hope this helps and is useful.
Jeremy
July 11th, 2008 7:10pm
You can select any one from below three in form based authentication.
Domain\User Name
UPN
User name
You can see options here -> OWA login without DomainName
As Lasse suggested you can configure UPN and AD account same as alias.
Free Windows Admin Tool Kit Click here and download it now
July 11th, 2008 8:09pm