We have a few users that are having problems logging into OWA. When they attempt to login to OWA from a computer outside of the domain they get the message "The Local Security Authority cannot be contacted". I know the cause of this is that the user is restricted to logging on to a couple of machines in the domain. I have read some possible answers including adding the Exchange server or the mail domain to the list of computers that the user can log on to, but none of that has resolved the issue. Removing the log on to restrictions is not an option and we want to allow the user to access OWA from any machine outside of the domain. Does anyone have any other ideas on how this can be done? We are using Exchange Server 2003 and have two domain controllers; one is Server 2003 and the other is Server 2008.

Hi, Are you using SSL with Form Based Authentication ? Because if SSL is configured than you will need to configure Form Based Authentication on IIS. If this is not the case let me know also if you are getting some error in event viewer than let me know please. Regards. Shafaquat AliM.C.I.T.P Exchange 2007/2010, M.C.I.T.P Windows Server 2008, M.C.T.S OCS Server 2007 R2, Phone: +923008210320

Have you tried adding the Exchange servers to the list that the user can log in to? On Fri, 30 Jul 2010 16:59:43 +0000, jmoberg wrote: >We have a few users that are having problems logging into OWA. When they attempt to login to OWA from a computer outside of the domain they get the message "The Local Security Authority cannot be contacted". I know the cause of this is that the user is restricted to logging on to a couple of machines in the domain. I have read some possible answers including adding the Exchange server or the mail domain to the list of computers that the user can log on to, but none of that has resolved the issue. Removing the log on to restrictions is not an option and we want to allow the user to access OWA from any machine outside of the domain. Does anyone have any other ideas on how this can be done? We are using Exchange Server 2003 and have two domain controllers; one is Server 2003 and the other is Server 2008. Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Adding the Exchange server to the list of machines that can be logged on to is the answer to this question. However if you have multiple Exchange servers you may have to add them all to the list. A proxy can also cause problems. Furthermore, if you added the user then attempted to login almost immediately, then it may not work. As with many things, you need to be patient and allow everything to catch up. Simon.Simon Butler, Exchange MVP. http://blog.sembee.co.uk , http://exbpa.com/

On Sun, 1 Aug 2010 22:55:17 +0000, Sembee wrote: >Adding the Exchange server to the list of machines that can be logged on to is the answer to this question. However if you have multiple Exchange servers you may have to add them all to the list. A proxy can also cause problems. Furthermore, if you added the user then attempted to login almost immediately, then it may not work. As with many things, you need to be patient and allow everything to catch up. If you refer to them as "SLOW-main" controllers people start to get the idea. :-) --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

Hi, Try to change OWA authentication method to "Basic authentication" and see if the issue persists: 1. Open IIS, right click Exchange and choose properties. 2. In Directory Security tab, under "Authentication and access control" click Edit. 3. Clear the option "Integrated Windows authentication", only select the option "Basic authentication". 4. Restart IIS. Then test the issue once again. You are unable to log on to OWA when using account restrictions and Integrated authentication. Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Thanks

Thank you all for the suggestions. We are not using SSL. I did try adding the Exchange server to the list and was not able to login, but I tried to login right away. I will add the Exchange server again and wait awhile to see if it resloves the issue. I will also test changing the authentication type to basic.

I have had the Exchange server listed in the "Log on to" computers list for almost 24 hours and am still getting the same result. I tried changing to basic authentication and it kept acting like I was inputting the incorrect password. Any other suggestions?