question

CatherineJaszewski-5685 avatar image
0 Votes"
CatherineJaszewski-5685 asked AndyDavid commented

OWA login using Windows Security dialog box

I recently migrated from a Exchange 2016 CU17 to a Exchange 2019 CU8.
I had some issue with authentication to OWA and ECP but was able to resolve by using Basic and Windows authentication on the Virtual Directories.
However, now my users are being prompted by a Windows Security box for credentials vs. the default ASPX login page from Exchange.
We are able log into OWA and ECP but with Windows Security box only.

How do I get my ASPX login page back?

Please advise.

thank you,

office-exchange-server-administration
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CatherineJaszewski-5685 avatar image
0 Votes"
CatherineJaszewski-5685 answered AndyDavid commented

Andy!

WhooHoo!!! I took your advise and changed authentication to Forms Based (with Basic) for both ECP and OWA and voila! Its working!

I think before when we tried to use Forms Based I was still having WMSVC SHA2 certificate issues with Web Management.

But we are now good to go!

Thank you! Thank you! Thank you!!!

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Cool :)
Would it be possible to mark my answer as accepted :)

0 Votes 0 ·
AndyDavid avatar image
0 Votes"
AndyDavid answered CatherineJaszewski-5685 commented

Did you disable Forms based auth on those virtaul directories?


 Get-OwaVirtualDirectory -Server exch3 | fl *auth*
 Get-EcpVirtualDirectory -Server exch3 | fl *auth*

If you want forms-based, you can enable:

 Set-OwaVirtualDirectory -Identity "EXCH3\owa (Default Web Site)" -FormsAuthentication $true -WindowsAuthentication $false

 Set-EcpVirtualDirectory -Identity "EXCH3\ECP (Default Web Site)" -FormsAuthentication $true -WindowsAuthentication $false


This doc sort of touches on the issue if you didnt want Forms Based:
https://docs.microsoft.com/en-us/exchange/troubleshoot/client-connectivity/fba-page-shows-when-accessing-owa-or-eac

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi Andy,

We tried the forms based authentication on ECP (and ecp alone because so many of our staff are using OWA). As a result of FBA, I couldn't launch EAC at all. I had to use powershell to remove forms authentication to get back into EAC. I will read the Microsoft doc to see if I there is another authentication method other then FBA.

Any other ideas why this might be happening? Any advise is appreciated.

Thank you!

0 Votes 0 ·
AndyDavid avatar image AndyDavid CatherineJaszewski-5685 ·

whats the auth set to now?

 Get-OwaVirtualDirectory -Server exch3 | fl *auth*
 Get-EcpVirtualDirectory -Server exch3 | fl *auth*
0 Votes 0 ·

It is set to Basic and Windows Authentication

0 Votes 0 ·
Show more comments
AndyDavid avatar image
0 Votes"
AndyDavid answered AndyDavid edited

If you set BasicAuthentication to $false, then it should just allow domain-joined users to access without any prompt, otherwise you will need to enable forms-based auth if you want them to get the web-based logon screen so they can enter their password or integrate with ADFS

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.