Topic: no access to Outlook Web Access

[Glenn Kennedy]

I use 5.5 at home , my employer uses Exchange with Outlook Web Access at work .

I've never been able to properly connect to OWA from my home windows PC which is behind SME5.5.

I search of the Microsoft knowledge base reveals this description of the problem, and purports to blame the firewall (SME5.5) for not handling http WebDAV extensions properly:

http://support.microsoft.com/default.aspx?scid=kb;en-us;328663

Any thoughts on this? Workarounds? I'm sure I'm not the only SME user to have experienced this problem.

Thanks,

Glenn Kennedy
gkennedy@advantax.ca

[Dan Brown]

That article blames the firewall at work, not your SME box.  FWIW, I have no trouble accessing OWA through my SME 5.1.2 box at home.

[Tom Veitch]

I have had this problem before,

it is to do with squid proxy and passwords if you use Nescape it will work fine

Regards

Tom

[Eric]

I use Mozilla, no problems there.  Still can't connect with IE.

[Glenn Kennedy]

Mozilla works. IE does not. Interesting, isn't it that I need a non-M$ product to connect to a M$ server.

Thanks.

Glenn Kennedy

[Peter Olsen]

I have the same problem.. If you only want to read e-mail it is possible to use lynx

[Derek]

I too had the same problem with E-Smith Server V5.0 onwards and tried all manner of things to sort it but to no avail. However once I actually put my brain into gear and thought about the problem (aided by the 193 page Squid Configuration Manual from www.visolve.com) the solution was actually quite easy.

For a quick fix - try the following:

1. Logon to a normal shell as root and cd into /etc/squid
2. Copy squid.conf to squid.conf.mitel (just in case...)
3. Edit with vi (or whatever) squid.conf and include the following two lines:

#Following line added to test Outlook Web Access
extension_methods SEARCH

4. Save squid.conf
5. Type service squid restart
6. Test access to your exchange server from a network machine.

When I get time, I'll fathom out where to put this as a template fragment.....

Hope it helps,

Derek.

[Derek]

Sorry - forgot to include this bit:

This should work for all versions of Squid from V2.4 onward.

Type

rpm -q squid

to find out which version you have.

Derek.

[Rob]

Author: Derek (derek_AT_datatag.fsnet.co.uk)
Date:   11-30-02 10:17

I too had the same problem with E-Smith Server V5.0 onwards and tried all manner of things to sort it but to no avail. However once I actually put my brain into gear and thought about the problem (aided by the 193 page Squid Configuration Manual from www.visolve.com) the solution was actually quite easy.

For a quick fix - try the following:

1. Logon to a normal shell as root and cd into /etc/squid
2. Copy squid.conf to squid.conf.mitel (just in case...)
3. Edit with vi (or whatever) squid.conf and include the following two lines:

#Following line added to test Outlook Web Access
extension_methods SEARCH

4. Save squid.conf
5. Type service squid restart
6. Test access to your exchange server from a network machine.

When I get time, I'll fathom out where to put this as a template fragment.....

Hope it helps,

Derek.

I created a directory for squid in templates-custom
type:  mkdir -p /etc/e-smith/templates-custom/etc/squid/squid.conf
Your custom fragments for squid should be created in this directory

I then created a file called 50extension_methods10SEARCH in squid.conf directory
using pico
type: pico 50extension_methods10SEARCH

file contained the single line below
 extension_methods SEARCH
(thanks Derek)

saved it and then expanded the template
type:  /sbin/e-smith/expand-template /etc/squid/squid.conf

restarted squid services
type: service squid restart

worked perfect Now whenever you reboot the settings will stick

[Tony Howden]

Hi All

I've got all of these options setup and its sort of working, but it is constantly prompting for the username and password. Any clues please ?

cheers
Tony

[Glenn Kennedy]

Yes, install Mozilla and use it for acesss to Outlook webaccess.

[Tony Howden]

Hi Glenn

Thanks for the suggestion and I wouldn't mind but I am working with some very pro MS people and we are making at least some headway with the various linux servers I have in place. As much as I'd like to, its not going to happen, yet.

What I am looking for is the reason why IE(any version) using the MS authentication wants to validate the user three or more times in a session of OWA when going via an SME server. I have checked this with two separate servers at different locations with different users and it is a consistent issue.

Mozilla, or any browser other than IE, will not use the Windows Authentication and will fall-back to a plain text authentication which would most likely work (I havent tried so I am guessing its ok).

So can anyone tell me if they have a solution to using IE as the browser.

Thanks.

Tony

[Glenn Kennedy]

One of the earlier posts (or maybe it was a devinfo message) made reference to a M$ knowledge base article relating to OWA configuration and firewalls. I had looked at this at one point and asked my sysadmin at work to make the changes to the OWA server. He bascially told me to f**k off, so I installed Mozilla at home as a work around. But, if I recall correctly, the problem you are (I was) experiencing relates to OWA using dynamic ports (as opposed to fixed port mapping) between the OWA server and the Exchange server's message store - for some reason IE chokes when the ports change. But I'm no expert at OWA configuration - if you search through the M$ KB for "firewall" and "outlook web access" you should find the article I'm thinking of. Your pro-M$ lackeys should then know what to do with it.

Glenn

[Derek Atkinson]

Tony Howden wrote:
>
> Hi All
>
> I've got all of these options setup and its sort of working,
> but it is constantly prompting for the username and password.
> Any clues please ?
>
> cheers
> Tony

I've followed the other threads to this message but I haven't seen the problem with my own configuration so I can't really shed any light on it. As the problem seems to occur on different client machines across more than one set-up, it sounds probable that there is a configuration issue with OWA on your office's Exchange Server itself or with the office Firewall/Router rather than your remote LAN(s).  

If it had been a single client machine affected, I would check the LAN options of IE as I have had problems when it is set to "Automatically Detect Settings".  It doesnt always get things right and it can give some weird problems at times, so I have mine set manually to the IP address of my SME box at port 3128 (Squid default) and it works fine.

It may possibly be a ports issue but my server runs SME 5.5 U2 and has no ports open other than those it ships with. The only mods to the configuration are that Samba has been updated and the OWA Methods fix has been incorporated into Squid. I have another server on a different LAN running SME 4.1.2, and OWA works fine through this machine too.

If it were me, I would firstly try connecting to OWA directly from an affected client via a modem and dial-up link to the internet, to prove whether the problem is related to the client or the LAN. It's a fairly safe bet that if OWA doesn't work on a machine connected directly to the internet through a modem (or ISDN, broadband etc) then it won't work through your LAN. If your LAN is suspect, then I would connect everything back up and run a packet sniffer on the client to monitor the network traffic during the session and find out what is going on.

If you have the time and a spare machine (or HD) you could always stick a temporary copy of Win 2000 Pro on the server, set up an Internet connection then run Win 2000's inbuilt ICS to share the internet across the LAN. You could then try OWA on the affected client(s) whilst running the packet sniffer on the client to see what the differences in traffic are between Win 2000 and the SME box. Note that you would need to reset the client IE LAN settings back to Auto for this though as there is no Proxy running. Also when you run ICS on a Win 2000 machine acting as a "server", the machine's internal network IP address is reset to the Class "C" default of 192.168.0.1. You will need to manually set this network IP address to match your own network AFTER installing ICS, or you may have problems when you try to access the "server" machine!

When you authenticate, a token needs to be stored on the client machine for the duration of the session and I would guess that this may be in the form of a session cookie or similar. If there is a problem with cookies (which may not be readily apparent otherwise) then this might possibly have an effect but it should only affect a single machine (unless there is some obscure Network policy in place relating to cookies!).

I've looked for any technical articles or white papers on how OWA actually works, but there is nothing of substance on the 'net other than the usual Microsoft stuff that appears to be little more than self-promoting blurb, or articles on how to fix problems or plug security loopholes!

Our Head Office IT support is out to contract and I have asked the IT guy if he can shed some light on how OWA works but, to date, I've heard nothing back so I can only assume he either wants paying for it or doesn't know!

I hope this may be of some use to you (and to others with odd problems!)

Derek.

[wgimenes]

I hate Micro$oft even more today! Thanks guys. The suggestion above to edit the squid.conf worked first time for my customer. Again, the community comes up trumps.

Wagner