iChain 2.1 and Outlook Web Access

Novell Cool Solutions: Feature
By Alejandro Mendoza

Digg This - Slashdot This Posted: 20 Feb 2003

Here's what we had to tackle:
Our system includes an Outlook Web Access (OWA) and Exchange 2000 system protected by Novell iChain 2.1. We've run into an authentication issue with Microsoft's autentication scheme (NTLM) and Netscape Navigator.

Here's how we went about it:
The problem, as it were, involved our Outlook Web Access (0WA) service repeatedly asking users (mostly Netscape Navigator users) for their username and password -- even after they had authenticated -- or so they thought.

To tame the beast, we had to disable Integrated Windows authentication and anoynymous authentication from the web server. This was because, by default, the OWA site (IIS) requests NTLM authentication that is only supported by Internet Explorer.

You have to disable this Integrated authentication on the Exchange virtual folder in the IIS Management console and under Exchange 2000 System Manager console in the HTTP -> virtual directory properties. Another thing that you have to do is enable basic authentication and declare your default domain for this authentication.

The test:
One simple example is if you try to protect an OWA server behind an iChain 2.1 proxy server, your Netscape Navigator users are likely to recieve more authentication popups than they care to deal with.

If you have questions for Alejandro regarding his tip, you may contact him at aflores@citi.com.mx

Reader Comments

• Cool tip...solved my problem....
• Nice cool tip solve my problem :)
• Esta cabraun

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com