Friday, September 17, 2010

New OWA Users Can't Sign In. WHY?!?!?!?!?!?!?!

Ok so this one isn't really web development related but I'm putting it in here anyway. It's not like they're charging me by the blog post, right?


Er.. yeah so anyway here's another example of a time when you just want a simple answer to a simple problem and Googling for it is like asking for a repair manual for a car when all you need is to know where the oil dipstick is.

Here's the scenario. You're the friendly, happy sysadmin for your company running an Exchange 2003 E-mail server. You've been asked to create a new user account for some lucky new employee who will be accessing his mail using OWA. You create the account, set the password, open up your web browser to test and here's what happens:

You enter the credentials when prompted but it shrugs that off and asks again. You check to make sure you didn't fat finger anything and enter the credentials again. It shrugs that off too so you try one more time and all you get is an empty web page that says "Error: Access is Denied."

So you close the browser and re-open it and try again. Same thing.

So you go back into Exchange and reset the password to cover that base and you try logging in again. Same thing.

What's the problem?

Well you Google that and you'll get a laundry list of protocols, permissions, settings and inheritance to check over. Well that's great but what if everybody else's account is working and this new guy's isn't? Isn't there something simple you can check?

Yes there is.

Open up the properties for that user and click the "Account" tab. Look under "Account Options." See all the checkboxes? See the one on top? "User must change password at next logon" is checked, isn't it?

Yeah. Thought so. Uncheck it.

See, depending on how your protocols are set up, your server may be unable to prompt a user through the browser to change his or her password when they're trying to authenticate. If your user absolutely must login for the first time using OWA, they're going to have to change that password manually once they're logged in.

No comments:

Post a Comment