+ Post New Thread
Results 1 to 9 of 9
Enterprise Software Thread, Exchange 2007 - LDAP automatic login for students...? Is it possible? in Technical; Hi, Currently our students access their mail via webmail... When in school they login to the PC, click a link ...
  1. #1

    Join Date
    Aug 2007
    Posts
    811
    Thank Post
    98
    Thanked 64 Times in 46 Posts
    Rep Power
    25

    Exchange 2007 - LDAP automatic login for students...? Is it possible?

    Hi,

    Currently our students access their mail via webmail...
    When in school they login to the PC, click a link and then have to login once again to webmail.

    Is there a way to setup webmail to AUTOMATICALLY log them in when in school without the need for them to repeat their user/pass?
    When they login from home could the login be displayed?

    Many thanks
    Last edited by burgemaster; 18th January 2011 at 11:21 AM.

  2. #2

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,644
    Thank Post
    858
    Thanked 645 Times in 428 Posts
    Rep Power
    498
    It is indeed
    Think you need tio change OWA in the EMC to use Integrated Security..

    I've got 2010 which may be slightly different..

  3. #3

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,786
    Thank Post
    272
    Thanked 1,130 Times in 1,026 Posts
    Rep Power
    348
    Quote Originally Posted by Gatt View Post
    It is indeed
    Think you need tio change OWA in the EMC to use Integrated Security..

    I've got 2010 which may be slightly different..
    Not tried this - but we have intergrated security with Eclipse for our Libary software and for it to be available externally we have two different websites running (on port 80 and 81) - one with intergrated security and the other without - just something to bear in mind.

  4. #4

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,644
    Thank Post
    858
    Thanked 645 Times in 428 Posts
    Rep Power
    498
    Had a look at Exchange 2010 and I'm setup like this:

    Under "Server Config" -> "Client Access" -> "Outlook Web App" / "Outlook Web Access" Tab -> "Authentication" Tab..
    I have "use one or more standard authentication methods:" selected with
    "Integrated Windows Authentication" and "Basic Authentication (Password is sent in clear text)"

    This allows automatic login when the user access OWA from a Domain PC, and outside are prompted for their Domain username and password (Once you suss out how to get ISA/TMG to deal with it!

  5. #5

    Join Date
    Aug 2007
    Posts
    811
    Thank Post
    98
    Thanked 64 Times in 46 Posts
    Rep Power
    25
    Thanks for the ideas.
    I did originally follow a guide and as you suggested turn on "Integrated Windows Auth", but with this turned on nothing works at all !! "Service Unavailable"
    (See attachments)
    Thanks
    Attached Images Attached Images

  6. #6

    Theblacksheep's Avatar
    Join Date
    Feb 2008
    Location
    In a house.
    Posts
    1,917
    Thank Post
    130
    Thanked 287 Times in 208 Posts
    Rep Power
    193
    Heres what i did in 2010, very roughly....

    Create a new webpage (owa2) running on a different port (9443), turn on integrated authentication only.

    Create an ecp2 webpage for options, integrationed auth too.

  7. Thanks to Theblacksheep from:

    burgemaster (19th January 2011)

  8. #7

    Join Date
    Aug 2007
    Posts
    811
    Thank Post
    98
    Thanked 64 Times in 46 Posts
    Rep Power
    25
    Right, thanks for the pointers.....

    I am so close now!!!! I have created a new website running on port81 and used the "New-OwaVirtualDirectory" to create myself a new OWA..
    I have set this new owa2 to use "Integrated Windows Auth", it so nearly works, it manages to log in but i am now getting the webpage in text ???? (see pic)
    Can anyone please help point me to the finish line?

  9. #8
    chrisbrown's Avatar
    Join Date
    Aug 2010
    Location
    Melbourne, Australia
    Posts
    103
    Thank Post
    2
    Thanked 16 Times in 14 Posts
    Rep Power
    16
    You need to enable Basic Authentication as well so they get the popup box...

  10. #9

    Join Date
    Aug 2007
    Posts
    811
    Thank Post
    98
    Thanked 64 Times in 46 Posts
    Rep Power
    25
    Right All sorted,
    Here`s a walkthrough as I couldn't find out how to do it from anywhere else. TheBlackSheep / Glenda pointed me in the right direction!

    Aim: Students at school get automatically logged in, out of school get the Form Based OWA login screen:

    1) As you can only have one OWA in the default website, you need to create a new website (I named it OWA2) in IIS
    2) Next you need to create a second OWA using the Exchange Management Console, this OWA website must be created in the OWA2 website NOT the default website.
    3) to do this I used command: New-OWAVirtualDirectory -Name "owa2 (owa2)" -Websitename "owa2"
    4) Now in IIS setup the external OWA (in default) to use SSL port 443 and change the http port to 1 (could be anything as won't be used)
    5) In IIS under OWA2, change the port to 80 and clear the SSL port.
    6) In Exchange Management Console, under Client Access, you should see both instances of OWA. You need to set the external SSL owa located in the default website to login using the FORMs method. So set the Authentication to "Use Forms-Based Auth", select "User name only" and choose your domain.
    7) Set OWA2 auth to "Use one or more standard auth methods" and select "Integrated Windows Auth"
    8) Next in IIS, you need to set the permissions for both sites. The external OWA will need "anon access" ticked for the OWA virtual directory security. The OWA2 site under the owa virtual directory will need anon unticked and have "Windows Auth" ticked.
    9) stop the World Wide Web Pub service (takes ages, iisreset seems to fail) then start it again.

    In School now student can go to: "http://mail/owa" and get automatically logged in without having to enter credentials. At home they can go to "https://webmail.schoolname.sch.uk" and get the form based login screen (customisable) where they must login with their credentials.

    Good Luck.
    Last edited by burgemaster; 25th January 2011 at 04:51 PM.

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 6
    Last Post: 16th November 2012, 08:26 AM
  2. Exchange 2007 - Staff and Students on the GAL
    By FragglePete in forum How do you do....it?
    Replies: 3
    Last Post: 10th July 2009, 08:34 AM
  3. Exchange 2007, the GAL and students
    By Divaldo in forum How do you do....it?
    Replies: 3
    Last Post: 10th June 2009, 02:28 PM
  4. Rolling out Exchange 2007 to all students
    By steele_uk in forum Windows
    Replies: 4
    Last Post: 5th June 2008, 11:31 AM
  5. Replies: 0
    Last Post: 24th January 2008, 02:58 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •