Exchange OWA Single Sign On

Had my 2 hours locked on this one issue and wanted to note it down for future / others reference. Back at work we are currently planning to roll out Exchange 2010 and part of the migration includes branding of the web login page of the Exchange (OWA).

Started off with replicating all the form fields set as hidden input types and did a post to /owa/auth/owaauth.dll. This worked fine for logging users who had mailboxes in Exchange 2010, but when a user whose mailbox were still residing on the legacy (Exchange 2007) system tried logging in it simply redirected the user to legacy OWA’s login screen.  It is worth to note that the original logon screen which came with OWA had no such issues and were seamlessly allowing users of both mailbox types to login without any issue.

After troubleshooting it for over an hour, fiddler helped me in identifying the issue. The post done by the original logon page had a cookie PBack=0 whereas my custom logon did not. Setting this cookie to be served up by the login page solved the issue and my day was saved.

comments powered by Disqus