Results 1 to 9 of 9

Thread: ISA Atuthentication...

  1. #1
    Senior Member
    Join Date
    Jul 2004
    Posts
    177

    ISA Atuthentication...

    Hi, i hope that this will not be cosiderated O/T...

    I have several clients using Outlook Express 6 with HTTPMail protocol (they access to the mail using outlook express through port 80). We've implemented here an ISA proxy with authentication. The thing is that Outlook Express doesn't know authenticate to an ISA Server (i still can't understand how MS guys didn't think about that...)

    I found this link but it doesn't apply to our trouble because we have the ISA Proxy in "cache mode" and we can't use Security client.

    So, the question is, some of you guys have the same problem? And, of course, do you have some solution?
    The only I found is create a tunnel with this . It's very interesting and it works, but i'm looking for a solution that not requires installation in the client side.

    Thank you in advance!

  2. #2
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    i still can't understand how MS guys didn't think about that
    Probably because outlook express was incorperated into windows os for home use. Microsoft, imho, want you to use Outlook from MS Office.
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  3. #3
    Senior Member
    Join Date
    Jul 2004
    Posts
    177
    I know that Microsoft wants that we buy as much products as possible but i think that will be the same with Office Outlook... I didn't test it but it doesn't have proxy authentication options neither... The feature that I think is not intended for bussiness use is HTTPMail indeed.

    Ah! and fell free to correct me, i know that my english isn't very good and i'll appreciate if you tell me the things i wrote wrong!

    One last thing, what is imho?

  4. #4
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    I found the following that relates to Hotmail (http mail) it may or maynot be what you are looking for, but it should be of some help to you:

    This article was previously published under Q287921
    SYMPTOMS
    When you try to configure Microsoft Outlook Express to retrieve e-mail messages from Microsoft MSN Hotmail through Internet Security and Acceleration (ISA) Server, you may receive one of the following error messages:
    The server could not be found.

    -or-

    Unable to poll for new messages on your HTTP server. Account 'Hotmail', Server 'http://services.msn.com/svcs/hotmail/httpmail.asp', Protocol HTTPMail Server Response: 'Proxy Authentication Required' (The ISA Server requires authorization to fullfill the request. Access to the Web Proxy services is denied.)', Port 0, Secure(SSL): No, Error Number: 0x800CCC37

    -or-

    Unable to poll for new messages on your HTTP server. Account 'Hotmail', Server 'http://services.msn.com/svcs/hotmail/httpmail.asp', Protocol HTTPMail Server Response: 'Forbidden ( The ISA Server denies the specified Uniform Resource Locator (URL). )', Port 0, Secure(SSL): No, Error Number: 0x800CCC33
    CAUSE
    This issue occurs because Outlook Express might not be able to pass authentication credentials back to ISA Server if ISA Server is configured to allow access only to specific users.
    WORKAROUND
    To work around this issue, use one of the following methods.
    Method 1

    1. On the client computer, configure Microsoft Internet Explorer so that the necessary sites are exceptions to the proxy settings:
    1. In Internet Explorer, click Internet Options on the Tools menu, and then click the Connections tab.
    2. Click LAN Settings, and then click Advanced to display the Proxy Settings dialog box.
    3. Under Exception, type the names or addresses of the necessary sites, separated by a semicolon (for example, *.hotmail.com;*.msn.com).
    2. On the client computer, install and enable the ISA Server firewall client by using one of the following procedures:
    * If you are using Microsoft Small Business Server 2000, use the Setup Computer Wizard from the Small Business Server Administrator console to add the firewall client to the client computer, and then have the user log off from and back on to the client computer.
    * Install the firewall client from the following ISA Server shared drive:

    \\Server_name\Mspclnt\Setup.exe
    3. On the computer that is running ISA Server, configure the HTTP redirector filter to send to the requested Web server:
    1. Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Management.
    2. Click the plus sign that is next to Extensions.
    3. Click the Application Filters folder.
    4. Double-click HTTP Redirector Filter.
    5. Click the Options tab, and then click Send to requested Web server.

    Method 2

    1. On the client computer, configure Internet Explorer so that it does not use a proxy server:
    1. In Internet Explorer, click Internet Options on the Tools menu, and then click the Connections tab.
    2. Click LAN Settings, and then click to clear the Use a proxy server check box.
    2. On the client computer, install and enable the ISA Server firewall client by using one of the following procedures:
    * If you are using Small Business Server 2000, use the Setup Computer Wizard from the Small Business Server Administrator console to add the firewall client to the client computer, and then have the user log off from and back on to the client computer.
    * Install the firewall client from the following ISA Server shared drive:

    \\Server_name\Mspclnt\Setup.exe
    3. On the computer that is running ISA Server, configure the HTTP redirector filter to send to the requested Web server:
    1. Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Management
    2. Click the plus sign that is next to Extensions.
    3. Click the Application Filters folder.
    4. Double-click HTTP Redirector Filter
    5. Click the Options tab, and then click Send to requested Web server.

    Method 3

    1. On the client computer, configure Internet Explorer so that it does not use a proxy server:
    1. In Internet Explorer, click Internet Options on the Tools menu, and then click the Connections tab.
    2. Click LAN Settings, and then click to clear the Use a proxy server check box.
    2. On the computer that is running ISA Server, configure protocol rules and site and content rules to apply to any request:
    1. Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Management.
    2. Click the plus sign that is next to Access Policy.
    3. Click the appropriate folder: either Site and Content Rules or Protocol Rules.
    4. Double-click the appropriate policy.
    5. Click the Applies to tab, and then click Any Request.


    Here is the link:http://support.microsoft.com/default...b;en-us;287921
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  5. #5
    imho = in my humble oppinion

  6. #6
    Senior Member
    Join Date
    Jul 2004
    Posts
    177
    Hey jinxy, thank you very much but if you look at my first post when I say "I found this link", link is underlined and is a link to this document. The bad news are that it doesn't apply to this case because ISA Server is in "cache mode" and the security client doesn't work in that mode.

    And the Method 4 (which isn't in your post but in the original document) doesn't worls neither because the users I have are more long that the compatibility windows mode allow...

    Anyway, thank you very much again............ and again, what's imho?

  7. #7
    Senior Member
    Join Date
    Jul 2004
    Posts
    177
    Ooops, we are crossing our posts... ok for imho!

  8. #8
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Method 4: Forward All Requests to the Internet
    You can configure the HTTP Redirector Filter to forward all requests directly to the Internet instead of passing them to the Web Proxy. This configuration causes these requests to not utilize the performance gains that are provided by the Web Proxy Cache. To do this:
    In ISA Management, navigate to Servers and Arrays, Server_name, Extensions
    Click to expand Extensions, and then click the Application Filters folder.
    Click Http Redirector Filter, and then click Properties.
    On the Options tab, click to select the option that you want. For example, if you click Send to requested Web server, this bypasses the Web proxy on your ISA server, which skips the authentication checking.
    http://support.microsoft.com/default...7&Product=ISAS
    This any good:
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  9. #9
    Senior Member
    Join Date
    Jul 2004
    Posts
    177
    I don't have HTTP Redirector Filter since my ISA server isn't in firewall mode...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •