OWA and ISA
Results 1 to 10 of 10

Thread: OWA and ISA

  1. #1
    Senior Member
    Join Date
    Jul 2004
    Posts
    177

    OWA and ISA

    Hi, I readed that I must have a native w2k active directory in order to publish and Exchange 2003 OWA using ISA2004 RADIUS authenticated.

    I have a 2003 Active directory that is migrated from a 2000 one which was migrated from NT 4.0 one, so I guess I don't have a w2k native directory...

    My question is, how I could have a native w2k active directory? Is a complex process? Is there a risk of data loss????

    Thank you.

    [edit]
    I found this but still I don't know what the implications are...
    [/edit]

  2. #2
    Senior Member
    Join Date
    Apr 2004
    Posts
    157
    Hi DerekK!

    If I understand it right, you are just fine usin Win2003. But you have to set your AD in Native Mode, compared to Mixed Mode. You set this by going to 'Active Directory Users and Computers', right click on your domain and select 'Raise Domain Functional Level...'.
    I guess Exchange 2003 requires at least Win2000 Native Mode, but anything higher will do as well...

    It's very simple to switch over to this mode, and the risks aren't that bad. Just takes a click! As long as you don't have a bunch of old machines, still left running NT4... as BDC's ... ?

    Hope that helps?

  3. #3
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,252
    Uh Sawper...

    It's very simple to switch over to this mode, and the risks aren't that bad. Just takes a click! As long as you don't have a bunch of old machines, still left running NT4... as BDC's ... ?

    I don't think so. It's very simple to switch to this mode, making it work is a whole other story.

    DerekK You need to do a lot of research on mixed and native mode. Start at TechNet

  4. #4
    Senior Member
    Join Date
    Jul 2004
    Posts
    177
    Hi SawPer, thank you for your reply!

    Actually I've a Windows 2003 domain (only windows 2003 Dc's) with one Exchange 2000 and one Exchange 2003 with member servers 2k and 2k3 and w2k prof/xp prof clients (it's possible still remains some windows98), so Exchange 2003 works in mixed mode Do you think I can just change it??!!

    The things that just take a click are the ones which scare me!!!!!

  5. #5
    Senior Member
    Join Date
    Jul 2004
    Posts
    177
    Hi dinowuff, thkyou too... I don't have any BDC or NT4... just some windows98 that are not actual using domain infraestrcture except some IMAP4 email accounts in the exchange....

    Do you think I should be worried about this change??

  6. #6
    Senior Member
    Join Date
    Apr 2004
    Posts
    157
    DerekK,

    The main difference is that no older Domain Controllers will be able to work in your Domain.
    If your older workstations with 98 on them, are not domain members, you can either download a utility to make them part of the Domain, or just leave them like they are, if your are using IMAP to check on email you can do that from anywhere anyway...even from home if it's available through your firewall.

    All the Win2000/XP workstations will be fine, and so will all the Win2000/2003 member servers, it only affects the Domain Controllers, not the member servers.

    You do get a whole bunch of new features though, you can see more of those if you hit 'Raise Domain Functional Level...' and on next screen hit the 'Help' button...

  7. #7
    Senior Member
    Join Date
    Jul 2004
    Posts
    177
    I'm almost conviced to do it.... My two DC are windows 2003 so it should'nt be a problem.... If I finally do it, I'll keep you up to date! (btw, you know what I mean with "up to date" but is that the correct english expression?)

    [edit]
    I finally did it!! An all seems to be ok.... Thank you!
    [/edit]

  8. #8
    Senior Member
    Join Date
    Apr 2004
    Posts
    157
    Cool! Congratulations!

    Yepp, "I'll keep you up to date" is the correct expression.

    Hope everything goes well with Exchange and OWA!
    By the way, have you looked in to RPC over HTTPS?! (using Outlook remotely) That is pretty cool too!

  9. #9
    Senior Member
    Join Date
    Jul 2004
    Posts
    177
    Finally I did it! I have publicated through a ISA2004 two web servers (one of them OWA 2003).

    This isa server has a public address, is in a DMZ, is not memeber of the domain but authenticates domain users using RADIUS... great!

    Now the point is... I use basic auth delegation to authenticate in ISA (which uses RADIUS afterwards to do the domain authentication)... Is there a way to use a custom form to send the authentication to the ISA server? I mean, the only thing you have to do is build the base64 string and send it to somewhere, right?

    Thank you again

  10. #10
    Senior Member
    Join Date
    Apr 2004
    Posts
    157
    I don't use ISA currently myself, so I'm not sure how it works.
    But I did mess with it once, and I got my questions answeres at http://www.isaserver.org
    Thomas Shinder, who is responsible for the site, is usually very good and fast in answering questions in his Message Boards.
    He has a bunch of good articles and tutorials as well, which may cover your question.

    Just in case nobody here knows the answer.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •