Error message in Microsoft Operations Manager (MOM) 2005: "OWA logon failed"

When you view the Events log in the Operator Console of Microsoft Operations Manager (MOM) 2005, you see that errors are logged. The text that is included in the Description field of the error messages may differ depending on the following circumstances:

• When you implement forms-based authentication as the authentication method for Outlook Web Access, the following error is logged:
  Description: OWA Logon failed. URL: https://localhost/Exchange/Server_Name
  
  Descripton: Authentication failed. The logon request was redirected back to the logon page. This may indicate the credential for Mailbox Access Account is incorrect. Run the Exchange Management Pack Configuration Utility again to verify.
  Other Details: undefined
• When the authentication method for Outlook Web Access is not forms-based, the following error is logged:
  Description: OWA Logon failed. URL: https://localhost/Exchange/Server_Name
  HTTP Code: 40
  
  Descripton: System.Net.WebException: The remote server returned an error: (401) Unauthorized. at System.Net.HttpWebRequest.CheckFinalStatus() at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult) at System.Net.HttpWebRequest.GetResponse() at Microsoft.Exchange.ManagementPack.ManagementPackOwa.OwaAvailability.GetPage(String url, NetworkCredential credential, CookieCollection cookies, HttpStatusCode& httpStatus, WebExceptionStatus& webexStatus)

This issue occurs even though you have configured the mailbox access account as required, and even though you can log on manually to the mailbox access account.

The errors are logged when the synthetic Outlook Web Access logon script cannot log on to the specified mailbox. This issue occurs when the password for the mailbox access account includes Unicode characters.

To resolve this issue, follow these steps.

1. Reset the password for the mailbox access account

To reset the password for the mailbox access account, use the Active Directory Computers and Users snap-in in Microsoft Exchange Server. Make sure that you do not include Unicode characters in the password.

If the mailbox access account was created automatically by using the Exchange Management Pack Configuration Wizard, the mailbox access account will have an account name that is similar to the following name:For example, if the name of the server that is running Exchange Server is Exchange1, the mailbox account will have the name Exchange1MOM.

2. Run the Exchange Management Pack Configuration Wizard

After you reset the password, run the Exchange Management Pack Configuration Wizard to reset the credentials of the mailbox access account in the registry.

To run the Exchange Management Pack Configuration Wizard, follow these steps on the Exchange server that has the Exchange Management Pack installed:

1. Click Start, point to Programs, point to Exchange Management Pack, and then click Exchange Management Pack Configuration Wizard.
2. Click Next.
3. On the Administrative Group page, click the name of the appropriate administrative group, and then click Next.
4. On the Select Servers page, click to select the check boxes that are adjacent to the servers that you want to include, and then click Next.
5. Under Configuration type, click to select either Default or Custom, and then click Next.
6. On the Mail Flow page, click to select the Sending servers and Receiving servers as required, and then click Next.
7. In the Account (domain name\user name) box, type the account name of the mailbox access account.
8. In the Password and the Confirm password boxes, type the new password that you have configured, and then click Next.
9. Click Save, and then type an appropriate file name in which to save the configuration file.
10. Click Next, and then click Finish.

A Microsoft white paper that is titled "Enforcing Strong Password Usage Throughout Your Organization" can be found on the Microsoft TechNet Web site. This white paper describes how to include Unicode characters as a way to enforce strong passwords. However, MOM 2005 does not support the use of Unicode characters in passwords that are used for the mailbox access account. You can use the other measures that are described in the white paper to make sure that you configure a strong password.

For more information about the white paper, click the following link to view the document on the Microsoft TechNet Web site:For more information about Unicode characters, click the following link to view the document on the Microsoft MSDN Web site: