OWA and multiple SMTP domains
If you configure your Exchange 2000 server to receive mail for an additional SMTP domain, you may notice that users with this additional domain as their SMTP address may not be able to access Outlook Web Access. You need to make some configuration changes for this to work.
Let's assume you install your Exchange 2000 server such that all users have an SMTP address in the format of email@example.com, but later require some users to have the firstname.lastname@example.org address.
By default, the /exchange virtual directory will point to the abc.com domain. Users with the def.com domain will not be able to access OWA using the /exchange virtual directory.
To resolve this issue, you need to create a new HTTP virtual directory, and point this to the def.com recipient policy that you will have created in Exchange System Manager. Here's how to do this:
1. Run Exchange System Manager, and navigate to your Server / Protocols / HTTP / Exchange Virtual Server.
2. Right-click Exchange Virtual Server, and choose New / Virtual Directory.
3. Give this new virtual directory a meaningful name, and ensure that the 'Mailboxes for' radio button is selected.
4. Click the Modify button, and choose the def.com domain.
5. Click the Access tab, and set the authentication options as required.
6. Close the property windows by clicking OK, and you will now see the new virtual directory in Exchange System Manager. It is now important to wait a short while, to allow the DS2MB process to create the virtual directory in the IIS metabase.
You can then use a URL of https://servername/def to access OWA for users with a email@example.com SMTP address, whereas a URL of https://servername/exchange is used for users with a firstname.lastname@example.org SMTP address.
I ran into this problem when switching over from Mercury mail server to Exchange 2003 and discovered a "solution", at least for small scale deployments (like my home network :)).
I have 3 internet domains that my exchange server provides mail services for.
To take care of the email addresses, I set up 3 databases in my storage group, and set up corresponding recipient policies to set the email addresses automatically based on what database the mailbox is in.
After setting this up, I realized that users whose email addresses were not the same as my actualy windows domain couldn't log in to OWA (as mentioned in the original topic).
After fiddling with it for a bit, I discovered that if I temporarily set the accounts to have an address @my windows domain, and logged in to OWA as that user once, and then changed the address back to what it was before, it would work after that.
I just figured this out about 45 minutes ago, so it hasn't undergone extensive testing, but it seems to work fine thus far :) Probably not useful if you have lots of users, but it (seems to have) saved me from having to set up multiple virtual directories, which I didn't really want to have to do.
Posted by: Matt at Dec 31, 2003 1:17:09 PM
I would like to do that on a Exchange Server 2003 in the style:
for multiple domains.
I actually manage 2 domains, but the idea is to add some more in the near future. Any clue will be appreciated.
Posted by: Erick Daniel Tinajero Garcia at Jan 7, 2004 7:14:54 AM
This information has really helped us in resolving this problem. Thank you very much in posting this valuable information to help.
Posted by: Kumaran at Feb 10, 2004 5:58:05 AM
How about configuring Outlook for these domains?
I have 2 domains (email@example.com and firstname.lastname@example.org) and I can recieve email on eitehr to my mailbox.
What I REALLY need is to be able to setup Outlook so that users recieve email from both, when they reply it automatically sends from the address that the message was sent to AND (with a new message) be able to select the "From" address from a drop down box.
Posted by: Steve at Mar 3, 2004 3:54:51 PM
Steve, see this other blog post:
Posted by: Neil Hobson at Mar 4, 2004 12:12:00 AM
EXCELLENT!!! Took me 2 days to find this fix. Why doesn't MS have this info!
Posted by: Chris at May 24, 2004 11:06:47 AM
Ok looks good, now is OMA set up in the same fashion?
Posted by: Frank at Jun 30, 2004 10:32:20 PM
I am very happy to find this BLOG. I love the openness of the IT information sharing and the power of the old google.com. I am going to attempt this implementation later today but am wondering if anyone knows of a way to map the actual incomming domain (i.e. www.123.com and www.abc.com) to their corresponding folders (i.e. www.123.com/exchange and www.123.com/abc)?
Posted by: Jeremy at Jul 6, 2004 7:44:45 AM
I'm using "forms authentication" and have configured IIS to use a default domain so users only need to proivde username and password. All of our Exchange users are members of the same AD domain, but we are now adding a new group with a different smtp domain for their e-mail. The users have a logon name of email@example.com, but an e-mail of firstname.lastname@example.org. Would I expect to encounter this same issue? Again, their user account are in the same domain that IIS is authenticating them to, but I cannot get the users logged into OWA. Desktop access to the domain and an Outlook client work fine, but still a problem via the web. Ideas?
Posted by: Erik Miller at Aug 23, 2004 1:43:37 PM
Thanks this page helped me a lot! Can anyone recommend some information on keeping the addressbooks seperate?
Posted by: James Marcus at Oct 7, 2004 3:18:20 PM
I got the https://mail.domain.com/ trick to work. All you do is create a new HTTP virtual SERVER instead of virtual directory. You can edit the host information to tell it any hostname to use, and you can specify which domain to use. It works quite nice. :)
Posted by: Joel M. Bryant at Feb 14, 2005 10:01:22 PM
This does not work. If you do this it creates a virtual directory in IIS but that points to M:\Domainname.com\MBX which does not exist.
We can only have one Domain under the M Drive and that is the default domain.
Each time I try to connect it just says Page Cannot Be Found.
Posted by: Julian at Mar 9, 2005 6:22:53 AM
I have setup multiple domains and its working great with OWA and Outlook. However my domain.com\company2 virtual directory does not use Form based authentication even though its checked at the exchange virtual server. The default domain domain.com\exchange does give the forms page and I can login there with either company. Any ideas how I can make forms work for each virtual directory I create?
Posted by: Bob at Mar 17, 2005 7:51:43 AM
We have been unable to get user access to OWA it always prompts for their name and poassword, but never authenticates.
i/e.: then user name gpoe, password none...
We do not get the domain auuthentication.
Posted by: Gerald Poe at Mar 18, 2005 8:32:38 AM
This fix allowed me to read my email!
At a customer site where I am located, they block many websites including hotmail and url's which contain "exchange". I guess they are afraid that people mail confidential information with webbased email so that it can't be monitored. As a result, I was not able to read my webbased email. This fix allowed me to swap the "exchange" virtual directory for another virtual directory.
Posted by: Jan-Kees at Mar 24, 2005 5:16:29 AM
This information solve my problem. But, if you have Front End and Back End servers, you must create virtual directory in both servers.
Posted by: Marcelo Maffra at Apr 28, 2005 7:10:09 AM
best way I found to fix the issue was to add the smtp domain to the default recp. policy.
Simply open the default recp. policy (or which ever one you use as your default)
make sure the box is checked
I also set the new domainname as the default. I have 4 other domain names that are listed there and am able to receive email from all without any issues.
By adding the domainname to the policy, you do not need to create a new virtual dir. On the other hand, if you need to seperate the domains so they each have a unique address, then virtual dirs. are the way to go.
If you just changed your company name, then just do as I have and it will (hopefully) work for you.
Hope this helps
Posted by: ross at May 5, 2005 10:24:57 AM
I have a problem that I think may be related to all this. Please help if you can. We have Windows 2003 server and Exchange and our windows domain is say "company.com" Our email was "@grupocompany.com" and this worked fine before i.e. email would go out with no problem. Someone here tried to change the email to "@companymediagroup.com" and now the mail will not go out at all. I have been tasked to pick up the pieces :-( I see no real reason why the mail shouldn't go out via SMTP. DNS seems to work and really the only thing that was done was that the "@grupocompany.com" was substituted for "@companymediagroup.com" in all the various places e.g. Active directory users and Exchange SMTP and connector. Any ideas how to troubleshoot this would be much appreciated. The only error message I have seen so far is "#5.5.0 smtp;550 No such user here>" It seems as if the server does not know that the email is destined for an external domain. Any help or pointers would be appreciated.
Posted by: Phil at May 22, 2005 1:33:09 PM
I had the same problem at a customer site. One front-end server, four back-end servers in different countries, with different recipient policies (different primary smtp addresses). I added a unique secondary smtp e-mail address suffix to all recipient policies (e.g. allusers.com). Then, via ADSIEDIT, I changed the attribute msExchDefaultDomain located under CN=Exchange,CN=1,CN=HTTP,CN=Protocols,CN=ServerName,CN=Servers,CN=AdminGroup,CN=Administrative Groups,CN=ExOrg,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=mydom,DC=int on each server (including the back-end server). Now everything works fine. One last point, if you are using Active-sync, you may also have to update the registry key HKLM/System/CurrentControlSet/Services/MasSync/Parameters/SMTPProxy to the new e-mail suffix. HTH.
Posted by: Alginald at Sep 28, 2005 1:23:45 AM
My company just acquired a new domain name. We used to have companycorp.com now we have company.com. We have modified our DNS with the registar, and now our website point to www.company.com instead of companycorp.com. (note that we still have the old domain active for forwarding purpose) however our owa does not seem to resolve the new domain. When users go to mail.company.com/exchange. They are prompted with credential, and then loggin as they would normally, however the url does not change, although they were able to hit company.com because of DNS mapping, the owa url bounces back to the old domain name. How can I chang that?
Posted by: IT Developer at Oct 13, 2005 7:16:53 PM
My company just acquired a new domain name. We used to have companycorp.com now we have company.com. We have modified our DNS with the registar, and now our website point to www.company.com instead of companycorp.com. (note that we still have the old domain active for forwarding purpose) however our owa does not seem to resolve the new domain. When users go to mail.company.com/exchange. They are prompted with credential, and then loggin as they would normally, however the url does not change, although they were able to hit company.com because of DNS mapping, the owa url bounces back to the old domain name. How can I change that?
Posted by: IT Developer at Oct 13, 2005 7:17:29 PM
Here is my question:
I have multiple SMTP domains that I would like to have set up with each having a different forms-based logon screen. I want to set up each domain to have their logo present or to each have a custom designed login screen. Currently, they all go to one default. Would multiple exchange virtual servers have to be created with each housing its own owaauth.dll file?
Posted by: Tracom at Oct 18, 2005 1:19:37 PM
With outlook web access i don't write mail to another domain, exchange server 5.5 block the mail sending (relaying denied).
(If i write with outlook express to same recipient, it's ok)...why ?
Posted by: eric simonin at Oct 22, 2005 9:45:54 AM
Anyone know where the OWA properties live on Exchange 03?
Posted by: mnelson at Oct 28, 2005 1:57:29 PM
We have just upgraded out Window NT domain,Philly to 2003. We have another domain,Fla, still running NT. A two wat trust is established and working.
We only have one Exchange 5.5 site running in the Philly domain.
The Exchange server is a BDC still running on NT. Plans to migrate later.
Once we upgraded to AD, users could not use OWA, so I added all users the right to log on locally. This coorected the problem for users in the Philly domain, but users in the Fla domain still can not access email via OWA.
I also added the domain user group from the Fla domain to the Domain users group in Philly, bit they still can't access email via owa.
Everything works fine from their desktops at work.
Any help in this matter would be greatly appreciated
Posted by: mike at Nov 9, 2005 10:48:07 AM