401 Unauthorized in OWA 2013 when login through AD FS

Asked Mar 07 '19 at 07:06

Active Mar 07 '19 at 07:06

Viewed 634 times

I have an Exchange 2013 server setup to Single Sign-On through an AD FS setup. The whole workflow goes fine with the redirection to AD FS and after AD FS, a WS-Federation response is sent to OWA. However, I get an HTTP Error 401 Unauthorized when the response is posted to OWA. What can be the cause of this error?

I tried adding the signing certificates to the trusted stores and intermediate stores but they did not help. The link to the response being posted to OWA is below.

https://pastebin.com/6gXmrCNZ

Anything incorrect in the response or something I can do to solve this?

asked Mar 07 '19 at 07:06

Gaurav Sood

Did this work before? In ADFS Management Console update the Federation metadata URLs and do an IIS reset on Exchange server. Next, restart the ADFS service. – Jayce Mar 08 '19 at 02:51
No. I am setting it up afresh. Restarted IIS and AD FS. – Gaurav Sood Mar 08 '19 at 04:16
It may need to use network trace to check the request, and also need AD engineers’ help. – Jayce Mar 11 '19 at 06:52
I can do a Fiddler trace of that. Any specific thing that I need to look at? – Gaurav Sood Mar 11 '19 at 08:42
The whole connection.Did you deploy hybrid? – Jayce Mar 13 '19 at 06:12

401 Unauthorized in OWA 2013 when login through AD FS

0 Answers0