Tuesday, May 29, 2018

Logging into SecurEnvoy 2fa enabled Exchange 2013/2016 OWA portal loops back to the login page


You’ve completed configuring your Exchange 2013/2016 OWA (Outlook Web App) for 2-factor authentication with SecurEnvoy and proceed to test the login portal:


You’re proceed to enter the 2nd factor passcode:


The authentication is successful with the following message displayed:

Authentication OK

Logging on to Exchange Please Wait …..


… but the screen refreshes and you are passed back to the login screen:



One of the reasons why this behavior would be exhibited is if you do not have a default domain configured and you’re logging in with only the user name and not domain\username. To test, try logging in with domain\username and if you are successful then you have the following 2 choices:

Option #1 – Configure a default domain within the SecurEnvoy configuration

Navigate to the Exchange server’s C:\windows directory and open the file seiis.ini:


Locate the DefaultDomain= line and add the domain name:


Option #2 – Configure a default domain within Exchange admin center

Navigate to servers > virtual directories, select the server hosting the OWA website, open the properties of the owa (Default Web Site), click on authentication, change the default Domain\user name option to User name only and select a default domain:



Alternatively, you could also use the following PowerShell cmdlets to review the OWA authentication configuration:

Get-OwaVirtualDirectory -Server tmrukexowa01 | FL LogonFormat,DefaultDomain

The following can configure the OWA authentication:


The above should correct the issue and allow you to log into OWA successfully.

No comments: