Pages

Saturday, March 16, 2019

Part 2: Logging into SecurEnvoy 2fa enabled Exchange 2016 OWA portal loops back to the login page

As a follow up to my previous post:

Logging into SecurEnvoy 2fa enabled Exchange 2013/2016 OWA portal loops back to the login page
http://terenceluk.blogspot.com/2018/05/logging-into-securenvoy-2fa-enabled.html

I eventually had to upgrade the environment with the latest SecurEnvoy server 9.3.502:

… but quickly noticed that IE and Edge browser allowed me to successfully log into Outlook Web App but Chrome would loop back to the login page:

After not having any luck with the configuration I included in my previous blog post, I opened up a ticket with SecurEnvoy to troubleshoot and the engineer asked that I turn on the debug (Trace) mode to collect logs of the login process:

The logs were generated in the directory: C:\DEBUG

… which I sent over so he could analyze the entries and the response I received was:

Thanks for sending over the trace files.  I notice that the redirect to your OWA site performed after 2FA has been achieved contains favicon.ico at the end of the path.  The linked patch has been created to overcome this issue. 

I went ahead and downloaded the patch provided:

… replaced the webauthfilter64.dll file as per instructions, performed an IISReset on the Exchange server and was able to successfully log into OWA with the Chrome browser.

No comments: