Monday 29 November 2010

Access denied to OWA for new user

The takeaway: Uncheck "user must change password on first login" to access Outlook Web Access.

A customer of ours had a very typical request. They would need "a user called info" to handle mails to info-at-their-domain. They would also be hiring an external person to handle the surge of Info activity they were planning for, using Outlook Web Access. Their infrastructure is Microsoft Small Business Server 2008 with the bundled Exchange 2007.

Step one in any such project-let is not to mistake customers' wants from customers' needs. What they needed was an info mailbox which given users on the inside could read from their own accounts, and a separate account for the external person, who'd have no mailbox of her own but would be allowed to access that same info box.

First things second, create the user. Usually externals would go go a separate Organizational Unit in Active Directory, but since this is a Small Business Server, things just tend to work better (or at all) if mucked about the wrong way. Thus, no extra OU. Just create a user x-username (to at least visually mark that the user is an external) and then peel off extra rights like interactive login or access to shared files. 

To create a shared mailbox, you need to use the PowerShell Exchange management console. This process is described elsewhere and i need to google it each time too. The same document will tell you the next two steps needed to allow x-username to read mail from the box and to send mail in the name of the box. I tried doing this using groups, but at least one of the steps failed. It wasn't very clear either which of the options are for the user and which for the mailbox, but in the end i got it to work. Or so i thought.

I sent the external user her credentials and URL to access the shared mailbox directly (which was news to me - https://mail.example.com/owa/info@example.com will take you there). And soon got a reply that there was a problem.

A few back-and-forths later and it turned out that she was unable to log in to OWA. I reset her password, but the problems prevailed.

After some debugging, i tried to uncheck the option in Active Directory Users and Computers where it says that the user must change her password upon first login. This is on by default, and it is a good default. Hey, presto! The account was good, i could log on with the external's credentials and was taken directly to the info mailbox.

What failage. OWA could allow the user to change the initial password. Or could inform that the password needs to be changed first on a proper Windows session. But not like this.

Well, at least i have the user on line now, doing her work, and myself another blog posting.

Posterous mail interface sanity check

Test. This posting should not appear at ps.lauren.fi

Tuesday 23 November 2010

Hip to be square

After hearing Foursquare's co-founder [0] Dennis Crowley enthuse about his co-creation (on speed) in a podcast episode, i decided to join.

Since first hearing of Foursquare a year back, i've wondered about two things:

a) isn't this awfully bad for privacy, and

2) what's the point.

I'm still not a 100% convinced about the privacy bit (or lack thereof) but i think i've got a vague shade-of-grok about what the idea is. On a hi-fly note, Foursquare bridges places in the physical world with the 'net. On more concrete terms, it is a way for people to exchange tips about places. And on the silly side, it makes being somewhere a game. Not being much of a gamer, i appreciate the exchanging-of-tips bit most. It's kind of a like a less fleeting Twitter of places.

My initial use case was cafés and lunch spots, so i did my first check-in at Café Regatta and my second from the only lunch joint i could fit into, Yes for food. The former is everything the second one is not. But hey, a guy's gotta eat. Only i'll do so somewhere else next time (and i'll order something else than the Auraleike with fries next time there is nowhere else to go). Both places got my tips. Then i tap (past tense for "tip") the coffe shop Caffi, the candy outlet close to a customer and even the electronics megastore where i actually got some good service!

The nice thing about tips is that you can read tips that are relevant to "this vincinity". You don't have to be in a restaurant, museum or market to read about it; rather you can ask "what interesting tips are there to this 'hood". And you can put that on your to-do (or to-done) list. 

Now i just wished that mobile data were affordable when abroad, because this thing would be really nifty Somewhere Else. 

 

[0] if i ever am to co-create some 2.0 craze, i want to be co-flounder. In fact, i shall call it Flounder while thinking of what it might be. Or Floundr.