This tip was submitted to the searchWin2000 Tip Exchange by member Samuel Yeung. Let other users know how useful it is by rating the tip below.
The scenario is that you have a Windows 2000 OWA server with a Windows 2000 domain, and you are placing it in the DMZ and communcating with a firewall-protected Exchange 5.5 Server. In order to ensure that the OWA server can be authenticated by the Exchange Server, a two-way trust relationship should be established. Moreover, you should grant the "Everyone" group "Access this computer from network" permissions and "Logon on locally" in NT User Manager for Domains. Similarly, the "Domain Users" group should be granted these two privlieges on the OWA Domain Controller Security Policy.
In the Exchange Server, modify the Registry such that a static mapping of DS and IS can be established by the OWA client. Ports for RPC, NBT, Exchange DS and IS should be enabled, and create those corresponding rules on the firewall.
This was first published in March 2002