Client computers cannot download attachments when you use ISA Server 2004 or ISA Server 2006 forms-based authentication and run a third-party OWA add-in program to manage attachments

Article translations Article translations
Article ID: 924405 - View products that this article applies to.
Expand all | Collapse all

On This Page

SYMPTOMS

Consider the following scenario:
  • You use forms-based authentication in Microsoft Internet Security and Acceleration (ISA) Server 2004 or ISA Server 2006 to publish a Microsoft Outlook Web Access (OWA) server.
  • You use a third-party OWA add-in program to manage e-mail attachments.
In this scenario, when client computers use OWA and download e-mail attachments, the computers cannot download attachments. Additionally, you may receive an error message that resembles the following:
Internet Explorer cannot download file from server.
Internet Explorer was not able to open this Internet site. The requested site is
either unavailable or cannot be found. Please try again later.

CAUSE

This problem occurs because the ISA Server 2004 or ISA Server 2006 forms-based authentication filter adds a Cache-Control: no-cache header to all responses for Active Server Pages (ASP) page requests except for known requests that are used by OWA for attachment downloads. The Cache-Control: no-cache header is added to ASP page requests to avoid session problems that occur with some non-Microsoft browsers.

When you use a third-party OWA add-in program that uses ASP pages for attachment downloads, the Cache-Control: no-cache header that is added to the ASP page response prevents Windows Internet Explorer from caching the attached file. Therefore, Internet Explorer cannot download or open the file. For more information about this problem, click the following article number to view the article in the Microsoft Knowledge Base:
316431 Internet Explorer is unable to open Office documents from an SSL Web site

RESOLUTION

How to obtain the hotfix

This issue is fixed in the ISA Server 2006 Hotfix Package dated September 24, 2007. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
942639 Description of the ISA Server 2006 hotfix package: September 24, 2007

How to obtain the hotfix

This issue is fixed in the ISA Server 2004 Hotfix Package dated August 23, 2006. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
924410 Description of the ISA Server 2004 hotfix package: August 23, 2006
The hotfix enables an exception list to be configured. The exception list prevents the ISA Server 2004 or ISA Server 2006 forms-based authentication filter from adding the Cache-Control: no-cache header to requests that contain the strings that are defined in the exception list.

After you apply the hotfix, you must run the following Visual Basic script on ISA Server 2004 or ISA Server 2006 to configure the exception list that has the necessary strings. To do this, follow these steps.

Microsoft provides programming examples for illustration only, without warranty either expressed or implied. This includes, but is not limited to, the implied warranties of merchantability or fitness for a particular purpose. This article assumes that you are familiar with the programming language that is being demonstrated and with the tools that are used to create and to debug procedures. Microsoft support engineers can help explain the functionality of a particular procedure, but they will not modify these examples to provide added functionality or construct procedures to meet your specific requirements.
  1. Click Start, point to Programs, point to Accessories, and then click Notepad.
  2. Copy and paste the following code into a new Notepad document. Then, save the code to a file name that has a .vbs extension such as AddOwaASPExceptionList.vbs.
    ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
    '
    ' Copyright (c) Microsoft Corporation. All rights reserved.
    ' THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE
    ' RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE
    ' USER. USE AND REDISTRIBUTION OF THIS CODE, WITH OR WITHOUT MODIFICATION, IS
    ' HEREBY PERMITTED.
    ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
    
    ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
    ' This script adds a new VendorParametersSets under the array root.
    ' This script is used to add new parameters that are needed for hotfixes or service packs.
    ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
    
    Sub AddOwaASPExceptionList()
    
        ' Create the root obect.
        Dim root  ' The FPCLib.FPC root object
        Set root = CreateObject("FPC.Root")
    
        'Declare the other objects needed.
        Dim array       ' An FPCArray object
        Dim VendorSets  ' An FPCVendorParametersSets collection
        Dim VendorSet   ' An FPCVendorParametersSet object
    
        ' Get references to the array object
        ' and the network rules collection.
        Set array = root.GetContainingArray
        Set VendorSets = array.VendorParametersSets
    
        On Error Resume Next
        Set VendorSet = VendorSets.Item( "{143F5698-103B-12D4-FF34-1F34767DEabc}" )
    
        If Err.Number <> 0 Then
            Err.Clear
    
            ' Add the item
            Set VendorSet = VendorSets.Add( "{143F5698-103B-12D4-FF34-1F34767DEabc}" )
            CheckError
            WScript.Echo "New VendorSet added... " & VendorSet.Name
    
        Else
            WScript.Echo "Existing VendorSet found... value- " &  VendorSet.Value("OwaASPExceptionList")
        End If
    
    '
    ' The syntax for adding the exception strings is: "String1;String2;..;StringN;"
    ' Each string is terminated with a semicolon. Even if you need only one exception
    ' string, terminate it with a semicolon.
    ' The URl of the request is compared to all strings. If one match,or
    ' one of the exception strings is included in the URL, ISA will not add the
    ' "Cache-control" header to the response and will pass the header from
    ' the Web server.
    '
    '
        Err.Clear
        VendorSet.Value("OwaASPExceptionList") = "attachment.asp;"
    
        If Err.Number <> 0 Then
            CheckError
        Else
            VendorSets.Save false, true
            CheckError
    
            If Err.Number = 0 Then
                WScript.Echo "Done with OwaASPExceptionList, saved!"
            End If
        End If
    
    End Sub
    
    Sub CheckError()
    
        If Err.Number <> 0 Then
            WScript.Echo "An error occurred: 0x" & Hex(Err.Number) & " " & Err.Description
            Err.Clear
        End If
    
    End Sub
    
    AddOwaASPExceptionList
    
    Notes
    • This script configures an exception for the "attachment.asp" page.
    • The syntax for adding the exception strings is as follows:
      "attachment1.asp;attachment2.asp;attachment3.asp;"
    • Each string ends with a semicolon. You must end the string with a semicolon even if you add a single string.
    • The exclusion list is case sensitive.
  3. Replace the "attachment.asp" page in the Microsoft Visual Basic script with the strings that you want to add to the exclusion list, and then save the file.
  4. Double-click the .vbs file to run the script.
To remove the exception list, you must run the following Visual Basic script. To do this, follow these steps:
  1. Click Start, point to Programs, point to Accessories, and then click Notepad.
  2. Copy and paste the following code into a new Notepad document. Then, save the code to a file name that has a .vbs extension such as RemoveOwaASPExceptionList.vbs.
    ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
    '
    ' Copyright (c) Microsoft Corporation. All rights reserved.
    ' THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE
    ' RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE
    ' USER. USE AND REDISTRIBUTION OF THIS CODE, WITH OR WITHOUT MODIFICATION, IS
    ' HEREBY PERMITTED.
    ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
    
    ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
    ' This script removes a VendorParametersSet under the array root.
    ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
    
    Sub RemoveOwaASPExceptionList()
    
        ' Create the root obect.
        Dim root  ' The FPCLib.FPC root object
        Set root = CreateObject("FPC.Root")
    
        'Declare the other objects needed.
        Dim array       ' An FPCArray object
        Dim VendorSets  ' An FPCVendorParametersSets collection
        Dim VendorSet   ' An FPCVendorParametersSet object
    
        ' Get references to the array object
        ' and the network rules collection.
        Set array = root.GetContainingArray
        Set VendorSets = array.VendorParametersSets
    
        On Error Resume Next
        Set VendorSet = VendorSets.Item( "{143F5698-103B-12D4-FF34-1F34767DEabc}" )
    
        If Err.Number = 0 Then
            WScript.Echo "Existing VendorSet found... value- " &  VendorSet.Value("OwaASPExceptionList")
    
            Err.Clear
            VendorSet.RemoveValue("OwaASPExceptionList")
    
            If Err.Number <> 0 Then
                CheckError
            Else
                VendorSets.Save false, true
                CheckError
    
                If Err.Number = 0 Then
                     WScript.Echo "Done with OwaASPExceptionList, saved!"
                End If
            End If
        End If
    
    End Sub
    
    Sub CheckError()
    
        If Err.Number <> 0 Then
            WScript.Echo "An error occurred: 0x" & Hex(Err.Number) & " " & Err.Description
            Err.Clear
        End If
    
    End Sub
    
    RemoveOwaASPExceptionList
    
  3. Double-click the .vbs file to run the script.

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

Properties

Article ID: 924405 - Last Review: December 5, 2007 - Revision: 1.6
APPLIES TO
  • Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition
  • Microsoft Internet Security and Acceleration Server 2004 Standard Edition
  • Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition
  • Microsoft Internet Security and Acceleration Server 2006 Standard Edition
Keywords: 
kberrmsg kbqfe kbprb KB924405

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com