[ExchangeList] Re: redirect OWA

  • From: "Michael B. Smith" <michael@xxxxxxxxxxxx>
  • To: <exchangelist@xxxxxxxxxxxxx>
  • Date: Thu, 27 Jul 2006 20:11:52 -0400

Outlook Web Access

In versions of Exchange prior to Exchange 2000 Server, installation of
Outlook Web Access was a separate set of required activities. However,
in Exchange 2000 Server and Exchange Server 2003, OWA is installed at
the same time Exchange is installed and may not be installed separately
or removed separately.

In Chapter 3, we discussed and installed Outlook Web Access
Administration. Almost all configuration of OWA that you may require
should be done using OWA Admin. The only exceptions are for creation and
generation of SSL certificates (which is covered in the next section)
and creation of redirects.

OWA is installed as a virtual directory (named Exchange) off the default
web site of the Exchange server. Therefore, OWA is accessed using the
following URL: http://<servername>/exchange. It is a common desire to
change that to http://<servername> or to create a special DNS name just
for OWA such as http://webmail.domain.com (e.g.,

The first, allowing http://<servername> to automatically redirect to
http://<servername>/Exchange is done by creating a custom Default.asp
file. If you followed the default installation procedures for Windows
Server 2003, you have a folder named C:\InetPub\wwwroot which contains
the website documents for the default web site. Inside that folder,
create a file named Default.asp. In that file, place the following lines
of code:


    Dim strURL


    strURL = "http://";

    strURL = strURL & Request.ServerVariables("SERVER_NAME") &


    Response.Redirect strURL


After you've installed an SSL certificate, change that to:


    Dim strURL


    strURL = "https://";

    strURL = strURL & Request.ServerVariables("SERVER_NAME") &


    Response.Redirect strURL


Notice the change from http to https in line 4.

Default.asp is the primary ASP document type. It would only be
overridden if a file named Default.htm existed, which does not exist in
a default installation.

The effect of this small ASP script is to take a request coming into the
default web site and to redirect it to the Exchange virtual directory.
If you instead want a custom name, you would create this within ESM. The
first steps in this process are to decide on the custom name and to get
this custom name placed into your DNS. That process is not covered here.

Next, within ESM you will create a new HTTP virtual server. First, you
must drill down to the various protocol handlers within ESM. You can see
that process illustrated in Figure 4-7. Once you have located the HTTP
virtual servers, you will create a new one. Right-click on the HTTP
label in the left pane, and select New(r)HTTP Virtual Server. You will
see the result which is illustrated in Figure 4-8.

The defaults filled in for you are quite reasonable and you will only
have to make two modifications. Fill in a fully-qualified domain name
for the virtual server-in this example I chose webmail.WeDoExchange.com.
Once you have filled that field in, you may click around throughout the
dialog, examining the various options. However, to configure the other
important field, click on the Advanced button on the General tab. The
dialog window that appears is shown in Figure 4-9.

We need to select the line labeled (All Unassigned) and then click
Modify. In the Identification dialog box that opens, in the "Host name"
field, again enter the fully-qualified domain name for this virtual
server-webmail.WeDoExchange.com for this example. These boxes are the
same as the ones that you might see in Internet Information Services
Manager-however, this information is stored in the Exchange portion of
the Active Directory. A special piece of Exchange Server, called DS2MB
(Directory Services To Metabase) copies this information from Active
Directory to the IIS Metabase.

No more than approximately 15 minutes after you've entered this
information into ESM, you may open IIS Manager and see properly
configured virtual websites and virtual directories created. Using ESM
for the creation of these objects is much simpler than creating them
using IIS Manager, as Exchange requires a number of special settings for
these websites and virtual directories to operate properly.

It is also possible that, if you have multiple Active Directory domains
in your environment, you may wish to visit the Access tab and click on
the Authentication button. In the "Default domain" field, you may wish
to place a single "\" (that is a backslash, and you would not put the
quotation marks within the field).


Figure 4-7. The default HTTP virtual server

The result of placing the "\" into the "Default domain" field is to
require IIS to search among all of the domains that exist within your
Active Directory whenever an authentication request is received.  This
can simplify the burden of authentication to your user community. From
another perspective, it may make authentication too easy. You'll have to
weigh the ease-of-use against your corporate security requirements.

Using the default domain only applies if you have Basic Authentication
enabled. Since, without SSL, this causes passwords to be sent over the
Internet in clear text, this is probably to be avoided.


Figure 4-8. Creating a new HTTP virtual server

Using SSL to encrypt both passwords and data transferred between server
and client is highly recommended. See the next section for the required
process to install SSL.

Back on the General tab, notice the Exchange Path group. The default
setting for a new HTTP virtual server is "Mailboxes for SMTP domain" and
the domain selected is the default domain for the Exchange organization
(that is, the primary domain specified in the Default Recipient Policy).
If you have multiple SMTP addresses defined in your Recipient Polices,
you may click on the Modify button and the various domains will be
listed, allowing for the selection desired.

Once you are done examining and modifying the various settings for the
new HTTP Virtual Server, click OK and it will be created. As mentioned
before, it will be available in IIS Manager and ready for use within 15

Unlike Active Directory domains and forcing replication, there is no way
to speed up the DS2MB process.


Figure 4-9. HTTP virtual server identity


From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Carl Houseman
Sent: Thursday, July 27, 2006 5:51 PM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: redirect OWA

You have to combine two redirection techniques that you can find with
google.  Google words:
  redirect http https iis
  redirect owa /exchange
I'm surprised there's no single cookbook that tells how to do both at
once, but if you can't get anywhere let me know, maybe I'll write one up
and put it online somewhere.


From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of John Knijn
Sent: Thursday, July 27, 2006 3:27 PM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] redirect OWA



We are using Exchange Server 2003 enterprise edition on a W2K3-server
and using OWA.


Just created certificate and before installing it I want to do this:


Redirect http://mailserver.domain.com/exchange to 
https://mailserver.domain.com <https://mailserver.domain.com/> 


What do I have to do in the configuration of IIS to do that?


Thank you very much.







JPEG image

JPEG image

JPEG image

Other related posts: