Solved

Redirect external traffic to /owa folder with IIS 6.0

Posted on 2008-10-01
21
2,385 Views
Last Modified: 2012-05-05
We have 3 companies all using the same Exchange 2007 server.  I purchased a certificate that has subject alternative names for all 3 companies ie. mail.company1.com, mail.company2.com, and mail.comany3.com.  I want to tell the users to access owa they will need to type mail.company1.com, https://mail.company1.com, or http://mail.company.com.  Same goes for company 2 and 3.  How do get https://mail.company#.com, and http://mail.company#.com to redirect to https://mail.company#.com/owa?
0
Comment
Question by:vbchewie
  • 11
  • 10
21 Comments
 
LVL 12

Accepted Solution

by:
Pugglewuggle earned 500 total points
Comment Utility
This takes 3 steps:
1) Install the certificate on all the server as detailed in the instructions that came with it.
2) Setup the host headers for the site in IIS to respond to mail.company#.com (Do you have one owa folder for all email accounts? Meaning do all OWA users connect on the same OWA server?)
3) Just put a file in the root directory that redirects to /owa
Here is an HTML example and an ASP redirect script is attached. Just save the HTML in the root of the web server as index.htm or the ASP script in the root as default.asp. The main difference is that the ASP script is customizable and runs on the server so it's more reliable as it doesn't rely on the client to redirect itself, but it's up to you what you do.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="Refresh" content="0; url=/owa" />
<meta name="robots" content="none" />
<title>Redirecting...</title>
</head>
<body>
<div>Redirecting...<br />
<br />
If you are not redirected, <a href="/owa">click here</a>.</div>
</body>
</html>
 

<%

response.redirect("/owa")

%>

Open in new window

0
 
LVL 1

Author Comment

by:vbchewie
Comment Utility

1) I have installed the certificate on the default web site and it is working internally and externally.  By that I mean I get no certificate errors.

2) How do I setup host headers. (Yes I only have 1 owa folder all email accounts will connect to the same owa server. And they will use their upn for logging in.)
Thank you
0
 
LVL 12

Expert Comment

by:Pugglewuggle
Comment Utility
Okay - so the site works from inside your network... good. Get host headers setup and then let me know.
Here is the procedure for setting up host headers:
http://www.visualwin.com/host-header/
BTW - you do have your DNS for all 3 companies pointed at this server?
0
 
LVL 1

Author Comment

by:vbchewie
Comment Utility
I guess I already have the host header sites setup.  I have 3 websites excluding the default website.  One for each company.  Can I knock it down to just 1 header site if I add the mail.company2.com and mail.company3.com in the Advanced Web Site Identification -> Multiple indenties for this web site (part)?
I setup the 3 sites so on the Home Directory tab  I could redirect the url to the appropriate https://mail.company1.com/owa (I'm gussing this is not the right way).
Yes DNS for all companies will point to the same server.
0
 
LVL 12

Expert Comment

by:Pugglewuggle
Comment Utility
Oh, well if you have those 3 sites setup then that makes it easier! Just make them redirect as you said! That's the advice I was going to give last night but I didn't know about your specific setup and needed the DNS info.
Yes, that's the way to do it (since IIS 6 can't use SSL host headers).
:) The only problem with this is going to be that you might have problems because IIS 6. Doesn't have SSL host headers.... let me know if that works but I don't think it will.
If you have all 3 sites (not sites in IIS, I mean internet domains) on the same port (443), and same IP address, and the same site in IIS, then it should automatically work for all 3 companies when the user accesses the site... it should take them all to the same place since IIS 6 doesn't use SSL host headers. Can you please confirm if this is happening?
Then, if this does work, and the user is going to the same place from all 3 domains, you can just add the little ASP file I sent earlier (just make sure ASP is enabled under Web Service Extensions). You don't actually have a website running on the default website do you?
0
 
LVL 1

Author Comment

by:vbchewie
Comment Utility
As I have it now if someone goes to http://mail.company1.com it will redirect to https://mail.company1.com/owa.  However, if someone goes to https://mail.company1.com it will not redirect to https://mail.company1.com/owa.
How do I fix this?
Are you saying I just need to add the asp file you sent?
0
 
LVL 12

Expert Comment

by:Pugglewuggle
Comment Utility
Yes that's right. Just put it in the root assuming that there's nothing else in there. Name it default.asp and let me know if that works.
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 500 total points
Comment Utility
Oh, and you might want to change it to this to make sure it goes to SSL:

<%

response.redirect("https://" & Request.ServerVariables("HTTP_HOST") & "/owa")

%>

Open in new window

0
 
LVL 1

Author Comment

by:vbchewie
Comment Utility
I put the file in the inetpub\wwwroot.  The only file that is the documents tab for the default web site is the Default.asp, which I moved to the top.
If I type http://server internally I get the 403.4 error.  Externally if I type http://mail.comany1.com  it redirects but I think that is because Home Directory redirect to https://mail.company1.com/owa for the header site. However, if I go to https://mail.company1.com it gives me a 404 error.
Thank you
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 500 total points
Comment Utility
Okay, maybe you didn't quite get what I mean - that's okay.
You only need the default site in IIS that has the OWA folder in it. You only have that one site, correct? If you have others that you had setup to try to get this to work, delete them.
Put the ASP file in the root of the default site (you already did that).
Now, add host headers for mail.company#.com into the default site on port 80 (not SSL). Make one of these for each domain. Make sure you have the default SSL host header setup for port 443.
Make sure your public DNS points to the same public IP address for all 3 sites.
If you have internal DNS, does it have the same domain name as company#.com?
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 1

Author Comment

by:vbchewie
Comment Utility
Externally I can get to https://mail.company1.com/owa but when I got to http: or https: //mail.company1.com it does not redirect. I have attached some screen shots
Thank you

iismanager.JPG
AdvancedWeb.JPG
0
 
LVL 12

Expert Comment

by:Pugglewuggle
Comment Utility
Can you please tell me the error you're getting? If you have set that the site can only be accessed by SSL you need to disable this for the redirection from http to https to occur.
0
 
LVL 1

Author Comment

by:vbchewie
Comment Utility
I took the redirect off of the Home Directory.  When I go to https://mail.company1.com I get "The page cannot be found.  When I go to http://mail.company1.com I get  "The page must be viewed over a secure channel.
Thank You

HomeDir.JPG
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 500 total points
Comment Utility
You need to disable the Requires SSL. Check out my screenshot. Uncheck that box.
Note that the redirect will send people over to SSL. If you don't do this there's no way to redirect from http to https

Untitled.jpg
0
 
LVL 1

Author Comment

by:vbchewie
Comment Utility
Okay now I get  "The page cannot be found." for both http://mail.company1.com and https://mail.company1.com Is it not picking up the redirect?  
0
 
LVL 12

Expert Comment

by:Pugglewuggle
Comment Utility
Dude, check your public DNS and make sure its pointed to the right place. Everything in IIS is setup right. It's gotta be somewhere else now.
0
 
LVL 1

Author Comment

by:vbchewie
Comment Utility
If I go to https://mail.company1.com/owa it works fine. Doesn't that mean the Public DNS is pointed to the right place?
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 500 total points
Comment Utility
It does.
Do you have the web service extension for ASP enabled?
0
 
LVL 12

Expert Comment

by:Pugglewuggle
Comment Utility
Also, go to the directory with the command prompt and run dir to make sure the file isn't something like default.asp.txt.
0
 
LVL 1

Author Comment

by:vbchewie
Comment Utility
I know you said ASP needed to be enabled before.  And ASP .net was allowed however Active Server Pages was not allowed.  It works now.  Thank You very much.
0
 
LVL 1

Author Closing Comment

by:vbchewie
Comment Utility
Thank you for your help and patients I really appreciate it.  You are a great help.
0

Featured Post

Why spend so long doing email signature updates?

Do you spend loads of your time carrying out email signature updates? Not very interesting are they? Don’t let signature updates get you down. Let Exclaimer Cloud - Signatures for Office 365 make managing email signatures a breeze.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now