[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Redirect external traffic to /owa folder with IIS 6.0

Posted on 2008-10-01
21
Medium Priority
?
2,448 Views
Last Modified: 2012-05-05
We have 3 companies all using the same Exchange 2007 server.  I purchased a certificate that has subject alternative names for all 3 companies ie. mail.company1.com, mail.company2.com, and mail.comany3.com.  I want to tell the users to access owa they will need to type mail.company1.com, https://mail.company1.com, or http://mail.company.com.  Same goes for company 2 and 3.  How do get https://mail.company#.com, and http://mail.company#.com to redirect to https://mail.company#.com/owa?
0
Comment
Question by:vbchewie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 10
21 Comments
 
LVL 12

Accepted Solution

by:
Pugglewuggle earned 2000 total points
ID: 22622554
This takes 3 steps:
1) Install the certificate on all the server as detailed in the instructions that came with it.
2) Setup the host headers for the site in IIS to respond to mail.company#.com (Do you have one owa folder for all email accounts? Meaning do all OWA users connect on the same OWA server?)
3) Just put a file in the root directory that redirects to /owa
Here is an HTML example and an ASP redirect script is attached. Just save the HTML in the root of the web server as index.htm or the ASP script in the root as default.asp. The main difference is that the ASP script is customizable and runs on the server so it's more reliable as it doesn't rely on the client to redirect itself, but it's up to you what you do.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="Refresh" content="0; url=/owa" />
<meta name="robots" content="none" />
<title>Redirecting...</title>
</head>
<body>
<div>Redirecting...<br />
<br />
If you are not redirected, <a href="/owa">click here</a>.</div>
</body>
</html>
 

<%
response.redirect("/owa")
%>

Open in new window

0
 
LVL 1

Author Comment

by:vbchewie
ID: 22626068

1) I have installed the certificate on the default web site and it is working internally and externally.  By that I mean I get no certificate errors.

2) How do I setup host headers. (Yes I only have 1 owa folder all email accounts will connect to the same owa server. And they will use their upn for logging in.)
Thank you
0
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22626978
Okay - so the site works from inside your network... good. Get host headers setup and then let me know.
Here is the procedure for setting up host headers:
http://www.visualwin.com/host-header/ 
BTW - you do have your DNS for all 3 companies pointed at this server?
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 
LVL 1

Author Comment

by:vbchewie
ID: 22627185
I guess I already have the host header sites setup.  I have 3 websites excluding the default website.  One for each company.  Can I knock it down to just 1 header site if I add the mail.company2.com and mail.company3.com in the Advanced Web Site Identification -> Multiple indenties for this web site (part)?
I setup the 3 sites so on the Home Directory tab  I could redirect the url to the appropriate https://mail.company1.com/owa (I'm gussing this is not the right way).
Yes DNS for all companies will point to the same server.
0
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22627527
Oh, well if you have those 3 sites setup then that makes it easier! Just make them redirect as you said! That's the advice I was going to give last night but I didn't know about your specific setup and needed the DNS info.
Yes, that's the way to do it (since IIS 6 can't use SSL host headers).
:) The only problem with this is going to be that you might have problems because IIS 6. Doesn't have SSL host headers.... let me know if that works but I don't think it will.
If you have all 3 sites (not sites in IIS, I mean internet domains) on the same port (443), and same IP address, and the same site in IIS, then it should automatically work for all 3 companies when the user accesses the site... it should take them all to the same place since IIS 6 doesn't use SSL host headers. Can you please confirm if this is happening?
Then, if this does work, and the user is going to the same place from all 3 domains, you can just add the little ASP file I sent earlier (just make sure ASP is enabled under Web Service Extensions). You don't actually have a website running on the default website do you?
0
 
LVL 1

Author Comment

by:vbchewie
ID: 22627644
As I have it now if someone goes to http://mail.company1.com it will redirect to https://mail.company1.com/owa.  However, if someone goes to https://mail.company1.com it will not redirect to https://mail.company1.com/owa.
How do I fix this?
Are you saying I just need to add the asp file you sent?
0
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22628197
Yes that's right. Just put it in the root assuming that there's nothing else in there. Name it default.asp and let me know if that works.
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 2000 total points
ID: 22628224
Oh, and you might want to change it to this to make sure it goes to SSL:

<%
response.redirect("https://" & Request.ServerVariables("HTTP_HOST") & "/owa")
%>

Open in new window

0
 
LVL 1

Author Comment

by:vbchewie
ID: 22629437
I put the file in the inetpub\wwwroot.  The only file that is the documents tab for the default web site is the Default.asp, which I moved to the top.
If I type http://server internally I get the 403.4 error.  Externally if I type http://mail.comany1.com  it redirects but I think that is because Home Directory redirect to https://mail.company1.com/owa for the header site. However, if I go to https://mail.company1.com it gives me a 404 error.
Thank you
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 2000 total points
ID: 22629626
Okay, maybe you didn't quite get what I mean - that's okay.
You only need the default site in IIS that has the OWA folder in it. You only have that one site, correct? If you have others that you had setup to try to get this to work, delete them.
Put the ASP file in the root of the default site (you already did that).
Now, add host headers for mail.company#.com into the default site on port 80 (not SSL). Make one of these for each domain. Make sure you have the default SSL host header setup for port 443.
Make sure your public DNS points to the same public IP address for all 3 sites.
If you have internal DNS, does it have the same domain name as company#.com?
0
 
LVL 1

Author Comment

by:vbchewie
ID: 22629891
Externally I can get to https://mail.company1.com/owa but when I got to http: or https: //mail.company1.com it does not redirect. I have attached some screen shots
Thank you

iismanager.JPG
AdvancedWeb.JPG
0
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22630387
Can you please tell me the error you're getting? If you have set that the site can only be accessed by SSL you need to disable this for the redirection from http to https to occur.
0
 
LVL 1

Author Comment

by:vbchewie
ID: 22635703
I took the redirect off of the Home Directory.  When I go to https://mail.company1.com I get "The page cannot be found.  When I go to http://mail.company1.com I get  "The page must be viewed over a secure channel.
Thank You

HomeDir.JPG
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 2000 total points
ID: 22635923
You need to disable the Requires SSL. Check out my screenshot. Uncheck that box.
Note that the redirect will send people over to SSL. If you don't do this there's no way to redirect from http to https

Untitled.jpg
0
 
LVL 1

Author Comment

by:vbchewie
ID: 22636080
Okay now I get  "The page cannot be found." for both http://mail.company1.com and https://mail.company1.com Is it not picking up the redirect?  
0
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22636100
Dude, check your public DNS and make sure its pointed to the right place. Everything in IIS is setup right. It's gotta be somewhere else now.
0
 
LVL 1

Author Comment

by:vbchewie
ID: 22636130
If I go to https://mail.company1.com/owa it works fine. Doesn't that mean the Public DNS is pointed to the right place?
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 2000 total points
ID: 22636378
It does.
Do you have the web service extension for ASP enabled?
0
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22636392
Also, go to the directory with the command prompt and run dir to make sure the file isn't something like default.asp.txt.
0
 
LVL 1

Author Comment

by:vbchewie
ID: 22636459
I know you said ASP needed to be enabled before.  And ASP .net was allowed however Active Server Pages was not allowed.  It works now.  Thank You very much.
0
 
LVL 1

Author Closing Comment

by:vbchewie
ID: 31502100
Thank you for your help and patients I really appreciate it.  You are a great help.
0

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question