Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 841
  • Last Modified:

Redirect OWA 2003 HTTP to HTTPS

Hi.

I have an Exchange 2003 server that I just set up with forms-based authentication and SSL-encrypted OWA, EAS, and OMA thanks to much help from this board.

Now, I want to make it so that instead of having to type https://mail.mycompany.com/exchange, users can simply enter mail.mycompany.com and be directed to the secure sign-on page.

I found this article support.microsoft.com/kb/555053 which appears to be what I'm looking for, but step 3 contains the following caveat:

3.  Assuming that the only thing IIS does on your Exchange server is OWA, make the following change to redirect requests to the /exchange virtual directory.  Open notepad and type the word redirect.  Save the file with the name redirect.htm into the default web site directory.  Now go to the properties of this file from within IIS Manager, and under the option The content for this resource should come from: choose A redirection to a URL.  In the redirect to: box that is now able to be filled it, type /exchange.
 
*Note:  If you have additional content on the default web site of your Exchange server and/or host other websites, be aware that after completing this step, requests to the default website will result in automatic redirection to the /exchange virtual directory.  Make sure that you understand the impact of this change.

Thing is, I don't think I necessarily understand the impact of the change, and I don't want to break EAS and OMA for the sake of OWA.

Will following these steps mess up my EAS/OMA and if so, is there another procedure I can follow to accomplish what I want?

Many thanks.

Joe
0
Joe2009
Asked:
Joe2009
  • 2
  • 2
  • 2
  • +1
3 Solutions
 
itnetworknCommented:
Joe - I went through the same thing you are doing. I think this kb article is more suitable to what you are trying to accomplish ( http://support.microsoft.com/kb/839357 ) . Try it, and let me know if you have any specific questions, and I'll be happy to assist.
0
 
Todd GerbertIT ConsultantCommented:
This change will only apply to clients who make a web request for mail.mycompany.com - in which case IIS will redirect their request to https://mail.mycompany.com/
OMA and EAS won't ever be making a request for mail.mycompany.com, they'll always be making requests for mail.mycompany.com/oma/whatever.htm, so they won't be affected.
0
 
IT-Monkey-DaveCommented:
It's been a while since I thrashed my way through this but basically I have the Exchange web site for OWA, and an EAS web site.  When forms-based authentication is enabled for OWA, it complicates things.  In addition to the #3 you quoted above, I had to create a .asp file.
Take a look at MS KB article 839357.  Therein probably lies the solution you're looking for.  http://support.microsoft.com/kb/839357/en-us
I think there's more too, am still searching my notes...
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
IT-Monkey-DaveCommented:
In my case OWA and EAS requests go through an ISA 2006 server which also complicates things.  You may only need the info contained in 839357 if remote clients access your Exchange server directly for OWA and EAS.
0
 
itnetworknCommented:
Joe - Checking in with you to see if you had any questions regarding the kb article I posted. Let me know how I can help.
0
 
Joe2009Author Commented:
tgerbert:

>>>This change will only apply to clients who make a web request for mail.mycompany.com - in which case >>>IIS will redirect their request to https://mail.mycompany.com/
>>>OMA and EAS won't ever be making a request for mail.mycompany.com, they'll always be making >>>requests for mail.mycompany.com/oma/whatever.htm, so they won't be affected.

I'm pretty sure mail.company.com is used by EAS-- that's the address format I use on my Windows Mobile phones...
0
 
Joe2009Author Commented:
itnetworkn:

>>>Joe - Checking in with you to see if you had any questions regarding the kb article I posted. Let me >>>know how I can help.

Actually, I do. First, that article says:

Note Follow these steps on an Exchange front-end server that communicates with a clustered Exchange back-end server.

Mine is a single back-end server. Are these steps still appropriate?

Second, (and this is embarassing) how does one go about creating an ASP. Is it simply a matter of copying that code into notepad and saving with that extension?

Joe

P.S. Is there any automatic way to quote previous posts in these threads? It would make directing responses to particular people so much easier...
0
 
Todd GerbertIT ConsultantCommented:
You give your mobile phones, etc, the name of your server, which is mail.mycompany.com - but EAS knows to make requests to http://mail.mycompany.com/OMA/pagename.asp, it has no need for website documents located at http://mail.mycompany.com (which is why it works correctly now even though you don't have anything at http://mail.mycompany.com).
Consider this: I have a single server, on it I have my company's website and I have Exchange.  My regular old website is at http://server.domain.com/ and Exchange is at http://server.domain.com/Exchange.  If I were to follow the instructions you posted above it would effectively hide my regular website, because everytime someone tried to go to http://server.domain.com/ they'd be redirected to http://server.domain.com/Exchange instead.  So, assuming you don't have any other websites then this issue doesn't apply to you.
P.S. Is there any automatic way to quote previous posts in these threads? It would make directing responses to particular people so much easier...
No, but I like to use the rich text editor and italicize and indent quoted text.  Also, you can link to comments in a question by typing http: followed by a # sign and the comment number, like so: h t t p : # 3 3 5 7 1 0 2 5 (http:#33571025)
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now