?
Solved

Redirect OWA 2003 HTTP to HTTPS

Posted on 2010-08-30
8
Medium Priority
?
831 Views
Last Modified: 2012-06-27
Hi.

I have an Exchange 2003 server that I just set up with forms-based authentication and SSL-encrypted OWA, EAS, and OMA thanks to much help from this board.

Now, I want to make it so that instead of having to type https://mail.mycompany.com/exchange, users can simply enter mail.mycompany.com and be directed to the secure sign-on page.

I found this article support.microsoft.com/kb/555053 which appears to be what I'm looking for, but step 3 contains the following caveat:

3.  Assuming that the only thing IIS does on your Exchange server is OWA, make the following change to redirect requests to the /exchange virtual directory.  Open notepad and type the word redirect.  Save the file with the name redirect.htm into the default web site directory.  Now go to the properties of this file from within IIS Manager, and under the option The content for this resource should come from: choose A redirection to a URL.  In the redirect to: box that is now able to be filled it, type /exchange.
 
*Note:  If you have additional content on the default web site of your Exchange server and/or host other websites, be aware that after completing this step, requests to the default website will result in automatic redirection to the /exchange virtual directory.  Make sure that you understand the impact of this change.

Thing is, I don't think I necessarily understand the impact of the change, and I don't want to break EAS and OMA for the sake of OWA.

Will following these steps mess up my EAS/OMA and if so, is there another procedure I can follow to accomplish what I want?

Many thanks.

Joe
0
Comment
Question by:Joe2009
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
8 Comments
 
LVL 6

Accepted Solution

by:
itnetworkn earned 336 total points
ID: 33562735
Joe - I went through the same thing you are doing. I think this kb article is more suitable to what you are trying to accomplish ( http://support.microsoft.com/kb/839357 ) . Try it, and let me know if you have any specific questions, and I'll be happy to assist.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33562743
This change will only apply to clients who make a web request for mail.mycompany.com - in which case IIS will redirect their request to https://mail.mycompany.com/
OMA and EAS won't ever be making a request for mail.mycompany.com, they'll always be making requests for mail.mycompany.com/oma/whatever.htm, so they won't be affected.
0
 
LVL 13

Assisted Solution

by:IT-Monkey-Dave
IT-Monkey-Dave earned 332 total points
ID: 33562818
It's been a while since I thrashed my way through this but basically I have the Exchange web site for OWA, and an EAS web site.  When forms-based authentication is enabled for OWA, it complicates things.  In addition to the #3 you quoted above, I had to create a .asp file.
Take a look at MS KB article 839357.  Therein probably lies the solution you're looking for.  http://support.microsoft.com/kb/839357/en-us
I think there's more too, am still searching my notes...
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 13

Expert Comment

by:IT-Monkey-Dave
ID: 33562853
In my case OWA and EAS requests go through an ISA 2006 server which also complicates things.  You may only need the info contained in 839357 if remote clients access your Exchange server directly for OWA and EAS.
0
 
LVL 6

Expert Comment

by:itnetworkn
ID: 33567870
Joe - Checking in with you to see if you had any questions regarding the kb article I posted. Let me know how I can help.
0
 

Author Comment

by:Joe2009
ID: 33571025
tgerbert:

>>>This change will only apply to clients who make a web request for mail.mycompany.com - in which case >>>IIS will redirect their request to https://mail.mycompany.com/
>>>OMA and EAS won't ever be making a request for mail.mycompany.com, they'll always be making >>>requests for mail.mycompany.com/oma/whatever.htm, so they won't be affected.

I'm pretty sure mail.company.com is used by EAS-- that's the address format I use on my Windows Mobile phones...
0
 

Author Comment

by:Joe2009
ID: 33571120
itnetworkn:

>>>Joe - Checking in with you to see if you had any questions regarding the kb article I posted. Let me >>>know how I can help.

Actually, I do. First, that article says:

Note Follow these steps on an Exchange front-end server that communicates with a clustered Exchange back-end server.

Mine is a single back-end server. Are these steps still appropriate?

Second, (and this is embarassing) how does one go about creating an ASP. Is it simply a matter of copying that code into notepad and saving with that extension?

Joe

P.S. Is there any automatic way to quote previous posts in these threads? It would make directing responses to particular people so much easier...
0
 
LVL 33

Assisted Solution

by:Todd Gerbert
Todd Gerbert earned 332 total points
ID: 33571691
You give your mobile phones, etc, the name of your server, which is mail.mycompany.com - but EAS knows to make requests to http://mail.mycompany.com/OMA/pagename.asp, it has no need for website documents located at http://mail.mycompany.com (which is why it works correctly now even though you don't have anything at http://mail.mycompany.com).
Consider this: I have a single server, on it I have my company's website and I have Exchange.  My regular old website is at http://server.domain.com/ and Exchange is at http://server.domain.com/Exchange.  If I were to follow the instructions you posted above it would effectively hide my regular website, because everytime someone tried to go to http://server.domain.com/ they'd be redirected to http://server.domain.com/Exchange instead.  So, assuming you don't have any other websites then this issue doesn't apply to you.
P.S. Is there any automatic way to quote previous posts in these threads? It would make directing responses to particular people so much easier...
No, but I like to use the rich text editor and italicize and indent quoted text.  Also, you can link to comments in a question by typing http: followed by a # sign and the comment number, like so: h t t p : # 3 3 5 7 1 0 2 5 (http:#33571025)
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question