Redirect OWA 2003 HTTP to HTTPS

Hi.

I have an Exchange 2003 server that I just set up with forms-based authentication and SSL-encrypted OWA, EAS, and OMA thanks to much help from this board.

Now, I want to make it so that instead of having to type https://mail.mycompany.com/exchange, users can simply enter mail.mycompany.com and be directed to the secure sign-on page.

I found this article support.microsoft.com/kb/555053 which appears to be what I'm looking for, but step 3 contains the following caveat:

3.  Assuming that the only thing IIS does on your Exchange server is OWA, make the following change to redirect requests to the /exchange virtual directory.  Open notepad and type the word redirect.  Save the file with the name redirect.htm into the default web site directory.  Now go to the properties of this file from within IIS Manager, and under the option The content for this resource should come from: choose A redirection to a URL.  In the redirect to: box that is now able to be filled it, type /exchange.
 
*Note:  If you have additional content on the default web site of your Exchange server and/or host other websites, be aware that after completing this step, requests to the default website will result in automatic redirection to the /exchange virtual directory.  Make sure that you understand the impact of this change.

Thing is, I don't think I necessarily understand the impact of the change, and I don't want to break EAS and OMA for the sake of OWA.

Will following these steps mess up my EAS/OMA and if so, is there another procedure I can follow to accomplish what I want?

Many thanks.

Joe
Joe2009Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

itnetworknCommented:
Joe - I went through the same thing you are doing. I think this kb article is more suitable to what you are trying to accomplish ( http://support.microsoft.com/kb/839357 ) . Try it, and let me know if you have any specific questions, and I'll be happy to assist.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Todd GerbertIT ConsultantCommented:
This change will only apply to clients who make a web request for mail.mycompany.com - in which case IIS will redirect their request to https://mail.mycompany.com/
OMA and EAS won't ever be making a request for mail.mycompany.com, they'll always be making requests for mail.mycompany.com/oma/whatever.htm, so they won't be affected.
IT-Monkey-DaveCommented:
It's been a while since I thrashed my way through this but basically I have the Exchange web site for OWA, and an EAS web site.  When forms-based authentication is enabled for OWA, it complicates things.  In addition to the #3 you quoted above, I had to create a .asp file.
Take a look at MS KB article 839357.  Therein probably lies the solution you're looking for.  http://support.microsoft.com/kb/839357/en-us
I think there's more too, am still searching my notes...
Discover the Answer to Productive IT

Discover app within WatchGuard's Wi-Fi Cloud helps you optimize W-Fi user experience with the most complete set of visibility, troubleshooting, and network health features. Quickly pinpointing network problems will lead to more happy users and most importantly, productive IT.

IT-Monkey-DaveCommented:
In my case OWA and EAS requests go through an ISA 2006 server which also complicates things.  You may only need the info contained in 839357 if remote clients access your Exchange server directly for OWA and EAS.
itnetworknCommented:
Joe - Checking in with you to see if you had any questions regarding the kb article I posted. Let me know how I can help.
Joe2009Author Commented:
tgerbert:

>>>This change will only apply to clients who make a web request for mail.mycompany.com - in which case >>>IIS will redirect their request to https://mail.mycompany.com/
>>>OMA and EAS won't ever be making a request for mail.mycompany.com, they'll always be making >>>requests for mail.mycompany.com/oma/whatever.htm, so they won't be affected.

I'm pretty sure mail.company.com is used by EAS-- that's the address format I use on my Windows Mobile phones...
Joe2009Author Commented:
itnetworkn:

>>>Joe - Checking in with you to see if you had any questions regarding the kb article I posted. Let me >>>know how I can help.

Actually, I do. First, that article says:

Note Follow these steps on an Exchange front-end server that communicates with a clustered Exchange back-end server.

Mine is a single back-end server. Are these steps still appropriate?

Second, (and this is embarassing) how does one go about creating an ASP. Is it simply a matter of copying that code into notepad and saving with that extension?

Joe

P.S. Is there any automatic way to quote previous posts in these threads? It would make directing responses to particular people so much easier...
Todd GerbertIT ConsultantCommented:
You give your mobile phones, etc, the name of your server, which is mail.mycompany.com - but EAS knows to make requests to http://mail.mycompany.com/OMA/pagename.asp, it has no need for website documents located at http://mail.mycompany.com (which is why it works correctly now even though you don't have anything at http://mail.mycompany.com).
Consider this: I have a single server, on it I have my company's website and I have Exchange.  My regular old website is at http://server.domain.com/ and Exchange is at http://server.domain.com/Exchange.  If I were to follow the instructions you posted above it would effectively hide my regular website, because everytime someone tried to go to http://server.domain.com/ they'd be redirected to http://server.domain.com/Exchange instead.  So, assuming you don't have any other websites then this issue doesn't apply to you.
P.S. Is there any automatic way to quote previous posts in these threads? It would make directing responses to particular people so much easier...
No, but I like to use the rich text editor and italicize and indent quoted text.  Also, you can link to comments in a question by typing http: followed by a # sign and the comment number, like so: h t t p : # 3 3 5 7 1 0 2 5 (http:#33571025)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.