Solved

Redirect OWA 2003 HTTP to HTTPS

Posted on 2010-08-30
8
826 Views
Last Modified: 2012-06-27
Hi.

I have an Exchange 2003 server that I just set up with forms-based authentication and SSL-encrypted OWA, EAS, and OMA thanks to much help from this board.

Now, I want to make it so that instead of having to type https://mail.mycompany.com/exchange, users can simply enter mail.mycompany.com and be directed to the secure sign-on page.

I found this article support.microsoft.com/kb/555053 which appears to be what I'm looking for, but step 3 contains the following caveat:

3.  Assuming that the only thing IIS does on your Exchange server is OWA, make the following change to redirect requests to the /exchange virtual directory.  Open notepad and type the word redirect.  Save the file with the name redirect.htm into the default web site directory.  Now go to the properties of this file from within IIS Manager, and under the option The content for this resource should come from: choose A redirection to a URL.  In the redirect to: box that is now able to be filled it, type /exchange.
 
*Note:  If you have additional content on the default web site of your Exchange server and/or host other websites, be aware that after completing this step, requests to the default website will result in automatic redirection to the /exchange virtual directory.  Make sure that you understand the impact of this change.

Thing is, I don't think I necessarily understand the impact of the change, and I don't want to break EAS and OMA for the sake of OWA.

Will following these steps mess up my EAS/OMA and if so, is there another procedure I can follow to accomplish what I want?

Many thanks.

Joe
0
Comment
Question by:Joe2009
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
8 Comments
 
LVL 6

Accepted Solution

by:
itnetworkn earned 84 total points
ID: 33562735
Joe - I went through the same thing you are doing. I think this kb article is more suitable to what you are trying to accomplish ( http://support.microsoft.com/kb/839357 ) . Try it, and let me know if you have any specific questions, and I'll be happy to assist.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33562743
This change will only apply to clients who make a web request for mail.mycompany.com - in which case IIS will redirect their request to https://mail.mycompany.com/
OMA and EAS won't ever be making a request for mail.mycompany.com, they'll always be making requests for mail.mycompany.com/oma/whatever.htm, so they won't be affected.
0
 
LVL 13

Assisted Solution

by:IT-Monkey-Dave
IT-Monkey-Dave earned 83 total points
ID: 33562818
It's been a while since I thrashed my way through this but basically I have the Exchange web site for OWA, and an EAS web site.  When forms-based authentication is enabled for OWA, it complicates things.  In addition to the #3 you quoted above, I had to create a .asp file.
Take a look at MS KB article 839357.  Therein probably lies the solution you're looking for.  http://support.microsoft.com/kb/839357/en-us
I think there's more too, am still searching my notes...
0
Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

 
LVL 13

Expert Comment

by:IT-Monkey-Dave
ID: 33562853
In my case OWA and EAS requests go through an ISA 2006 server which also complicates things.  You may only need the info contained in 839357 if remote clients access your Exchange server directly for OWA and EAS.
0
 
LVL 6

Expert Comment

by:itnetworkn
ID: 33567870
Joe - Checking in with you to see if you had any questions regarding the kb article I posted. Let me know how I can help.
0
 

Author Comment

by:Joe2009
ID: 33571025
tgerbert:

>>>This change will only apply to clients who make a web request for mail.mycompany.com - in which case >>>IIS will redirect their request to https://mail.mycompany.com/
>>>OMA and EAS won't ever be making a request for mail.mycompany.com, they'll always be making >>>requests for mail.mycompany.com/oma/whatever.htm, so they won't be affected.

I'm pretty sure mail.company.com is used by EAS-- that's the address format I use on my Windows Mobile phones...
0
 

Author Comment

by:Joe2009
ID: 33571120
itnetworkn:

>>>Joe - Checking in with you to see if you had any questions regarding the kb article I posted. Let me >>>know how I can help.

Actually, I do. First, that article says:

Note Follow these steps on an Exchange front-end server that communicates with a clustered Exchange back-end server.

Mine is a single back-end server. Are these steps still appropriate?

Second, (and this is embarassing) how does one go about creating an ASP. Is it simply a matter of copying that code into notepad and saving with that extension?

Joe

P.S. Is there any automatic way to quote previous posts in these threads? It would make directing responses to particular people so much easier...
0
 
LVL 33

Assisted Solution

by:Todd Gerbert
Todd Gerbert earned 83 total points
ID: 33571691
You give your mobile phones, etc, the name of your server, which is mail.mycompany.com - but EAS knows to make requests to http://mail.mycompany.com/OMA/pagename.asp, it has no need for website documents located at http://mail.mycompany.com (which is why it works correctly now even though you don't have anything at http://mail.mycompany.com).
Consider this: I have a single server, on it I have my company's website and I have Exchange.  My regular old website is at http://server.domain.com/ and Exchange is at http://server.domain.com/Exchange.  If I were to follow the instructions you posted above it would effectively hide my regular website, because everytime someone tried to go to http://server.domain.com/ they'd be redirected to http://server.domain.com/Exchange instead.  So, assuming you don't have any other websites then this issue doesn't apply to you.
P.S. Is there any automatic way to quote previous posts in these threads? It would make directing responses to particular people so much easier...
No, but I like to use the rich text editor and italicize and indent quoted text.  Also, you can link to comments in a question by typing http: followed by a # sign and the comment number, like so: h t t p : # 3 3 5 7 1 0 2 5 (http:#33571025)
0

Featured Post

Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Utilizing an array to gracefully append to a list of EmailAddresses
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question