Solved

Redirect OWA 2003 HTTP to HTTPS

Posted on 2010-08-30
8
822 Views
Last Modified: 2012-06-27
Hi.

I have an Exchange 2003 server that I just set up with forms-based authentication and SSL-encrypted OWA, EAS, and OMA thanks to much help from this board.

Now, I want to make it so that instead of having to type https://mail.mycompany.com/exchange, users can simply enter mail.mycompany.com and be directed to the secure sign-on page.

I found this article support.microsoft.com/kb/555053 which appears to be what I'm looking for, but step 3 contains the following caveat:

3.  Assuming that the only thing IIS does on your Exchange server is OWA, make the following change to redirect requests to the /exchange virtual directory.  Open notepad and type the word redirect.  Save the file with the name redirect.htm into the default web site directory.  Now go to the properties of this file from within IIS Manager, and under the option The content for this resource should come from: choose A redirection to a URL.  In the redirect to: box that is now able to be filled it, type /exchange.
 
*Note:  If you have additional content on the default web site of your Exchange server and/or host other websites, be aware that after completing this step, requests to the default website will result in automatic redirection to the /exchange virtual directory.  Make sure that you understand the impact of this change.

Thing is, I don't think I necessarily understand the impact of the change, and I don't want to break EAS and OMA for the sake of OWA.

Will following these steps mess up my EAS/OMA and if so, is there another procedure I can follow to accomplish what I want?

Many thanks.

Joe
0
Comment
Question by:Joe2009
  • 2
  • 2
  • 2
  • +1
8 Comments
 
LVL 6

Accepted Solution

by:
itnetworkn earned 84 total points
ID: 33562735
Joe - I went through the same thing you are doing. I think this kb article is more suitable to what you are trying to accomplish ( http://support.microsoft.com/kb/839357 ) . Try it, and let me know if you have any specific questions, and I'll be happy to assist.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33562743
This change will only apply to clients who make a web request for mail.mycompany.com - in which case IIS will redirect their request to https://mail.mycompany.com/
OMA and EAS won't ever be making a request for mail.mycompany.com, they'll always be making requests for mail.mycompany.com/oma/whatever.htm, so they won't be affected.
0
 
LVL 13

Assisted Solution

by:IT-Monkey-Dave
IT-Monkey-Dave earned 83 total points
ID: 33562818
It's been a while since I thrashed my way through this but basically I have the Exchange web site for OWA, and an EAS web site.  When forms-based authentication is enabled for OWA, it complicates things.  In addition to the #3 you quoted above, I had to create a .asp file.
Take a look at MS KB article 839357.  Therein probably lies the solution you're looking for.  http://support.microsoft.com/kb/839357/en-us
I think there's more too, am still searching my notes...
0
 
LVL 13

Expert Comment

by:IT-Monkey-Dave
ID: 33562853
In my case OWA and EAS requests go through an ISA 2006 server which also complicates things.  You may only need the info contained in 839357 if remote clients access your Exchange server directly for OWA and EAS.
0
Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

 
LVL 6

Expert Comment

by:itnetworkn
ID: 33567870
Joe - Checking in with you to see if you had any questions regarding the kb article I posted. Let me know how I can help.
0
 

Author Comment

by:Joe2009
ID: 33571025
tgerbert:

>>>This change will only apply to clients who make a web request for mail.mycompany.com - in which case >>>IIS will redirect their request to https://mail.mycompany.com/
>>>OMA and EAS won't ever be making a request for mail.mycompany.com, they'll always be making >>>requests for mail.mycompany.com/oma/whatever.htm, so they won't be affected.

I'm pretty sure mail.company.com is used by EAS-- that's the address format I use on my Windows Mobile phones...
0
 

Author Comment

by:Joe2009
ID: 33571120
itnetworkn:

>>>Joe - Checking in with you to see if you had any questions regarding the kb article I posted. Let me >>>know how I can help.

Actually, I do. First, that article says:

Note Follow these steps on an Exchange front-end server that communicates with a clustered Exchange back-end server.

Mine is a single back-end server. Are these steps still appropriate?

Second, (and this is embarassing) how does one go about creating an ASP. Is it simply a matter of copying that code into notepad and saving with that extension?

Joe

P.S. Is there any automatic way to quote previous posts in these threads? It would make directing responses to particular people so much easier...
0
 
LVL 33

Assisted Solution

by:Todd Gerbert
Todd Gerbert earned 83 total points
ID: 33571691
You give your mobile phones, etc, the name of your server, which is mail.mycompany.com - but EAS knows to make requests to http://mail.mycompany.com/OMA/pagename.asp, it has no need for website documents located at http://mail.mycompany.com (which is why it works correctly now even though you don't have anything at http://mail.mycompany.com).
Consider this: I have a single server, on it I have my company's website and I have Exchange.  My regular old website is at http://server.domain.com/ and Exchange is at http://server.domain.com/Exchange.  If I were to follow the instructions you posted above it would effectively hide my regular website, because everytime someone tried to go to http://server.domain.com/ they'd be redirected to http://server.domain.com/Exchange instead.  So, assuming you don't have any other websites then this issue doesn't apply to you.
P.S. Is there any automatic way to quote previous posts in these threads? It would make directing responses to particular people so much easier...
No, but I like to use the rich text editor and italicize and indent quoted text.  Also, you can link to comments in a question by typing http: followed by a # sign and the comment number, like so: h t t p : # 3 3 5 7 1 0 2 5 (http:#33571025)
0

Featured Post

The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now