OWA Permissions

Posted on 2011-02-23
Last Modified: 2012-06-21

The exchange organisation contains two servers named SKYP1 and OWA1. Both servers run Exchange Sever 2003. SKYP1 is configured as a mailbox server. OWA1 is configured as a front end server. OWA1 is configured to allow users to access their email by using Microsoft Outlook Web Access over SSL

Internet users report that they cannot access OWA1. However, Intranet users can use either HTTP or HTTPS to access Outlook Web Accexx by using only HTTPS?

a. Configure the firewall to permit internet users to access port 443 on OWA1. Configure the default Web site OWA1 to require SSL

b. Configure the firewall to permit interner users to access port 80 on OWA1. Configure the default Web site on SKYP1 to require SSL and 128-bit encryption

c. Configure the firewall to allow internet users to access port 993 on OWA1. Configure the default web site on SKYP1 to require and 128-bit encryption

d. Configure the firewall to allow internet users to access port 143 on OWA1. Configure the Exchange HTTP virtual server on OWA1 to enable forms-based authentication for Outlook Web Access

---b.Configure the firewall to permit internet users to access port 80 on OWA1 this will allow http permissions and 443 for https.

However just to ask is OWA created by default when we create exchange server. Do we create a seperate server for OWA also do we keep a storage group where we store the OWA data. I do not understand the seperate server.---------
Question by:kunalclk
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
LVL 31

Accepted Solution

MegaNuk3 earned 300 total points
ID: 34968007
Is OWA1 ticked as a frontend server in ESM?
Remove the "RequireSSL" option off the /Exchange virtual directory on the backend server SKYP1

Owa is installed by default when you install exchange. A front end server is good for performance as you offload all your Internet traffic to it - OWA, POP, IMAP, ActiveSync, you can also offload Internet SMTP traffic to it too.

It is not essential to have a separate server for OWA, just nice.
LVL 31

Expert Comment

ID: 34968025
If you have forms based authentication on OWA1, then ensure the /exchange virtual directory on skype1 has NO SSL and allows "Basic" and "windows Integrated" authentication
LVL 13

Assisted Solution

lauchangkwang earned 200 total points
ID: 34968030
>>However just to ask is OWA created by default when we create exchange server.

When the time you install the Server 2003, there is an options to checked whether you want to activate / install the OWA together

OWA data is the same as the storage data (emails) , normally the front end server is just an interface / guard to secure the real server

Author Closing Comment

ID: 34975828
LVL 31

Expert Comment

ID: 34977477
Thanks for the points, can Internet users now access OWA1?

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question