Solved

Exchange 2010 Multiple OWA Sites

Posted on 2014-04-22
9
1,334 Views
Last Modified: 2014-04-24
Greetings. We've got an entity within our organization which would like a different OWA logon page (I've customized the default one for the larger organization).  Our UCC cert does have the smaller organization's fqdn in it and the mx record in dns for "mail.other_entity.org" gets them to our OWA page.

I've read that a second OWA virtual directory can be created.

Do I need a second IP / NIC on the mail server to make this happen ?  If so, could someone direct me to some detailed procedures ?

Thanks much.
-Stephen
0
Comment
Question by:lapavoni
9 Comments
 
LVL 9

Expert Comment

by:Mahesh Sharma
ID: 40014298
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 40015726
You don't need a second NIC.
You will need a second IP address, both internally and externally.
That is because SSL is a 1:1 binding to IP addresses.

So setup the second IP address to Exchange. Then change the default web site to be bound to the first address specifically (it will be on "any" by default).
Create a second web site in IIS and adjust the bindings, including SSL for it.

Then create new virtual directories. You will need OWA, ECP and EWS for it to work correctly. OAB and Outlook Anywhere can stay on the default (the end users will not see that), as can ActiveSync, as that can cause problems outside of the default.

Simon.
0
 

Author Comment

by:lapavoni
ID: 40015741
I've got two NICs that are teamed on the server.  Will that be an issue ?  Just add a second IP to the team ?

Also, it's bound to 127.0.0.1  Does loopback apply to all addresses or just the first one ?
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40015775
What is bound to 127.0.0.1 ? The second web site?
It needs to be bound to a specific address, not the loopback address. Don't touch the default site, other than to change the * to the specific address.

Being a team means nothing - as you have a virtual NIC which holds the address.

Simon.
0
 

Author Comment

by:lapavoni
ID: 40015799
The first website is bound to 127.0.0.1  .... not to *
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40017210
The only binding you have to change is the http 80 *, no others.
You should have two bound to port 80, 127.0.0.1 and *.

There will then be one, maybe two bound to HTTPS. You will need to change any of those to a specific address.

Simon.
0
 
LVL 11

Expert Comment

by:hecgomrec
ID: 40017693
I disagree with Simon on this one.

I have mail.mycompany.net, webmail.mycompany.net on my ISP DNS pointing to the same IP.

On my IIS I have a redirect from either to the virtual directory of owa.  This was for legacy purposes when the company was not using autodiscover for their exchange server and the "webmail" was use for OWA only.


Now, in your case you can have a name for the other organization, copy all OWA virtual directory onto a new directory of your choice (lets called "branch" for now) and add it to the default web site.  Modify your logon and logoff .aspx files.  When you want the main owa just use mail.maincompany.org and for the other one you could use mail.branchcompany.org.

So when user type in their browser mail.maincompany.org they will get to the main OWA and the other organization users will use mail.branchcompany.org/branch to get their OWA.

As you can see this works the same way your actual services do (mail.maincompay.org/ecp, mail.maincompany.org/oab, mail.maincompany.org/owa)
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40017899
Except that isn't a supported method.
The only supported route is to use a different web site and use new-owavirtualdirectory

Simon.
0
 

Author Closing Comment

by:lapavoni
ID: 40020162
I will read up on the alternative solution, but the supported one is always preferable.  Thank you again, Simon.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question