Tiny Deathstars of Foulness

By default, when you require an SSL certificate in IIS on an Exchange server, if users hit the page without providing an https:// in front they will get an error. Rather than require certificates, it’s better in most cases to redirect unsecured traffic to a secured login page. In order to do so, first configure the redirect. To do so, open IIS Manager and click on the Default Web Site. At the bottom of the pane for the Default Web Site, click Features View if not already selected. Screen Shot 2013-12-02 at 1.17.09 PM Then open HTTP Redirect. Here, check the box for “Redirect requests to this destination” and provide the path to the owa virtual directory (e.g. Screen Shot 2013-12-02 at 1.18.03 PMIn the Redirect Behavior section, select the “Only redirect requests to content in this directory (not subdirectories)” check box and set the Status code to “Found (302)”. In the Actions pane to the right of the screen, click Apply. Then click on Default Web Site again and open the SSL Settings pane. Here, uncheck the box for Require SSL. Screen Shot 2013-12-02 at 1.17.19 PMOnce done, restart IIS by right-clicking on the service and choosing Restart or by running iisreset: iisreset /noforce Next, edit the offline address book web.config file on the CAS, stored by default at (assuming Exchange is installed on the C drive) C:\Program Files\Microsoft\Exchange Server\\ClientAccess\oab. To edit, right-click web.config and click Properties. Then click Security and then Edit. Under Group, click on Authenticated Users. Then click Read & execute for Authenticated Users in Permissions. Then click OK to save your changes. Finally, if you have any issues with any messages not working, start the IIS Manager. Then browse to the virtual directories and open HTTP Redirect. Then uncheck “Redirect requests to this destination” and click Apply. When you’re done, restart IIS again and test the ability to send and receive emails to make sure that mail flow functions without error from within the web interface.

December 6th, 2013

Posted In: Microsoft Exchange Server, Windows Server

Tags: , , , , , , , , ,

Kerio leverages the OWA aspect of Entourage so if you open up OWA on the firewall then Entourage will be able to work over port 80 (or 443).

September 22nd, 2007

Posted In: Kerio, Mac OS X

Tags: , , , ,

Get a list of all of your virtual directories from PowerShell using this command: Get-OwaVirtualDirectory If you are having an issue with a specific virtual directory then you can delete it using this command: Remove-OwaVirtualDirectory “owa (Default Web Site)” In the above command we used owa but we could have also used Exchange, Public, Exchweb or Exadmin.  To recreate the directory use the following command (again replacing owa in the “” portion of the command with the specified virtual directory you are recreating: New-OwaVirtualDirectory -OwaVersion “Exchange2007″ -Name “owa (Default Web Site)” Because Exchange, Public, Exchweb and Exadmin are not native to Echange 2007 then you would actually replace Exchange2007 with Exchange2003or2000.  So if you wanted to recreate Exadmin you would use the following command New-OwaVirtualDirectory -OwaVersion “ Exchange2003or2000″ -Name “Exadmin (Default Web Site)”

March 1st, 2007

Posted In: Microsoft Exchange Server

Tags: , , , ,

Web Application Firewalls, or WAFs, are firewalls for web application.  They monitor web traffic and decide whether to allow or deny specific requests.  IIS web servers (OWA), Apache, WebObjects, Lasso and other web servers will likely end up working with them, although I’ve only tested IIS and Apache at this point.

April 4th, 2006

Posted In: Consulting, Mac Security, Network Infrastructure, Unix, Windows Server

Tags: , , , , , ,