By default, when you require an SSL certificate in IIS on an Exchange server, if users hit the page without providing an https:// in front they will get an error. Rather than require certificates, it’s better in most cases to redirect unsecured traffic to a secured login page. In order to do so, first configure the redirect. To do so, open IIS Manager and click on the Default Web Site.
At the bottom of the pane for the Default Web Site, click Features View if not already selected.
Then open HTTP Redirect. Here, check the box for “Redirect requests to this destination” and provide the path to the owa virtual directory (e.g. https://krypted.com/owa).
In the Redirect Behavior section, select the “Only redirect requests to content in this directory (not subdirectories)” check box and set the Status code to “Found (302)”.
In the Actions pane to the right of the screen, click Apply. Then click on Default Web Site again and open the SSL Settings pane. Here, uncheck the box for Require SSL.
Once done, restart IIS by right-clicking on the service and choosing Restart or by running iisreset:
Next, edit the offline address book web.config file on the CAS, stored by default at (assuming Exchange is installed on the C drive) C:\Program Files\Microsoft\Exchange Server\\ClientAccess\oab. To edit, right-click web.config and click Properties. Then click Security and then Edit. Under Group, click on Authenticated Users. Then click Read & execute for Authenticated Users in Permissions. Then click OK to save your changes.
Finally, if you have any issues with any messages not working, start the IIS Manager. Then browse to the virtual directories and open HTTP Redirect. Then uncheck “Redirect requests to this destination” and click Apply. When you’re done, restart IIS again and test the ability to send and receive emails to make sure that mail flow functions without error from within the web interface.
krypted December 6th, 2013
Posted In: Microsoft Exchange Server, Windows Server
error, Exchange, Exchange 2007, exchange 2010, Exchange 2013, http to https, OWA, redirect, redirect default web site from insecure to secure traffic, Windows Server
Kerio leverages the OWA aspect of Entourage so if you open up OWA on the firewall then Entourage will be able to work over port 80 (or 443).
krypted September 22nd, 2007
Posted In: Kerio, Mac OS X
entourage, firewall, Mac OS X, Microsoft Office, OWA
Get a list of all of your virtual directories from PowerShell using this command:
If you are having an issue with a specific virtual directory then you can delete it using this command:
Remove-OwaVirtualDirectory â€œowa (Default Web Site)â€
In the above command we used owa but we could have also used Exchange, Public, Exchweb or Exadmin. To recreate the directory use the following command (again replacing owa in the “” portion of the command with the specified virtual directory you are recreating:
New-OwaVirtualDirectory -OwaVersion â€œExchange2007â€³ -Name â€œowa (Default Web Site)â€
Because Exchange, Public, Exchweb and Exadmin are not native to Echange 2007 then you would actually replace Exchange2007 with Exchange2003or2000. So if you wanted to recreate Exadmin you would use the following command
New-OwaVirtualDirectory -OwaVersion â€œ Exchange2003or2000â€³ -Name â€œExadmin (Default Web Site)â€
krypted March 1st, 2007
Posted In: Microsoft Exchange Server
Exchange 2007, OWA, powershell, scripting, Virtual Directory
Web Application Firewalls, or WAFs, are firewalls for web application. They monitor web traffic and decide whether to allow or deny specific requests. IIS web servers (OWA), Apache, WebObjects, Lasso and other web servers will likely end up working with them, although I’ve only tested IIS and Apache at this point.
krypted April 4th, 2006
Posted In: Consulting, Mac Security, Network Infrastructure, Unix, Windows Server
Apache, IIS, Lasso, OWA, WAF, Web Application Firewall, WebObjects