For example: you’ve installed Exchange 2010, configured all the appropriate roles, including the CAS (Client Access Server; responsible for OWA), and deserve a hero’s welcome, or at least a pat on the back. You then send an email to staff telling them that they can access webmail from the following public URL – https://webmail.domain.com/owa; easy enough right? Wrong! A few days later, calls come streaming in with users attempting to access OWA using incorrect URL’s: http instead of https, forgetting to append /owa to the URL, etc.
Well you can clear all of this up and make it transparent to the user, and they’ll never know you did it; it will just work.
With Exchange 2010 and IIS 7, the process for redirection has been greatly improved over IIS 6. Before, I would place a custom page in the “wwwroot” directory that would automatically redirect the user if they didn’t use “https” or if they didn’t append the “/exchange” (Exchange 2000/2003) or “/owa” (Exchange 2007) directory. This was a combination of customizing the “403.4” error and the home directory settings (maybe a later blog post, if requested).
In IIS 7, you only need a few mouse-clicks and your proper OWA URL to accomplish the same thing.
Open IIS 7 manager and navigate to your “Default Web Site“. In the options panel, open “HTTP Redirect”
Enter the proper OWA URL (i.e, https://webmail.domain.com/owa), select the “Only redirect requests to content in this directory (not subdirectories)” checkbox, and click “Apply“.
Note: The Exchange, Exchweb, and Public virtual directories should redirect to /owa. This is for coexistence scenarios with older versions of Exchange (2000/2003). There should already have been redirect settings in place for this, just make sure that these settings were not affected by adding the redirect above.
Since any changes made to the “Default Web Site” propagate down to subdirectories, as in the “HTTP Redirect” example above, review the following subdirectories and make sure that “Require SSL” is enabled:
- Autodiscover
- ecp
- EWS
- Microsoft-Server-ActiveSync
- owa
- Rpc
- RpcWithCert
Finally, don’t forget to restart the website and test.
There are some scripts floating out online that will perform these steps for you, but I have not had a chance to test, so proceed with caution….and then let me know how it turned out!