About Me

My photo
TsooRad is a blog for John Weber. John is a Skype for Business MVP (2015-2016) - before that, a Lync Server MVP (2010-2014). My day job is titled "Technical Lead, MS UC" - I work with an awesome group of people at CDW, LLC. I’ve been at this gig in one fashion or another since 1988 - starting with desktops (remember Z-248’s?) and now I am in Portland, Oregon. I focus on collaboration and infrastructure. This means Exchange of all flavors, Skype, LCS/OCS/Lync, Windows, business process, and learning new stuff. I have a variety of interests - some of which may rear their ugly head in this forum. I have a variety of certifications dating back to Novell CNE and working up through the Microsoft MCP stack to MCITP multiple times. FWIW, I am on my third career - ex-USMC, retired US Army. I have a fancy MBA. One of these days, I intend to start teaching. The opinions expressed on this blog are mine and mine alone.

2012/02/03

Exchange 2010 CAS OWA Re-direct

Situation

A client asked me to simplify the OWA URL so that the users (who apparently cannot learn new methods or change their shortcut) would not have to actually type HTTPS or /owa but instead just be able to blindly enter mail.company.com and have it work.  Pretty easy, eh?  Not so, as it turns out.

Yes, I know all about how to “Simplify the Outlook Web App URL”  - I also needed to create a deny and redirect on the TMG layer to cover those users who were outside the firewall.  For the TMG layer I follow fellow MVP Richard Hicks blog article.  Tastes great and is less filling.  For the CAS layer, I follow the Brian Desmond article.  Also tastes great and is equally less filling.

With all that expert help behind me, you’d think I was done early that night, eh?  Not.

What Happened

Normally,  I just step through the well-documented process from the CHM/online help, and  double check myself with the Desmond blog, and es finite!  Not this time.  As it turns out (as the stomach churns) the web.config in the C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Owa folder (your install dir may be different) was not updating properly.  Odd.  No matter what I did, the /exchange, /public/ and /ExchWeb vdir’s would not stay redirected as needed, and the /owa vdir kept getting a redirect also – which results in a redirect loop – and this is not good.

I noticed that the web.config file (previously mentioned above) did not have the expected lines… what I had was this:

Nothing!

I went around this several times.

The Fix I Used

I toggled the /owa to this:

image

Which, after an iisreset /restart gave me this in the web.config file:

<system.webServer>
    <httpRedirect enabled="false" />
</system.webServer>

Based on this forum article, I was expecting to see this:

<system.webServer>
  <httpRedirect enabled="true" destination="/owa" exactDestination="false" childOnly="false" httpResponseStatus="Found">
  </httpRedirect>
</system.webServer>

Well, says I, it ain’t right.  So, I did a little cut n paste and inserted that into my web.config file.  Then did an iisreset /restart again.

As expected, the /OWA vdir was marked to redirect:

image

As were the /exchange, /exchweb, and /public (as they are needed that way).

Hmmm.  OK, if manual methods are needed, I am all for it.  I went back to the web.config file and removed those lines I just put in there… and did another iisreset /restart.  and voila!

image

Why I had to jump through the hoops like this I do not know, but these screen shots are from my lab, which is identical in build to the client (gotta love those labs) and I reproduced it step for step.

FWIW, Pat Richards has a script on his blog that would appear to fix this also.  Also, remember that when you do this, the OAB is going to broken and to fix that you need to add the “authenticated users” group to the /oab/webconfig file as shown here.

image

YMMV.

3 comments:

Unknown said...

I've found using the IIS Rewrite module to be the best internal solution since it doesn't cascade and modify to every single vDir like the IIS manager console does. So no issues with the non-GUI changeable folders, or the OAB. Just need to do a match to the root folder request. Blog post pending...

Darko Cuk said...

You say web.config should not be empty.. well,I experienced same infinite redirect you did and got it working without modifying web.config. All i did is review redirects down the line of VDs in IIS and made sure only certain ones are redirected to full url and three of them (Exchange, Exchange Web and Public) are redirecting to /owa
And it worked.
But thankyouthankyou for putting me on the right path.
Darko

Darko Cuk said...

Thank you for pointing the way.
I got it working without web.config modifications and in the end it is still devoid of redirect code and empty... but thanks, you pointed me in the right direction.
Darko