none
Exchange 2010 OWA redirect URL to multiple Exchange 2003 mailbox servers

    Question

  • Current situation - Successfully redirecting to ALL Exchange 2003 mailbox servers using the the URL of https://legacy.domain.com/Exchange but with trusted certificate errors on all servers other than that of the A record allocated server matching legacy.domain.com.

    Problem: Because the A record for the certificate entry legacy.domain.com points to one of many Exchange 2003 servers only those mailboxes which are on the server A record referenced server present a trusted cert.

    If a mailbox sits on another Exchange 2003, the redirect process breaks down because the server allocated the A record of legacy.domain.com forwards the OWA request to the home server for the mailbox and does so by using the FQDN of that server.

    Because of this the IE user is presented with a non-trusted certficate error as the FQDN of the server does not match that of legacy.domain.com.

    It would appear from this that Exchange 2010 OWA URL redirect only supports a single Exchange 2003 server and not a chain of Exchange 2003 servers. Does anyone know a workaround for this?

     


    Tuesday, May 31, 2011 10:38 AM

Answers

  • Hi,

     

    From the problem description, I understand that the scenario is OWA Redirection and Proxy with Exchange server 2003/Exchange server 2010.

     

    The Exchange2003URL parameter is a new property that is exposed on the Exchange 2010 CAS OWA virtual directory.  In other words, this is not a global property, but a property assigned on a per-OWA virtual directory basis.  As to why we need to set this property when interacting with Exchange 2003 is that Exchange 2003 is not AD site aware, nor does it have settings published in Active Directory (like ExternalURL) that allow CAS2010 to determine the best front-end server for which a client should be redirected.  That is why we leverage the Exchange2003URL property on the CAS2010 OWA virtual directory - it tells CAS2010 where Exchange 2003 OWA users should be redirected.

     

    I understand that you want to do redirections in order that the 2003 users can access the 2010 OWA and got redirected automatically. The question is, in 2010 OWA, only one exchange 2003 OWA URL can be set in “–Exchange2003url” value. I think it is by designed and your requirement may not be addressed. I suggest that the Exchange server 2003 users have to login via the Exchange 2003 OWA URL manually.

     

    Towards the different scenarios, I would like to share one link for your reference:

     

    Title: Upgrading Outlook Web App to Exchange 2010

    URL: http://blogs.technet.com/b/exchange/archive/2009/12/02/3408921.aspx

     

    The link above contained the detailed information you need.

     

    Thx,

    James

    • Marked as answer by Qbic808 Wednesday, June 01, 2011 8:29 AM
    Wednesday, June 01, 2011 8:11 AM
    Moderator

All replies

  • Do you mean to say, when you type https://legacy.domain.com/owa it goes to https://legacy.domain.com/Exchange ?
    Gulab | MCITP: Exchange 2010 | MCITP: Exchange 2007 | Skype: Gulab.Mallah | Blog: www.ExchangeRanger.blogspot.com
    Tuesday, May 31, 2011 10:53 AM
  • Example better explained below:

    https://mail.domain.com/owa (Exchange2010 URL) redirects to https://legacy.domain.com/exchange.

    Please refer back to original question: can the Exchange 2010 URL redirect be used against several servers rather than just a single server that resolves to legacy.domain.com.

    Outside of this I have found a work around - this is to not use SSL for https://legacy.domain.com/exchange. So instead I have set the following:

    Set-owaVirtualDirectory -id "server (Default Web Site)" -Exchange2003URL http://legacy.domain.com/exchange

    As you can see it breaks the SSL chain completely but does get me out of the situation of having non-trusted OWA pages popping up for those servers that do not resolve to legacy.domain.com in DNS but their FQDN server name.

     

     




    Tuesday, May 31, 2011 12:27 PM
  • Hi,

     

    From the problem description, I understand that the scenario is OWA Redirection and Proxy with Exchange server 2003/Exchange server 2010.

     

    The Exchange2003URL parameter is a new property that is exposed on the Exchange 2010 CAS OWA virtual directory.  In other words, this is not a global property, but a property assigned on a per-OWA virtual directory basis.  As to why we need to set this property when interacting with Exchange 2003 is that Exchange 2003 is not AD site aware, nor does it have settings published in Active Directory (like ExternalURL) that allow CAS2010 to determine the best front-end server for which a client should be redirected.  That is why we leverage the Exchange2003URL property on the CAS2010 OWA virtual directory - it tells CAS2010 where Exchange 2003 OWA users should be redirected.

     

    I understand that you want to do redirections in order that the 2003 users can access the 2010 OWA and got redirected automatically. The question is, in 2010 OWA, only one exchange 2003 OWA URL can be set in “–Exchange2003url” value. I think it is by designed and your requirement may not be addressed. I suggest that the Exchange server 2003 users have to login via the Exchange 2003 OWA URL manually.

     

    Towards the different scenarios, I would like to share one link for your reference:

     

    Title: Upgrading Outlook Web App to Exchange 2010

    URL: http://blogs.technet.com/b/exchange/archive/2009/12/02/3408921.aspx

     

    The link above contained the detailed information you need.

     

    Thx,

    James

    • Marked as answer by Qbic808 Wednesday, June 01, 2011 8:29 AM
    Wednesday, June 01, 2011 8:11 AM
    Moderator