none
Exchange CU15 broke my redirect

Answers

  • Hi,

    I suggest you refer to the following step to configure owa redirect:

    Start IIS Manager.
    Expand the local computer, expand Sites, and then click Default Web Site.
    At the bottom of the Default Web Site Home pane, click Features View if this option isn't already selected.
    In the IIS section, double-click HTTP Redirect.
    Select the Redirect requests to this destination check box.
    Type the absolute path of the /owa virtual directory. For example, type https://mail.contoso.com/owa.
    Under Redirect Behavior, select the Only redirect requests to content in this directory (not subdirectories) check box.
    In the Status code list, click Found (302).
    In the Actions pane, click Apply.
    Click Default Web Site.
    In the Default Web Site Home pane, double-click SSL Settings.
    In SSL Settings, clear Require SSL.

    https://technet.microsoft.com/en-us/library/aa998359(v=exchg.150).aspx


    Best Regards,
    David Wang
    TechNet Community Support


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, March 17, 2017 7:46 AM
    Moderator
  • I followed the instructions, after the change at the top level only two items ended up with forwarding on - aspnet_client and mapi.  I removed it from those.  I also restored the SSL settings for the subfolders to what they were after the CU15 changes.

    So far it seems to have worked.


    The newest computer can merely compound, at speed, the oldest problem in the relations between human beings, and in the end the communicator will be confronted with the old problem, of what to say and how to say it. Edward R. Murrow

    Monday, March 20, 2017 2:23 PM

All replies

  • Hi,

    I suggest you refer to the following step to configure owa redirect:

    Start IIS Manager.
    Expand the local computer, expand Sites, and then click Default Web Site.
    At the bottom of the Default Web Site Home pane, click Features View if this option isn't already selected.
    In the IIS section, double-click HTTP Redirect.
    Select the Redirect requests to this destination check box.
    Type the absolute path of the /owa virtual directory. For example, type https://mail.contoso.com/owa.
    Under Redirect Behavior, select the Only redirect requests to content in this directory (not subdirectories) check box.
    In the Status code list, click Found (302).
    In the Actions pane, click Apply.
    Click Default Web Site.
    In the Default Web Site Home pane, double-click SSL Settings.
    In SSL Settings, clear Require SSL.

    https://technet.microsoft.com/en-us/library/aa998359(v=exchg.150).aspx


    Best Regards,
    David Wang
    TechNet Community Support


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, March 17, 2017 7:46 AM
    Moderator
  • In the end I tried the iisstart.htm method but that didn't do anything so I changed it back.

    I've seen similar instructions to the one you mention and the second half which you didn't quote looks like it deals with the settings propagating when you change the top folder.  It seems to completely miss out the Exchange Back End part of the site on IIS.

    I did notice it says "When you configure redirection from a top-level directory in Windows Server 2008, the settings are propagated to lower-level directories", does that mean it won't do it in Server 2012?

    The list of appcmd instructions suggests I should have a subfolder on the default website called 'rpcwithcert' but I don't have one, it's only in "Exchange Back End".  Is that normal?

    Also, the appcmd list doesn't mention my 'mapi' and 'aspnet_client' subfolders.  Should I apply the same rules as for the other folders to these ones?


    The newest computer can merely compound, at speed, the oldest problem in the relations between human beings, and in the end the communicator will be confronted with the old problem, of what to say and how to say it. Edward R. Murrow







    Friday, March 17, 2017 9:44 AM
  • I followed the instructions, after the change at the top level only two items ended up with forwarding on - aspnet_client and mapi.  I removed it from those.  I also restored the SSL settings for the subfolders to what they were after the CU15 changes.

    So far it seems to have worked.


    The newest computer can merely compound, at speed, the oldest problem in the relations between human beings, and in the end the communicator will be confronted with the old problem, of what to say and how to say it. Edward R. Murrow

    Monday, March 20, 2017 2:23 PM
  • Glad to hear that you have got it.

    Please also mark some helpful replies as answers so that someone who has similar issue could find the solution as soon as possible.
    Thanks for your collaboration and understanding.


    Best Regards,
    David Wang
    TechNet Community Support


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, March 21, 2017 1:24 AM
    Moderator
  • I am facing the same issue, but I am just as confused as the original poster.

    Do I have to make any changes to the 'Exchange Back End' site??? If so, what changes need to be made.

    In the 'Default Web Site' I have performed the following steps:

    Configured HTTP Redirect on the 'Default Web Site' to redirect to https site and checked box 'Only redirect requests to content in this directory (not subdirectories).

    In SSL Settings on the 'Default Web Site' I cleared the box 'Require SSL'

    For all sub virtual directories under the 'Default Web Site' I unchecked the box for redirection.

    For all sub virtual directories under the 'Default Web Site' I checked the box 'Require SSL' except for the 'Powershell' directory (require ssl box is cleared).

    Thanks in advance

    Friday, April 07, 2017 6:43 PM
  • I didn't touch the Exchange Back End site at all.

    For the Default site I have a redirect from HTTP (http://mail.contoso.com) to HTTPS /OWA(https://mail.contoso.com/owa) with the condition 'Only redirect requests to content in this directory (not subdirectories)' as described in the instructions.

    I was left in some doubt regarding the remaining changes but decided to return as much as possible to the state that CU15 left it in.  That meant 'Require SSL' on all subfolders except Powershell and removing any Redirects inherited from the top folder - for me that only meant I had to change two of them.

    Once it's done there's a logic to it.  Requests arriving at the default folder with or without SSL will be sent to SSL /OWA.  Requests arriving at a subfolder (such as /ECP) will be dealt with by that folder and require SSL unless it's Powershell.

    It makes sense to me when I say it like that and perhaps more importantly I don't have users freaking out at me that their e-mail doesn't work, so I'm happy with that.  This has been working for me since I made the changes a few weeks ago.


    The newest computer can merely compound, at speed, the oldest problem in the relations between human beings, and in the end the communicator will be confronted with the old problem, of what to say and how to say it. Edward R. Murrow

    Friday, April 07, 2017 7:32 PM
  • Ok, thanks for the reply. I will check my settings next week and post back the outcome.

    Thanks again

    Friday, April 07, 2017 9:42 PM
  • I changed the settings just as stated above and it works fine. I did not have to change anything in the Back End site.

    Thanks for your help on this

    Wednesday, April 12, 2017 4:51 PM