Create MAPI virutal directory in separate website

Hi,

is it possible to create the MAPI virtual directory in a website other than the 'Default Web Site'. I want to have to separate MAPI virtual directories. One for accessing from the internal network (using NTLM) and one for accessing from the internet (using basic authentication). The OWA, ECP and ActiveSync cmdlets have the option to specify the website the vdir is created under, but the new-mapivirtualdirectory doesn't have this option.

Thank!

Frank.

February 13th, 2015 10:29am

Based on this blog from the Exchange Team, I would say no.  It looks like you can only create a separate virtual directory for OWA and the ECP.  

http://blogs.technet.com/b/exchange/archive/2015/02/11/configuring-multiple-owa-ecp-virtual-directories-on-the-exchange-2013-client-access-server-role.aspx

Free Windows Admin Tool Kit Click here and download it now
February 13th, 2015 11:55am

Hi,

is it possible to create the MAPI virtual directory in a website other than the 'Default Web Site'. I want to have to separate MAPI virtual directories. One for accessing from the internal network (using NTLM) and one for accessing from the internet (using basic authentication). The OWA, ECP and ActiveSync cmdlets have the option to specify the website the vdir is created under, but the new-mapivirtualdirectory doesn't have this option.

Thank!

Frank.

I suppose you could add Basic to the list of IISAuthenticationMethods on the existing default directories, but I guess the question is what is the technical requirement here? 

February 13th, 2015 12:55pm

Hi,

indeed adding basic to the existing virtual directory is possible. But we are migrating from Microsoft TMG to Sophos UTM and Sophos UTM explicitly only wants Basic Authentication enabled on the virtual directory.

Frank.

Free Windows Admin Tool Kit Click here and download it now
February 13th, 2015 12:59pm

What about creating a new set of CAS servers in a separate AD Site and use that to front external traffic?  it kind of sucks since you will need to build more DC's for those sites, but I think it could work.

So here's how I would envision it... 

Site A - Has your Cas Servers and Mailboxes and would front internal Outlook Anywhere Access using NTLM.

Site B (Doesn't have to be geographically separated, just a separate subnet)- Would have your Sophos UTM, 2 DCs with Global Catalogs and a couple of CAS Servers (for HA) to front external access for Outlook Anywhere using Basic Authentication. 

February 13th, 2015 1:38pm

Hi,

thanks, but adding an additional site and Exchange servers is above our budget. I'll look for other options.

Frank.

Free Windows Admin Tool Kit Click here and download it now
March 9th, 2015 1:18pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics