Hello,I'm fairly green when it comes to administering Exchange, so if you could help me with this problem that would be great!I've build a new Windows Server 2008 with Exchange 2007 in a new domain.I've configured OWA and externally people now can login to OWA via https://www.mydomain.nl/owaSo far so good. Now I tried to use "http redirect" on the "default web page" so that people can go to https://www.mydomain.nl and log in to OWA.The login screen appears and people can type their username and password, but when they try to log on the page keeps loading and appears to hang on this:"waiting for https://www.mydomain.nl\owa\owaauth.dll..."What am I doing wrong here...shouldn't I use http redirect at all or have i created some sort of loop? I've recreated the virtual directories but this didn't help. I've run "test-owaconnectivity -testtype external" and this is the result:"The test received an unexpected response to an Outlook Web Access request."In the Exchange Management Console is the external address for OWA configured as https://www.mydomain.nl/owaAny help would be appreciated...if you need more info please let me know!Kind regards,Serge de Klerk

This article only works if you are accessing it from outside using http://site to go to https://site. My problem is that internally, we cannot go to https:/site, but have to use a different URL. in other words: http://mail.site.com -> https://mail.site.com/owa http://server -> https:/server/owa This redirect will take https://sever -> https://mail.site.com/owa which is not accessible from inside. I'm looking for something like the Exchange 2003 / IIS 6 article (http://support.microsoft.com/kb/555053) that redirects on the fly with the 403 redirect, that takes whatever was entered, and redirects it to the same url, but changes the HTTP: to HTTPS and adds /owa to the end. i.e. this process: 1. In the inetpub/wwwroot folder create a folder called CustomErrors2. Open notepad and paste the following text into it-----------------copy all below---------------------<%If Request.ServerVariables("HTTPS") = "off" Then Response.Redirect "https://" & Request.ServerVariables("HTTP_HOST") & "/Exchange"End If%>-----------------copy all above---------------------Save the file as Owahttps.asp in your CustomErrors Directory.(change the save as file type to "All files" or it will save as Owahttps.asp.txt)3. On the Web server open https://" & Request.ServerVariables("HTTP_HOST") & "/Exchange"End If%>-----------------copy all above---------------------Save the file as Owahttps.asp in your CustomErrors Directory.(change the save as file type to "All files" or it will save as Owahttps.asp.txt)3. On the Web server open IIS administrator (under admin tools)4. Expand servername > Web Site > Default Website5. Locate the CustomErrors Directory (IN the IIS admin console) > right click > properties.6. Directory Tab > Application settings section, click Create.7. CustomErrors shouls appear in the "Application Name" box.8. IF you are running Exchange 2003 on IIS 6 then change the "Application pool" box (click the drop down arrow) to "ExchangeApplicationPool"9. Click the Directory Security tab > Authentication and access control section > Edit.10. Tick Enable anonymous access > OK. 11. Look down to the Secure communications section > Edit.12. Untick Require secure channel (SSL) check box, > OK > OK.13. Right-click the Exchange virtual directory > Properties.14. Click the Custom Errors tab > scroll doen to > 403.4 > double click it15. Change Message Type to URL > in URL box enter /CustomErrors/Owahttps.asp > OK.16. Click the Directory Security tab > Secure Communications > Edit. 17. Tick Require secure channel (SSL) check box. (If you want 128 bit tick that too) > OK > OK For some reason, when you follow that article, it does not work--I've tried it 3 different client sites. I think it has something to do with the application pool--but not comfortable enough with IIS to fiddle with it too far. Any help you may have would be appreciated. AND I Don't have ISA Server (They are Cisco PIX firewalls). I've looked at both of these links: How to redirect an HTTP connection to HTTPS for Outlook Web Access clientshttp://support.microsoft.com/?id=839357How to make Outlook Web Access the default Web sitehttp://support.microsoft.com/kb/319878/

Hi Serge, I have copied the URL which will guide you step by step to redirect OWA URL to secure URL. Just look in the Windows 2008 Section http://technet.microsoft.com/en-us/library/aa998359.aspx Vinod |CCNA|MCSE 2003 +Messaging|MCTS|ITIL V3|

what i did was within iis manager is made the following change only the default web site (not any virtual directories)under the error pages features i modified the custom error page for error code 403i changed it to respond with a 302 redirect and set the absolute URL to https://mail.domain.com/owa

Hi people,thanks for the quick replies!@Vinod: I've done all that so that http redirect is only enabled on de default web page and the OWA virtual dir, but still not working.@jimthemcp: i'll give that a try, maybe that works for me too!

what i did was within iis manager is made the following change only the default web site (not any virtual directories)under the error pages features i modified the custom error page for error code 403i changed it to respond with a 302 redirect and set the absolute URL to https://mail.domain.com/owa well i've tried this too, without luck...Any other idea's?If I try this with Firefox it tells me that the server is redirecting the request into an infinite loop... could it be that I've created a loop somewhere?

check your virtual directories and make sure they do not have this settingiis 7 virtual direcotries tend to inherit from the web site

the only virtual directory that has this redirect is the OWA directory...when i remove it from this directory as well then the redirect on the default web page dissappears as well...but i do notie that I removed it from ALL directories, even directories like "auth" and "bin"...was that a bit too much?

The root IIS 7 directory default file should contain a redirect to the https://domain.com/exchange Configure IIS 7.0 for Redirects: On the Client Access Server modify the iisstart.html page in C:\inetpub\wwwroot to the following: <html> <head> <title>HTML Redirection to https:</title> <META HTTP-EQUIV="Refresh" CONTENT="1; URL=https://webmail.url.com/exchange"> </head> <body> This page is attempting to redirect you to <a href=" https:// webmail.url.com /exchange/">https:// https:// webmail.url.com /exchange</a><br> If you are not redirected within a few seconds, please click the link above to access Outlook Web Access. </body></html> Also, configure the IIS 7.0 error pages: Error Code 403 Set to Respond with a 302 Redirect and specify the URLSF - MCITP:EMA, MCTS

thank you Scott for your reply.I've tried your solution and it still doesn't work.What address shouldbe assigned to the external OWA addressin theExchange Management Console?Now it states https://webmail.mydomain/owa

I'm reinstalling the CAS role and IIS right now...let's see if that does the trick

this unfortunately hasn't achieved anything. I'm still getting the same error. I've de-installed IIS and CAS as described in http://support.microsoft.com/default.aspx/kb/320202I've left the external address blank in the OWA properties field (Exchange Management Console) and as long as i don't enable the http redirect I'm able to connect to https://webmail.mydomain.nl/owaBut when i enable http redirect to https://webmail.mydomain.nl then iend up at the login screen and enter my credentials, then the site hangs on "waiting for https://www.mydomain.nl\owa\owaauth.dll..."I've disabled http redirect on all the other virtual directories as described in http://technet.microsoft.com/en-us/library/aa998359.aspx any ideas?

I notice that whenever the site hangs on the owaauth.dll i get these messages in the evenvwr, CAN IT BE AN ASP.NET PROBLEM?? Event code: 3008 Event message: A configuration error has occurred. Event time: 7/29/2009 12:24:39 PM Event time (UTC): 7/29/2009 10:24:39 AM Event ID: 33c8d0bb3d9045e28d390b6bacc5dc42 Event sequence: 4 Event occurrence: 3 Event detail code: 0 Application information: Application domain: /LM/W3SVC/1/ROOT/Autodiscover-1-128933365014758049 Trust level: Full Application Virtual Path: /Autodiscover Application Path: C:\Program Files\Microsoft\Exchange Server\ClientAccess\Autodiscover\ Machine name: EXC01 Process information: Process ID: 832 Process name: w3wp.exe Account name: NT AUTHORITY\SYSTEM Exception information: Exception type: ConfigurationErrorsExceptionException message: Could not load file or assembly 'Microsoft.Exchange.Clients.Owa' or one of its dependencies. The system cannot find the file specified. (C:\Program Files\Microsoft\Exchange Server\ClientAccess\Owa\web.config line 41) (C:\Program Files\Microsoft\Exchange Server\ClientAccess\Owa\web.config line 41) Request information: Request URL: https://EXC01.MijnWebDesktop.local:443/Autodiscover/Autodiscover.xml Request path: /Autodiscover/Autodiscover.xml User host address: 192.168.1.127 User: Is authenticated: False Authentication Type: Thread account name: NT AUTHORITY\SYSTEM

what happens if you go to the local server and do https://localhost/exchange?I'm wondering about SSL cert on the CAS server.What happens when you do this: Test-OwaConnectivity URL https://url.com/owa -MailboxCredential (Get-Credential domain\user) -TrustAnySSLCertificate -Verboseand Test-WebServicesConnectivity MailboxCredential (Get-Credential domain\user) -TrustAnySSLCertificateAlso, have you done a test-servicehealthWhat about a BPA? This should work internally first. Are you coming through a reverse proxy or anything like that or are you connecting directly to the server? SF - MCITP:EMA, MCTS

when i go to https://localhost/exchange i cant connect, "Internet Explorer cannot display the webpage"on the first test i get this error:WARNING: The test received an unexpected response to an Outlook Web Access request.Second test:[System.Net.WebException]: The underlying connection was closed: An unexpected error occurred ona send. Inner error [System.IO.IOException]: Unable to read data from the transport connection:An existing connection was forcibly closed by the remote host.test-servicehealth seems to run ok.What is a BPA?And no reverse proxy or anything, we connect directly to the server. I just find it weird that the SSL connection does work as long as i dont use http redirect.So basically, from the inside it doesn't work...and if that doesn't work then from the outside it will never work, is that it?

Hmm, BPA is the Best Practice Analyzer. So, you can't ge tto OWA at all.What kind of Cert are you using? Self Signed, Private or Public? My only guess is that Virtual Directory may have been corrupted. You could try to remove it, make sure the folder for that virtual dir is empty and then recreate it.Another option would be to remove the CAS server and then do a setup /recoverserver I'm thinkling IIS may have gotten messed up at some point.What OS are you using?SF - MCITP:EMA, MCTS

When I set this up in my environment I found that IIS 7 will apply the redirect to all virtual directories under the site. In other words, if you use the HTTP Redirect feature on the default web site to redirect to "owa," this gets applied on all virtual directories under it as well. As a result, you are redirected from mysite.com to mysite.com/owa, which redirects to mysite.com/owa/owa, etc. In short, be sure the HTTP Redirect feature is not set on the OWA virtual directory (and all of your other virtual directories).

@Scott: it's a public cert i believe, we bought it somewhere...So you mean that the actual folder of the virtual folder (C:\Program Files\Microsoft\Exchange server\Client Access\OWA) should be empty before i rebuild it?i'm using windows server 2008@neil: but when i remove the http redirect from the owa folder too, then the http redirect also gets removed from the default web page...

@neil: but when i remove the http redirect from the owa folder too, then the http redirect also gets removed from the default web page... That's a problem, as long as the redirect is set on the owa folder, it won't work. In fact I remember getting the same message you were about owaauth.dll when I had that problem.

I would remove the owa virtual directory (as you tried before) using the Exchange command line tool.Then I would validate the home folder is empty after removing the dir.Then I would recreate the owa virtual directory, test it for OWA connectivity and verify OWA works. Once that is done I would do the redirects as mentioned above.If you are using coexistance you will want to set up the redirect on the /exchange folder b/c that is where users will need to go to. The /exchange folder will direct them to 2003 or 2007 depending on where the account is.If they are all one 2007 then direct them to the /owa folder. You also may need to remove the Exchange 2003 folder as mentioned above and recreate it.SF - MCITP:EMA, MCTS

I've deleted the CAS role, emptied the owa folder and the reinstalled the CAS role.Without the redirect the OWA is available at https://webmail.mydomain.nl/owaI turn redirect on and i have this problem again. Weird thing is that i cant remove the http redirect from the OWA virtual directory, because when i do that, just like neil said,then the redirect on the default web site is removed too...When i look at the advanced options of the default web site the I see that the physical path is "C:\Program Files\Microsoft\Exchange Server\ClientAccess\Owa" and the app pool is "MSExchangeOWAAppPool" ... are those the right settings for the default web site, because they are the same as for the owa virtual directory??Maybe i should put the OWA rule on another server just to check if that would work...

HTML code should be at the root directory, not the owa directory.The redirect should be from the errors page on the root directory as well.This of course is in IIS 7, and you can find those directories by exploring iis 7 and select (I think) explore or browse. Can't remember off the top of my head.SF - MCITP:EMA, MCTS

I finally got it working!as Neil said, the problem was that the redirect also was on the OWA virtaul directory. When I removed it from the OWA dir then the redirect also disappeared from the default web site.That problem was caused by the fact that for some odd reason the default web site had the same application pool and physical path as the OWA dir, so they also use the same web.config file.Therefor changing settings for the one also affected the other. I changed the settings for the default web site to "default app pool" and for the physical path "C:\Inetpub\wwwroot"Now I was able to disable the redirect on the OWA dir and voila...OWA works!Thanks for your help guys!

It is working; I am looking for comments or a better way. (403 Error)? I am migrating from Exchange 2003 on a 2003 server to Exchange 2007 on a 2008 server. Both Exchange 2003 and 2007 are coexisting during the migration process to Exchange 2007. On Exchange 2003 running on 2003 server runs iis 6.0 (to figure out which iis version Control Panel > Add Remove Programs, Help About does not show you the iis version). On Exchange 2007 running iis 7.0 (Help About displays the iis version). I am trying to accomplish access web mail by going to http://mysitename to redirect https://myservername/owa. First let me tell you what did not work and then I will go over what works. On iis 7.0 on the 2008 server Start > Administrative Tools > iis Manager , click on Sites > Default Web Site and in the default website home right screen I clicked on Redirect and added https://myservername/owa and it did not work. I also tried writing a .asp and a .aspx redirect program and I could not get the iis 7.0 code to work, nor did I figure out exactly where to put the code. What worked is in the default website double clicking on 404 Error and selecting 403 error I added under respond with a 302 redirect https://myservername/owa (note if you have not changed anything to see the correct under owa double click http redirect, the url should be listed and the url listed under owa redirect is the url that I added to the 403 error, 302 redirect. What I am interested in is there a better way to redirect http to https and if so what is the correct code for iis 7.0?

A caveat maybe the missing part: Following the solutions provided above add these steps in iis click on the Default Web Site, double click on the SSL icon located on the right of the page, turn off ssl, apply and in a command prompt type iisreset. Then click on owa and double click on ssl and enable both require SSL and 128-bit SSL, apply and in a command prompt type iisreset. It works now and this is a simpler solution.

Ill go ahead and post this up again - I used the URL re-write successfully to do 80->443 as well as / -> /owahttp://chrislehr.com/2008/11/exchange-2007-owa-redirect.htmChris