OWA redirect from non-secure to secure

[Candidog]

I have my OWA working exactly they way it should. My users goto

https://mail.domainname.com

and they enter there user information and password and they get all there email.

I have users complaining sometimes that they can't get there email via OWA. Turns out they are NOT putting HTTPS but instead they are putting HTTP. Is there away in IIS to have anyone that puts

HTTP://mail.domainname.com

to be redirected to

HTTPS://mail.domainname.com.

Thanks for any help

Greg

 

[58sniper]

How to redirect an HTTP connection to HTTPS for Outlook Web Access clients

http://support.microsoft.com/kb/839357

Pat Richard, MCSE MCSA:Messaging CNA MVP
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[Candidog]

Okay I followed the instructions to perfection from Microsoft Knowledge Base article. I even tripled check my configuration and I still can't get OWA to redirect from non secure to secure connection.

I know my Owahttps.asp script is working because in IIS if I browse the file it works. But when I try from a web browser

http://mail.mydomainname.com

I get the error message the it must be view over a secure channel.

What do you think the culprit is????

Greg

 

[Candidog]

I'm almost there and getting closer.

I've noticed internally inside my network domain if you type from my web browser

http://mail.mydomainname.com

it will not redirect to

https://mail.mydomainname.com

and give me the standard error message saying this page must be viewed over a secure channel.

BUT if the user types...

http://mail.mydomainame.com/exchange

it works and it redirects to the secure site of

https://mail.mydomainename.com

Now I did configure my Exhange 2003 OWA redirection to the instructions below.
To redirect the Default Web Site to point to the Exchange virtual directory, follow these steps:
1. Start the Microsoft Management Console (MMC) IIS snap-in.
2. Right-click Default Web Site, click Properties on the shortcut menu, and then click the Home Directory tab.
3. Under When connecting to this resource, the content should come from, click A redirection to a URL.
4. In the Redirect to box, type /exchange.
5. Under The client will be sent to, click A directory below this one.
6. Stop and start the Default Web Site.


Also I notice if i'm OUTSIDE MY NETWORK (Lets say at home) and I type

http://mail.mydomainname.com

it redirects no problem. I don't have to appended the /exchange.

So why does it work fine outside my network but inside my network, I need to append the /exchange????

Greg

 

[58sniper]

I'm going to assume that you have created a DNS zone for your domain name, and created an A record to point to your OWA box, so that you are, truly, using your Internet domain name to go to the internal box, correct?

Pat Richard, MCSE MCSA:Messaging CNA MVP
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[Candidog]

Yes internally I'm using my Windows 2003 DNS server.

I have an A record that points the mail server

mail.mydomainname.com to my mailserver.

Greg

 

[ShackDaddy]

I'm wondering if the "custom error" you set up to change from HTTP to HTTPS only applies to users who are connecting anonymously. It could be that since internal users connect (I'm guessing) using Windows Integrated authentication, the OWAHTTPS script might not be properly firing, and they are getting a different error, and thus not being redirected. I'm pretty sure that this has something to do with permissions. Authentication type is the only variable I can imagine being a factor between external and internal clients.

Check the Authentication permissions on both the Default Web root and on the Exchange virtual directory beneath it. Play with restricting access to anonymous and see if that changes the behavior.

ShackDaddy