814 CHAPTER 21 DEPLOYING OUTLOOK WEB ACCESS Without

816 CHAPTER 21 DEPLOYING OUTLOOK WEB ACCESS TIP The forms-based logon page requires a user to login with their domainusername, or they can use their UPN. Redirecting Users to SSL Pages Throughout this book, I have strongly urged you to use SSL for Internet protocol clients such as OWA. However, it is hard to convince your user community to use HTTPS rather than HTTP when typing in a URL into their OWA server. Yet with a little ingenuity, you can help them along by redirecting them to the secure site. This is especially important if they have already added the nonsecure site to the browser s Favorites list. One of the things I like to do is to set up a friendly alias to the OWA server (such as owa.somorita.net) and then redirect the default or main page of the Web site so that the user does not have to remember owa.somorita.com/exchange. This makes it a little easier for users to remember the OWA page. If you are enabling SSL, you must use owa.somorita.net as the common name for the certificate. Redirecting Using the SSL Required Error Page You have a couple of ways to redirect users. If the virtual server has been set to require security (on the Directory Security property page and behind the Secure Communications Edit button), then when users connect to a nonsecure page on that server, they will get the 403.4 Forbidden: SSL Required web page. This page is nothing more than an HTML file (%windir%HelpIishelp Common403-4.htm). You can either edit this file or create your own so that it will direct the user automatically to the correct site. For example, I will create a file in the WinntHelpIishelpCommon directory called redirect.htm that has the following contents: Then I have to edit the 403.4 error found on the website s Custom Errors property page to point it to my custom file. This method works most of the time, but it is slower (because the client has to connect to one page and then to another), and it is not always reliable with older browser clients. Of course, if you are blocking port 80 on your firewall, then this method will not do you any good because the inbound HTTP requests will not get to the server in the first place. Redirecting Using the Home Directory Properties Another method you can use (which may be more reliable and faster) is to create an additional site that redirects the user through the server. First, you need to change the nonsecure port of the default website from 80 to something like 8080, and you will probably want to require SSL on that site. Next, you need to create a new virtual server that uses port 80; you can blank out the SSL port because this virtual server does not require SSL security. On the Home Directory property page of the new virtual server (as shown in Figure 21.8), click the A Redirection to a URL radio button. Enter the path to the original web server including the HTTPS, and check the boxes called The Exact URL Entered Above and A Directory Below This One. Often I will even do this on the default virtual server instead. That keeps me from having to create an extra virtual server. Of course, this assumes users are always typing in HTTPS in the URL line. Also, if you are going to direct both internal and external users to this site, you must make sure the URL in the Redirect To field is available internally as well as externally.

Note: If you are looking for good and high quality web space to host and run your application check Lunarwebhost Discount Web Hosting services

Bookmark the permalink.

Comments are closed.