Where could users in your organization benefit from choosing OWA to
collect their email? The answer is anywhere which has internet access,
providing you, or your email administrator, take up the challenge of
configuring Exchange Server 2010 for OWA.
You don't need a VPN, you don't even need Internet Explorer, Mozilla or
Chrome will
connect to full OWA experience, (not
the 'Lite' version as in OWA 2007). The key point is that OWA 2010 is almost
indistinguishable from the latest Outlook 2010 client. All that
clients need is internet access, without anyone blocking their browser's
default browser port 80.
What can you do for remote users? How can you help mobile,
travelling users? Once you decide to provide internet or even intranet
access to your corporate Exchange 2010 server, then you may as well provide
the best = OWA 2010. Thus forget Webmail, forget POP3 (or IMAP4) and
go for Outlook Web App 2010.
Incidentally, using the Calendar feature is one of Guy's weaknesses, but thankfully, it's one of OWA
2010's strengths.
A Brief History of Exchange OWA
Sometimes it's worth having a quick look at the history just to see how
far a product has come. Whereas technologies such as POP3 haven't
changed much in ten years, the OWA 2010 client has improved out of all
recognition from the clunky featureless product in OWA 5.5. The two
main driving forces have been improvements in the Outlook client from
Outlook 98 to Outlook 2010, coupled with a drive to make OWA a clone of
Outlook 2010, whereas OWA 2000 and Outlook 2000 looked like distant
relatives.
Another sign that OWA is still a fast improving technology is the number
of enhancements SP1 brings to OWA. It's also a chance to praise Microsoft's development team for re-designing
some pretty average products such as OWA 2000, until they have a smart, and
slick technology such as OWA 2010.
To Access your mailbox via owa, this is what to type in your internet
explorer :
https://ExchServer/owa.
A review of these features will tell you all you need to know about
Outlook Web App (OWA). If you are familiar with the full Outlook
2010 client, you will be hard pressed to spot any omissions.
Set Outlook Web App mailbox policies.
Search folders for messages.
View Favorites in the navigation pane.
Filter incoming messages.
Ignore messages feature.
Attach messages to messages
Ability to set categories in the message list.
Side-by-side view for calendars.
Multiple client language support.
Ability to attach messages to messages.
Expanded right-click capabilities.
Integration with Office Communicator, including presence, chat, and
a contact list.
The same conversation view and experience as Outlook 2010, e.g.
messages are grouped.
Ability to send and receive text messages from Outlook Web App.
Guy Recommends:
The SolarWinds Exchange Monitor
Here is a
free tool to monitor your Exchange Server. Download and
install the utility, then inspect your mail queues, monitor the Exchange
server's memory, confirm there is enough disk space, and check the CPU
utilization.
This is the real deal - there is no catch. SolarWinds provides this
fully-functioning freebie, as part of their commitment to supporting
the network management community.
Remember that Outlook Web App is browser based, therefore it cannot
provide offline access to mailboxes and there are no .PST files. If the Exchange server hosting
OWA becomes unavailable, users are not able to read or send messages. If
offline access to files is required, you must select a different
remote-access method to Exchange Server. Outlook 2010 using Outlook
Anywhere, POP3, and IMAP clients can cache messages to provide offline
access.
Other limitations of OWA that you may anticipate are, no Personal Address
Book - you could not store it locally. There is also no integration
with Microsoft Office, and forget about using Outlook forms.
Guy Recommends: A Free Trial of the Network Performance Monitor
(NPM)
SolarWinds'
Network Performance Monitor
will help you discover what's happening on your network. This
utility will also guide you through troubleshooting; the dashboard will
indicate whether the root cause is a broken link, faulty equipment or
resource overload.
What I like best is the way NPM suggests solutions to network
problems. Its
also has the ability to monitor the health of individual VMware
virtual machines. If you are interested in troubleshooting, and creating
network maps, then I recommend that you try NPM now.
To recap, Exchange Server 2010, as with its predecessors, needs IIS, when
you add the CAS role. The purpose of IIS is to that Exchange 2010 can
create and access these four special virtual directories, and thus support
OWA clients. The best server for the Mailbox Role would be Exchange
2010, for instance, they can utilize Windows SharePoint Services.
However CAS will happily connect to the older Exchange 2003 and 2000
back-end servers, but alas, these OWA clients cannot even view SharePoint
folders or libraries.
/owa. This is the virtual directory accessed by users whose mailboxes are
located on Exchange Server 2010 Mailbox servers.
/Exchange. This virtual directory is only used if you have mailboxes
located on Exchange Server 2003 or 2000 back-end servers.
/Exchweb. This virtual directory is required to access mailboxes that are
located on Exchange Server 2003 or 2000 back-end servers. However, by
default, requests to the Exchweb virtual directory are redirected to the
user's Mailbox server.
/Public. This virtual directory is particularly used by Exchange 2003 or
2000 OWA clients to access public folders on Exchange Server 2003.
In a new twist with SP1, Exchange Server 2010 SP1 provides access to
public folders on an Exchange Server 2010 mailbox server through this
/Public virtual directory.
Troubleshooting OWA
Start with the Exchange Server Best Practices Analyzer
OWA usage reports from IIS logs through the LogParser tool
All the glossy reviews, including the above information, feature Outlook
Premium, however, there is a cut-down version called: Outlook Web App Light -
formerly OWA Basic in Exchange 2003.
Since the regular OWA supports more browsers there are fewer uses for the
Light version.
OWA Light has none of these features:
No:- Html messages (plain text only), Spell checker, Search mail
(Yes, you can search contacts), Tasks, Categories. What hit me hardest was the
lack of tree control which I am used to in Outlook 2010 and OWA Premium.
Guy Recommends: SolarWinds' Free Bulk Mailbox Import Tool
Import users from a spreadsheet, complete with their mailbox. Just provide a list of the
users with the fields in the
top row, and save as .csv file. Then launch this FREE utility, match
your Exchange fields with AD's
attributes, click and import the users. Optionally, you can
provide the name of the OU where the new mailboxes will be born.
There are also two bonus tools in the free download, and all 3 have been approved by Microsoft:
Bulk-import new users and mailboxes into Active Directory.
Basic authentication is a relatively simple authentication mechanism that
encodes each user's logon name and password, then forwards these credentials
to the server. Unfortunately, basic authentication does not support
single sign-on.
Microsoft Windows Server 2003 authentication enables single sign-on to
all network resources. With single sign-on, a user can log on to the domain
one time by using a single password or smart card and authenticate to any
computer in the domain. Basic authentication is supported by all Web
browsers, but is not secure unless you require Secure Sockets Layer (SSL)
encryption.
How to Configure OWA for Forms-based Authentication
By default, forms-based authentication is enabled in Exchange 2010.
This is how to check the configuration:
Launch the Exchange Management Console.
Open the properties of owa (Default Web Site) on the Outlook Web App
tab.
Set the type of logon prompt. The emphasis on 'Prompt', users can
ignore your suggestion if they know any of the other methods. Here are
the choices of prompts for forms-based authentication: FullDomain (cp\guy) ,
PrincipalName (guy@cp.com), or plain UserName (guy).
Reset IIS as recommended in the warning message.
If necessary, you can adjust the format by configuring the Active
Directory directory service and Internet Information Services (IIS).
If you do use Active Directory and IIS to set which user name formats users
can enter, this is independent of the above OWA forms-based authentication
prompt.
Outlook Anywhere
When you first try and understand the Outlook Anywhere feature of
Microsoft Exchange Server 2010, focus on Microsoft Office Outlook 2010.
This means that while Outlook Anywhere is designed to work over the
internet, we are not discussing OWA. What Outlook Anywhere does is
manage the technology which enables a client with the full Outlook 2010 (or
2003) to connect to their Exchange servers over the Internet. The
underlying networking component is RPC over HTTP.
»
Summary of Exchange Server 2010 OWA
Think about what these three words mean - Outlook Web App. It is
the role of OWA 2010 to deliver virtually all the features of Microsoft
Office Outlook 2010. For those with UNIX or Apple Mac operating
systems, Microsoft has developed OWA 2010 Light to enable users to access
their corporate email stored on Exchange Server 2010.
Microsoft has pulled off the amazing feat of reproducing the experience
of the desktop version of Outlook 2010 in a browser. Moreover, the
Microsoft OWA team have enabled administrators to create this service easily
and securely.
I often say that being good at computing means being aware of subtle difference in Microsoft names. Exchange
2010's mail objects is a case in point. Pay careful attention to the difference
between a mailbox enabled user and a mail-enabled user; a security group and a distribution group. Here is a list of the objects which you find the Global Address List.
Mailbox enabled accounts. Regular users with MAPI mailboxes Active Directory accounts.
Mail-enabled users. Contractors who have an Active Directory logon but no mailbox. (No mailbox in your Exchange Organization.)
Contacts. Suppliers, customers, people with email address outside your organization. No Active Directory account. Thankfully, contacts have a different symbol in the GAL.
Distribution groups. These can be Global or Universal Groups, but they are designed for email rather than security. These are sometimes referred to as DLs - Distribution lists instead of
distribution groups. Pay attention to detail and
examine the Members and MemberOf tabs.
Query-based distribution groups. Well worth setting up. Again, note the different symbol from other groups. Incidentally, I wish Microsoft would use different colors for different
scopes of group. Say, Red for Universal and Green for Local Groups.
Mail-enabled groups. Security groups that have mailboxes. Guy says that unless you have a good reason, favour the classic Distribution group and avoid Mail Enabled Security Groups.
Public Folders. Mail-enabled public folders if your users need an easy way to post.
All the address information is held by Active Directory. To the left of the @ is the username, to the right of the @, the email domain name. In fact, I think of the GAL as merely a fancy LDAP query which produces a list of addresses,
for example guyt @ cp.com. The final piece of the address jigsaw is RUS
(Recipient Update Service. RUS is the engine which generates and updates the email addresses that you see in the GAL.
If the GAL is slow to update, then look to the Global Catalog servers. Make sure that there is Windows
2010 Global Catalog server near the Exchange 2010 server. As you may know, the Global Catalog replicates a sub-set of all the user's properties, including Exchange features such as
email address. So if Exchange has access to a local Global Catalog server, then its GAL will be up-to-date.
Clients
Potentially, any client who can query Active Directory can access the GAL. However, you can control who sees which list through read permission on the security tab found on the lists.
Summary - Exchange 2010 Global Address List (GAL)
It's only natural that Outlook users try and find each others email addresses in the GAL. But why would an administrator need to
configure Exchange 2010's GAL? The most likely answers are: control how the names are displayed in the Global Address
List, and possible the need for
custom lists.
If you like this page then please share it with your friends
Here is a
free tool to monitor your Exchange Server.
Download the utility, then inspect your mail queues, monitor Exchange server's
memory, confirm there is enough disk space and check the CPU utilization.
