Posts

Redirect port 80 on exchange 2010 to ssl or 443 for OWA or Outlook Web Access

You must use caution when changing the IIS settings for Exchange 2010.  The reason is simple.  Powershell or the Exchange management console EMC uses IIS to manage Exchange.  So if you incorrectly change settings you will render your Exchange EMC and Powershell useless.

VERBOSE: Connecting to cas01.testDomain.com
[cas01.testDomain.com] The WinRM service cannot process the request because the request needs to be sent to a different machine. Use the redirect information to send the request to a new machine.  Redirect location reported: https://owa.testDomain.com/owa/PowerShell. To automatically connect to the redirected URI, verify “MaximumConnectionRedirectionCount” property of session preference variable “PSSessionOption” and use “AllowRedirection” parameter on the cmdlet.
    + CategoryInfo          : OpenError: (System.Manageme….RemoteRunspace:RemoteRunspace) [], PSRemotingTransportRedirectException
    + FullyQualifiedErrorId : PSSessionOpenFailed
First thing you’ll want to do is go to your default website and change the redirect.  Use the settings from this image below.  Use them exactly, you have been warned.

Once that is complete you have to uncheck redirect on all of these sub directories.

  • aspnet_client
  • Autodiscover
  • ecp
  • EWS
  • Microsoft-Server-ActiveSync
  • OAB
  • PowerShell
  • Rpc

Exchange, Exchweb, and Public virtual directories should redirect to /owa.
Now if you try to open Internet Explorer you will receive a HTTP 403.4 error.  That is because SSL is required.  Select the default website just like the image below and remove the SSL requirement.

Once again you will have to go through these virtual sub directories and make sure the SSL box IS checked!

  • Autodiscover
  • ecp
  • EWS
  • Microsoft-Server-ActiveSync
  • OAB
  • owa
  • Rpc

Warning: If you require SSL for the PowerShell virtual directory, you will render Remote PowerShell inoperable!

How your Outlook clients could connect from home without a VPN?

It is possible and you can do it very securely. Heres how, you need to configure Outlook for RPC over HTTPS.
Here is an article that describes the entire process
Configuring Outlook 2003 for RPC Over HTTP