Creating multiple Outlook Web Access instances is a great way to assign users different sets of OWA features and/or give file share access to users who need it -- without giving everyone in your organization the same access. This tip explains a method that can be used in any version of Windows, although some steps are platform-specific.
--------------------------------------------------------------------------------
Assign an additional IP address to your client access server.
You don't have to install additional network interface controllers (NICs) onto the server, but you can. Windows allows you to bind multiple IP addresses to a single NIC.
Create a new website.
OWA is a Web application that depends on Internet Information Services (IIS). When you install the Client Access Server role, Exchange creates multiple IIS virtual directories within the server's default website.
You can manually add more virtual directories to the default website, but limitations within Exchange Server prevent you from creating additional Exchange-related virtual directories. Therefore, you'll need to create a dedicated website for each additional OWA instance that you plan to create.
As a part of the site-creation process, you must bind an IP address to the site; each site should have a unique IP address. After you assign an IP address to the server, create a DNS record that allows users to access the new website using a new domain name.
When you create a website through IIS, its virtual directory maps to a physical folder on the server's hard drive. Note which folder is being used as the site's home directory.
Create a new virtual directory.
Now that you've created a site to host a new OWA instance, you're going to need to create the necessary Exchange virtual directories within that site. At the very least, you need to create the OWA virtual directory. You may also want to create other directories depending on which Exchange Server versions your organization uses.
There is an Exchange Management Shell cmdlet you can use to create the virtual directories. There are various switches that can be used with this cmdlet, but let's create a virtual directory using the following command:
New-OWAVirtualDirectory –Name "owa" –Website "Contoso.com"
This command creates a new OWA virtual directory and names it OWA. It also binds that virtual directory to the IIS website Contoso.com.
Note: In your organization, replace Contoso.com with the name of your new website.
Microsoft has a series of TechNet articles that explains the procedures for creating various types of Exchange-related virtual directories.
Assign users to specific websites.
Once you've created the new virtual directory, now you can assign users to individual instances of OWA. Unfortunately, neither Exchange Server nor IIS allow you to grant or deny access to specific virtual directories. However, IIS virtual directories map to physical folders on the server's hard drive, making it possible to manage security at the NTFS level.
Use segmentation to disable OWA features.
Open the Exchange Management Console and navigate to Server Configuration -> Client Access, then select the Outlook Web Access tab. You'll see a separate listing for each OWA instance that you created. This makes it possible to manage each OWA instance separately.
If you double-click on a specific OWA instance, the console will display a properties sheet for that instance. Go to the properties sheet's Segmentation tab to enable or disable features within that instance of OWA without affecting other instances. Other property sheet settings are also OWA instance specific.
This technique can be used to make other changes within OWA. For example, you can use these steps to create personalized versions of OWA for individual departments within your company. You would just need to modify the HTML code or image files within an OWA instance. You could also use these steps to regenerate Exchange Server's virtual directories if they became corrupted.
About the author: Brien M. Posey, MCSE, is a five-time recipient of Microsoft's Most Valuable Professional (MVP) award for his work with Exchange Server, Windows Server, Internet Information Services (IIS), and File Systems and Storage. Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal website at www.brienposey.com.
No comments:
Post a Comment
Thank you for your comment! It is my hope that you find the information here useful. Let others know if this post helped you out, or if you have a comment or further information.