Configuring WAP Windows Server 2012 R2 for access ...

Thorben_Knappe · ‎09-24-2015

Hi,

unfortunately we must and want replace our ISA 2006, .
TMG is not an option.
So we are going to use the Web Application Proxy role of Windows Server 2012 R2. Here are the possibilities not so great like ISA2006.

Now the callenge.

Production:

https://webmail.mycompany.web OWA / Activesync

https://mailarchiv.mycompany.web Enterprise Vault -> http://mailarchiv1.intern.mycompany.web/enterprisevault

https://mailarchiv1.intern.mycompany.web same like the internal Name, dont ask why.

Test

https://owa.mycompany.web/owa work with ADFS

https://owa.mycompany.web/Microsoft-Server-Activesync work with pass-throughDFS

https://mailarchiv.mycompany.web work to local Enterprise Vault Home Page

When i try to open a archive element in OWA the open a new tab to http://mailarchiv1.intern.mycompany.web that dont work.

In WAP i can not configure Link Translate or not else.

Does anyone have a experience or a solution.

thx

dcVAST · ‎09-24-2015

Have you tested different web.config settings? https://support.symantec.com/en_US/article.TECH141519.html

Thorben_Knappe · ‎09-24-2015

yes, i have. try

EnterpriseVault_ExternalHostNames = owa.mycompany.web

EnterpriseVault_ExternalWebAppUrl = https://owa.mycompany.web/enterprisevault

or

EnterpriseVault_ExternalWebAppUrl = /enterprisevault

EnterpriseVault_UseExternalWebAppURL = true

or

EnterpriseVault_UseExternalWebAppURL = false

without success.

the name off the OWA Server owa.mycompany.web is the same for internal or external access.

Log ---schnipp

25.09.2015 07:52:09 [6860,47] #############################################################
25.09.2015 07:52:09 [6860,47] Request processing started
25.09.2015 07:52:09 [6860,47] Url: https://owa.mycompany.web/owa/redir.aspx?C=hPMfaaQljU2jjmYPWwMgPRhks7DqytIItoEGYDyf_Ojef9zEyiNRFs39m...
25.09.2015 07:52:09 [6860,47] RawUrl: /owa/redir.aspx?C=hPMfaaQljU2jjmYPWwMgPRhks7DqytIItoEGYDyf_Ojef9zEyiNRFs39mdm2KKAXDBub2iWL0lY.&URL=http%3a%2f%2fMailarchiv1.local.mycompany.web%2fEnterpriseVault%2fViewMessage.asp%3fVaultId%3d15253D0B2427DF74B83272C5B43AAFEB51110000Mailarchiv.local.mycompany.web%26SavesetId%3d201411216585662%7e201411140832110000%7eZ%7eA0F170EDD81370D30CD842A880908211
25.09.2015 07:52:09 [6860,47] Query String parameters:
25.09.2015 07:52:09 [6860,47]     C: hPMfaaQljU2jjmYPWwMgPRhks7DqytIItoEGYDyf_Ojef9zEyiNRFs39mdm2KKAXDBub2iWL0lY.
25.09.2015 07:52:09 [6860,47]     URL: http://Mailarchiv1.local.mycompany.web/EnterpriseVault/ViewMessage.asp?VaultId=15253D0B2427DF74B83272C5B43AAFEB51110000Mailarchiv.*.*.*&Sa...
25.09.2015 07:52:09 [6860,47] Cookies
25.09.2015 07:52:09 [6860,47]     MstrPgLd1: 1
25.09.2015 07:52:09 [6860,47]     MstrPgLd2: 1
25.09.2015 07:52:09 [6860,47]     OutlookSession: ca73969e8a8b4d5085ba1135b8fa4af1
25.09.2015 07:52:09 [6860,47]     UserContext: hPMfaaQljU2jjmYPWwMgPRhks7DqytIItoEGYDyf_Ojef9zEyiNRFs39mdm2KKAXDBub2iWL0lY.
25.09.2015 07:52:09 [6860,47]     tzid: W. Europe Standard Time
25.09.2015 07:52:09 [6860,47] Form:
25.09.2015 07:52:09 [6860,47] OWA Session details
25.09.2015 07:52:09 [6860,47]     User agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
25.09.2015 07:52:09 [6860,47]     Authentication type: Negotiate
25.09.2015 07:52:09 [6860,47]     Authenticated user: */*
25.09.2015 07:52:09 [6860,47]     Client IP Address: 172.*.*.*
25.09.2015 07:52:09 [6860,47]     Server IP Address: 10.*.*.*
25.09.2015 07:52:09 [6860,47]     Host: owa.mycompany.web
25.09.2015 07:52:09 [6860,47] Primary SMTP Address: dingdon@mycompany.web
25.09.2015 07:52:09 [6860,47] Explicit Logon: False
25.09.2015 07:52:09 [6860,47] Explicit Logon Address: owa
25.09.2015 07:52:09 [6860,47] EV Extensions DLL version: 9.0.4.0
25.09.2015 07:52:09 [6860,47] [ImpersonationManager::StartImpersonation] Entry: Current user: NT AUTHORITY\SYSTEM
25.09.2015 07:52:09 [6860,47] [ImpersonationManager::StartImpersonation] Entry: Impersonation Level: None
25.09.2015 07:52:09 [6860,47] [ImpersonationManager::StartImpersonation] Impersonating logged on user
25.09.2015 07:52:09 [6860,47] [ImpersonationManager::StartImpersonation] Exit: Current user: */*
25.09.2015 07:52:09 [6860,47] [ImpersonationManager::StartImpersonation] Exit: Impersonation Level: Impersonation
25.09.2015 07:52:09 [6860,47] [EVContext::Initialise] EVContext intialised at 25.09.2015 07:42:02
25.09.2015 07:52:09 [6860,47] [EVContext::Initialise] Hidden settings loaded at 25.09.2015 07:42:02
25.09.2015 07:52:09 [6860,47] [EVContext::IsValidBrowser] Returning: True
25.09.2015 07:52:09 [6860,47] [Id::OwaId] Not enough information to be able to convert to OwaId
25.09.2015 07:52:09 [6860,47] [RequestProcessor::ProcessRequest] Archive Mailbox: False
25.09.2015 07:52:09 [6860,47] [ImpersonationManager:StopImpersonation] Stopped impersonation
25.09.2015 07:52:09 [6860,47] Request processing finished
25.09.2015 07:52:09 [6860,47] #############################################################

---schnapp

dcVAST · ‎09-25-2015

Set EnterpriseVault_UseExternalWebAppURL to true and set EnterpriseVault_ExternalWebAppUrl to the full external URL. Then can you test and trace again.

Thorben_Knappe · ‎09-29-2015

Good morning,

for understanding.

Mailarchiv1.internal.mycompany.web is the internal WEB Server

WEBMAIL.mycompany.web is the old productiv access over ISA 2006

webmail.mycompany.web is the same name for external and internal access.

owa.mycompany.web is the new test access from external. WAP redirect all traffic from owa.

Powershell Output for this two rules

ADFSRelyingPartyName                         : Exchange 2010
BackendServerAuthenticationMode              : IntegratedWindowsAuthentication
BackendServerAuthenticationSPN               : http/webmail.mycompany.web
BackendServerUrl                             : https://webmail.mycompany.web/owa/
ExternalPreauthentication                    : ADFS
ExternalUrl                                  : https://owa.mycompany.web/owa/
InactiveTransactionsTimeoutSec               : 300
Name                                         : Exchange 2010 OWA

ADFSRelyingPartyName                         : Exchange 2010
BackendServerAuthenticationMode              : IntegratedWindowsAuthentication
BackendServerAuthenticationSPN               : http/mailarchiv.mycompany.web
BackendServerUrl                             : http://Mailarchiv1.internal.mycompany.web/enterprisevault/
ExternalPreauthentication                    : ADFS
ExternalUrl                                  : https://owa.mycompany.web/enterprisevault/
Name                                         : Exchange 2010 OWA Enterprise Vault

in OWA when reply or forward archive item, it works! but use Archive explorer or search Archive or view original item.

EnterpriseVault_UseExternalWebAppURL = true

EnterpriseVault_ExternalWebAppUrl = https://owa.mycompany.web/enterprisevault/

HTTP Log from OWA Server

30.09.2015 07:19:04 [6860,45] [EWSBase::GetEVHiddenMessageId] Retrieved settings
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings] Retrieved hidden message from web services
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings] Settings from hidden message:
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     SiteEntryId=1A8245780BE4C8147A0AD41DA2D53F8181d10000Mailarchiv.internal.mycompany.web
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     DefaultDoubleClickView=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     DefaultWebAppURL=http://Mailarchiv1.internal.mycompany.web/EnterpriseVault
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     OWAWebAppURL=http://Mailarchiv1.internal.mycompany.web/EVAnon
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     MailboxServer=BLNHRZ231
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     SystemMailbox=SMTP:****
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     UsersCanDeleteItems=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     ServerVersion=9.04
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     MailboxState=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     MailboxDN=*****
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     DefaultArchiveId=1D41639B729EB5C4492D564FEAA9CF3BE1110000Mailarchiv.internal.mycompany.web
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     UseInactivityPeriod=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     UseQuotaLimit=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     InactivityPeriodUnits=2
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     InactivityPeriod=3
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     MinAgePeriodUnits=2
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     MinAgePeriod=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     UseLargeItemsSize=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     LargeItemsSizeKB=10240
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     ArchiveOnlyWithAttach=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     ArchiveDelItemsFolder=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     PFInactivityPeriodUnits=2
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     PFInactivityPeriod=3
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     PFMinAgePeriodUnits=2
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     PFMinAgePeriod=3
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     PFUseLargeItemsSize=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     PFLargeItemsSizeKB=10240
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     PolicyEntryId=178F45E626FB05B41B50E004DF9BEB2AB1012700Mailarchiv.internal.mycompany.web
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     PSTPolicyEntryId=1F8A0FA3FAD6D6B4A8FC58F34E1B8C9EE1012700Mailarchiv.internal.mycompany.web
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     DefaultRetentionCategoryId=1F53F904F3B6E9B46B74EFC9803FEA8AD1b10000Mailarchiv.internal.mycompany.web
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     PSTImportEnabled=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     ArchiveManagedFolders=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     ManagedFolderHandling=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     ArchiveSettingsLocked=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     AddAllEVServers=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     AddServerToIntraNetZone=Mailarchiv1.internal.mycompany.web;Mailarchiv.internal.mycompany.web
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     AllowScriptPublicFolders=2
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     AllowScriptSharedFolders=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     ArchiveExplorerBtnVisible=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     AutoDeleteIECache=2
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     AutoReEnable=2
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     BypassLocalProxy=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     CancelBtnVisible=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     DeployFormsLocally=2
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     MarkPSTs=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     OVEnabled=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     OVSetupWizard=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     OVStartDownloadBtnVisible=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     RPCOverHTTPProxyURL=http://webmail.mycompany.web/enterprisevault
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     RPCOverHTTPRestrictions=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     UseSelfInstallFunct=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     VVReadingPaneContent=2
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     ExternalWebAppURL=https://webmail.mycompany.web/enterprisevault
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     OWA2003ArchiveSubFolders=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     OWA2003BasicArchiveFunction=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     OWA2003BasicRestoreFunction=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     OWA2003DeleteMode=0
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     OWA2003RestoreToRestoredItems=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     OWAClientUseDirectConnection=1
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     EVSERVERS=Mailarchiv1.internal.mycompany.web;***;
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings]     OVMessageClassInclude=IPM.Post*;IPM.Note*;IPM.Document*;IPM.Appointment*;
30.09.2015 07:19:04 [6860,45] [EVContext::LoadHiddenSettings] Finished loading hidden settings
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings] Mailbox Settings loaded at: Mittwoch, 30. September 2015, 07:19:04
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Enabled for archiving: Enabled
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Web App Url: http://Mailarchiv1.internal.mycompany.web/EVAnon
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Default Web App Url: http://Mailarchiv1.internal.mycompany.web/EnterpriseVault
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     External Web App Url: https://webmail.mycompany.web/enterprisevault
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Mailbox DN: ****
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Default Archive Id: 1D41639B729EB5C4492D564FEAA9CF3BE1110000Mailarchiv.internal.mycompany.web
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Default Ret Cat Id: 1F53F904F3B6E9B46B74EFC9803FEA8AD1b10000Mailarchiv.internal.mycompany.web
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Site Entry Id: 1A8245780BE4C8147A0AD41DA2D53F8181d10000Mailarchiv.internal.mycompany.web
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Users Can Delete Items: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     EV Server Version: 9.04
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     View Mode: OWA
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Open Mode: ArchivedItem
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Reply Mode: ArchivedItem
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Reply to All Mode: ArchivedItem
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Forward Mode: ArchivedItem
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Delete Mode: ShortcutOnly
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Archive on Toolbar: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Restore on Toolbar: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Cancel on Toolbar: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Delete on Toolbar: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Help on Toolbar: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Archive on Context Menu: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Restore on Context Menu: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Cancel on Context Menu: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Delete on Context Menu: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Archive Explorer in Light Client: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Archive Explorer in Premium Client: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Search in Light Client: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Search in Premium Client: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Browser Search Link: True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Archive Managed Folders: False
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Managed Folder Handling: Off
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Archive function in Light Client: Enhanced
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Archive function in Premium Client: Enhanced
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Archive Confirmation (basic function): True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Archive Sub Folders (basic function): True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Restore function in Light Client: Enhanced
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Restore function in Premium Client: Enhanced
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Delete Shortcut on restore (basic function): True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Restore confirmation (basic function): True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Restore to restored items folder (basic function): True
30.09.2015 07:19:04 [6860,45] [EVContext::LogHiddenSettings]     Hide OWA Archive Policy: False
30.09.2015 07:19:04 [6860,45] [EVContext::Initialise] EVContext intialised at 30.09.2015 07:19:04
30.09.2015 07:19:04 [6860,45] [EVContext::Initialise] Hidden settings loaded at 30.09.2015 07:19:04

VOX

Configuring WAP Windows Server 2012 R2 for access to Enterprise Vault 9.x