cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

EV 10.0.4 OWA configuration troubles

dgoodyear
Level 5

‎10-18-2014 02:01 PM

We have recently upgraded to Exchange 2010 and have upgraded to Enterprise Vault 10.0.4.  I am having some troubles with OWA and what the appropriate settings should be in my desktop policy and owa web.config in general.  I think I've read half the forums in the last day and have tried a combination of ideas.  

We have 1 EV server.  Currently, we front our Enterprise Vault web services with an F5 Big IP and pass through traffic.  Both our external and internal clients use the same dns entry of archive.company.com which points them to the F5 vip.  

In our exchange environment we have a CAS array that is fronted by our F5.  Internal and external users that choose to use OWA both use the same dns entry of webmail.company.com which points them to the F5 vip.

I have the OWA extensions installed on the CAS servers.  I have an exchangeservers.txt configured on the enterprise vault server and the owauser.wsf script has been run successfully and the EVAnon site created.

What would be the recommended desktop policy settings for OWA for Client Connection and External Web Application URL?  Currently the inherited settings was Use Proxy and https://outlookanywhere.company.com.   This seems fishy to me. I would think the settings should be Direct and https://archive.company.com/EnterpriseVault

Also, should I be using additional settings in the web.config files such as 

<add key="EnterpriseVault_UseExternalWebAppUrl" value="true"/>

<add key="EnterpriseVault_ExternalWebAppUrl" value="https://archive.company.com/EnterpriseVault"/>

 

Currently, when using webmail internally, my enterprise vault icons and options seem to show up ok.  When I connect to webmail from external, I do not have any enterprise vault icons or options.  I turned on logging while I tested externally and it appears to check my mailbox and grab the EV settings, but never actually enable the icons.  

I have some suspicions that there are different firewall rules in place when connecting to the webmail.company.com F5 vip from outside compared to inside, even though all traffic after that should take the same route.  The only thing I can think of is that rpc is not open from external to our webmail vip.  However, I can browse directly to https://archive.company.com/EnterpriseVault from an external pc.  I am prompted for login credentials.  After logging in, I can use the EnterpriseVault website.  When I connect to https://archive.company.com/EnterpriseVault from a company pc internally, it takes me straight in (due to windows authentication passthrough).  

I think I'm missing something here in general or it shouldn't be as difficult as its turning out to be.  Any recommendations would be appreciated!

 

Just to add since I forgot, that using a typical outlook client internally works fine with EV.  This is all OWA woes. Thanks again!

0 Kudos
4 REPLIES 4

AndrewB
Moderator
Moderator
Partner    VIP    Accredited

‎10-18-2014 08:49 PM

you could try:

<add key="EnterpriseVault_ExternalWebAppUrl" value="/EnterpriseVault"/>

or

<add key="EnterpriseVault_ExternalWebAppUrl" value="https://webmail.company.com/EnterpriseVault"/>

0 Kudos

Andrew_G_
Level 5
Employee Accredited

‎10-20-2014 01:50 AM

The ExternalWebAppUrl is only used to connect the client to the EV apps, i.e. search and archive explorer.

So whether you have that set correctly or not makes no difference to missing icons/menu options. That said, because you are using a different DNS alias to access EV and OWA, then you are correct in setting the parameters to:

<add key="EnterpriseVault_UseExternalWebAppUrl" value="true"/>

<add key="EnterpriseVault_ExternalWebAppUrl" value="https://archive.company.com/EnterpriseVault"/>

 

Back to the missing icons...if both the internal and external clients go via the F5, and only the internal one works, then I would certainly be looking at the differences in the F5 rules for internal/external traffic. It will all be http/s traffic, so rpc rules don't come into it. I suspect it may be blocking access to the EV resources within a subfolder of the OWA virtual directory.

The other things to compare are the log files generated by the extensions for internal and external requests. The first entries loading the hidden settings would be the ones to compare.

0 Kudos

dgoodyear
Level 5

‎11-07-2014 06:38 AM

I added the web.config settings but there was no change that I could tell.  I enabled logging for my account and compared internal and external log files.  Both internally and externally it was seeing the hidden message and retrieving all of the policy settings.  Externally, I kept seeing IsBrowserValid = False.  I suspected perhaps compatibility problems with the browser at that point.  Externally I was using IE 11.  Internally IE 10.  From the support matrix it says that EV is only supported in compatibility mode in IE 10 and IE 11.  I know that I do not have compatibility mode on internally but it seems to work.  Externally, once I added the our site to the compatibility sites list in IE 11, all of the EV buttons and functions appeared and seem to work. 

The only outstanding issue I have now is that selecting anything related to the vault prompts you to log in to the vault.  I'm not sure if you can pass-through authentication from the owa session to enterprise vault session.  Internally this works fine because pc's are domain joined and use integrated windows authentication.

0 Kudos