Support for OWA2007 from Exchange2007 SP1 is still pending but there's a way to get it working already. Typically you would not encounter any issues for OWA2007 in Exchange2007. Buttons work fine, retrieving items goes well, until you upgrade to Exchange 2007 SP1.
Buttons are no longer displayed, you can't retrieve the items through OWA and you find on your CAS server errors in the event viewer like:
An unhandled exception was caught:
System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Authentication failed because the remote party has closed the transport stream.
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.runTryCode(Object userData)
at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
etc.
It's obvious that errors are related to SSL and TLS. During the upgrade to Exch2007SP1, the IIS settings of the "EWS" (Exchange Web Services) virtual directory changed to enforce SSL encryption for enhanced security.
The workaround to have things working in EV is to disable SSL enforcing, thereby still leaving the possibility to have SSL, but not requiring it.
On the CAS server (or the server hosting OWA2007), open the IIS manager and go to the properties of the EWS directory:
Go to tab "Directory Security", choose "edit" from the "Secure Communications". Uncheck "Require secure channel (SSL)" and perform from the command line "iisreset" (this iisreset will impact your OWA for a few seconds).
Open web.config from:
C:\Program Files\Microsoft\Exchange Server\ClientAccess\Owa\web.config
Look foor the block <appSettings>
- make sure that the WebDAVRequestHost contains as value the server hosting the mailboxes, see:
<add key="EnterpriseVault_WebDAVRequestHost" value="servername_MBX"/>
- make sure that the WebDAVRequestProtocol is http instead of https, see:
<add key="EnterpriseVault_WebDAVRequestProtocol" value="http"/>
- make sure that the ExchangeWebServicesUrl points to your CAS server, see:
<add key="EnterpriseVault_ExchangeWebServicesUrl" value="http://servername_CAS/ews/exchange.asmx"/>
There's no need to reset IIS after reconfiguring the web.config, changes are applied in realtime.
Log in to OWA2007 to confirm that EV functionality is available.
Message Edited by BobDubois on 02-01-2008 01:43 AM
Message Edited by BobDubois on 02-01-2008 01:44 AMMessage Edited by BobDubois on
02-01-2008 01:45 AM
