Apache’s mod_proxy with Exchange’s OWA

apache firewall outlook web access

Apache’s mod_proxy module is simply one of the best Apache modules out there. With it, you can do all sorts of things that you usually would not be able to do if you are behind a firewall or other limited network situations.

A problem that recently came up for me was how Microsoft Outlook Web Access (OWA) needs to run on an exchange server, however my linux server is the one that faces the internet (I have the firewall forward the ports to this server). I also purchased an SSL certificate for one domain, so I wanted to use this certificate to access OWA with a proper validating certificate.

All sounds well and good. Using this mod_proxy configuration should work:
ProxyPreserveHost On

#OWA % character in email subject fix
RewriteEngine On
RewriteMap percentsubject int:escape
RewriteCond $1 ^/exchange/.*\%.*$
RewriteRule (/exchange/.*) ${percentsubject:$1} [P]

ProxyPass /exchange https://exchangserver.example.com/exchange
ProxyPassReverse /exchange https://exchangeserver.example.com/exchange
ProxyPass /Exchange https://exchangeserver.example.com/exchange
ProxyPassReverse /Exchange https://exchangeserver.example.com/exchange
ProxyPass /exchweb https://exchangeserver.example.com/exchweb
ProxyPassReverse /exchweb https://exchangeserver.example.com/exchweb
ProxyPass /public https://exchangeserver.example.com/public
ProxyPassReverse /public https://exchangeserver.example.com/public
ProxyPass /iisadmpwd https://exchangeserver.example.com/iisadmpwd
ProxyPassReverse /iisadmpwd https://exchangeserver.example.com/iisadmpwd

Problem – it works ok – except in IE it will prompt you for the password indefinately and not allow you in. In Firefox (Mozilla) it rejects your password, until you hit cancel, then enter your password and it finally allows you in.

To fix this issue, you need to disable “Integrated Windows Authentication”. In the IIS administration panel, go to the website for your exchange server (“Default site” by default) and find the exchange share (This is most likely “Exchange” and “Public”). From there, right click, go to Properties->Directory Security->Anonymous Access and Authentication Control. Make sure “Basic Authentication” is checked while “Integrated Windows Authentication” is unchecked. Do this for any other Exchange shares. This allows authentication to work OK.

Second problem… in OWA, in Internet Explorer only, when you try to view your inbox the “Loading…” message appears indefinately. Microsoft’s Knowledgebase Article 280823 has a few workarounds for this problem, none of which worked for me. OWA apparently has two modes that it runs in, “rich” and “reach” modes. The “rich” client, which it uses for Internet Explorer, can have issues when running behind a firewall. It uses http-dav components which are not passed through correctly.

Now a fix, let’s make sure all clients run in “reach” mode! Using apache, we can hard-code the User agent that will hit the Exchange server. We use the mod_header module of apache, so make sure you compile it in with –enable-headers. Note: this only works with Apache 2.0. Once you have this compiled in, let’s set the User agent:
RequestHeader set User-Agent "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:"
You can use whatever you’d like in the user-agent string, as long as Outlook Web Access does not think it is IE, then it will serve the “reach” client.

After correcting all of the above issues, Outlook Web Access finally works in both Internet Explorer and Firefox.

from http://systembash.com/content/outlook-web-access-apache-proxy/


  • Linux 系统 影响Apache的性能配置参数 影响Apache的性能配置参数:Timeout300指定站点响应的时间秒数。若超过这段时间仍未收到或送出数据,就断开连接。意思是该参数指定Apache在接收请求或发送所请求内容之前的最长等待时间(秒),若超过该时间Apache则放弃处理该请
  • Backup Exec 12.0 Agent for Microsoft Exchange Server 最佳实践 Problem最佳实践包括提示和建议,可帮助您有效地使用Exchange代理。有关Exchange代理的详细信息,请参阅BackupExecforWindowsServersAdministrator’sGuide(《BackupExecf
  • jewelry exchange rentonUA安德玛新款那女通用运动减震专业跑鞋竞技鞋网面中帮运动鞋代购 onlinefrom:jewelryexchangerentonUA安德玛新款那女通用运动减震专业跑鞋竞技鞋网面中帮运动鞋代购jewelryexchangerentonUA安德玛新款那女通用运动减震专业跑鞋竞技鞋网面中帮运动鞋代购米其林轮胎
  • Exchange 2003 Upgrade to Exchange 2007 5.针对客户端的配置步骤5.1MAPI客户端对于使用MAPI连接的客户,需要将新旧两台Exchange服务器同时开机,才能确保用户自动连接到新的服务器上。否则需要手动更改每个客户端的连接服务器,或者使用组策略方式进行配置发送。5.2Outl
  • Android2.2 Exchange使用技巧 Android2.2Exchange使用技巧Exchange邮箱同步功能很多用户已经发现Android手机提供的Gmail账户pushmail功能非常好用,新邮件的提醒甚至比电脑上还快。Android2.2系统开始Exchange邮箱用户也
  • outlook2016 不支持 Exchange Server 的解决方案 近日安装了outlook2016,配置邮箱的时候发现竟然不见了ExchangeServer的选项​。难道要把2013装回去?强迫症表示不能难受啊。​在搞清楚了一大堆内网,外网,域内,域外专业名词后,,,天空飘来五个字
  • Health IT Groups Criticize Information Exchange Regulation Pl 查看原文:http://jane.6te.net/health/health-it-groups-criticize-information-exchange-regulation-plan-informationweek/(clickim
  • 从Exchange 2003升级到 Exchange 2010 (6) ECP发布打开ISA管理单元右击FirewallPolicy选择New—ExchangeWebClientAccessPublishingRule.输入发布规则名称,点击Next选择Exchange2007和ExchangeActiveSy
  • 谷歌推出Ad Exchange助力互联网广告发展 今天,Google宣布在中国正式推出DoubleClickAdExchange广告交易平台。作为一个开放的广告交易市场,DoubleClickAdExchange可以同时帮助广告网络、代理机构以及网络发布商,进行展示广告空间的实时交易。这意
  • 01 安装apache php配置 时区  环境变量  安装mysql  虚 php介绍简介与历史应用领域:php运行环境php语言运行原理安装apache:PHP的命令行运行模式(独立运行):配置apache以运行php网页配置php的基本运行环境确定php配置文件(php.ini)的位置:配置时区:设置环境变量检
  • Win7 配置Apache+PHP+Mysql环境 Win7配置Apache+PHP+Mysql环境在学新技术时,配置环境真是个郁闷的事情,很难熬,不过还好网上有很多弟兄的无私奉献对我很有帮助。第一、安装并配置APACHE(安装到D:\phpapache\Apache2.2)1、安装时默认安
  • connect to Exchange 2003 RPC OVER HTTPS UsingWindows2003/XP'snewRPCoverHTTPfeature,Outlook2003clientscannowconnecttoExchange2003byencapsulatingregularRPC/MAPIco




关于我们 免责声明 移动版

©2017传客网    琼ICP备15003173号-2