As a good Exchange administrator you should be deploying SSL on to your Outlook Web Access.
To further increase the security of your network, you should stop http traffic coming in, by allowing just port 443, not port 80.
However, this change will cause complaints from users, who don't want to have to remember to put in the https in front of the URL. You could just tell the users to get used to it (and in most cases they will) but usually the administrator is forced to come up with a compromise, and put in a redirect.
This is the way that Microsoft ask you to do it: http://support.microsoft.com/kb/839357
The flaw with that method is that you must open port 80 on your web site and also reconfigure IIS to use the replacement page.
This is the way that we offer this facility, which uses the public web site of the client, but needs to have a site that supports ASP.
Yet this method can be further enhanced.
If you have deployed Outlook Mobile Access (OMA) as well (Exchange 2003 only), then you can change the code to the following...
If InStr(Request.ServerVariables("HTTP_USER_AGENT"),"Windows CE") > 0 Then
End If %>
<% response.redirect "https://mail.example.com/exchange" %>
What this code does is detect that the client is a Pocket PC device and redirect the browser to the OMA page. If the client isn't a pocket PC, then they get the regular OWA login page.
If you have made the modification to present the Exchange 2003 forms based authentication page to the users as the default when they hit https:// mail domain.com so that they don't have to put the /exchange at the end, then you can combine this code with that change so that a mobile client is redirected to OMA.
This requires a change to the page that is presented to the client.
This guide is based on English language locations within Exchange. If you are using non-English pages then you will need to adjust those as required.
It is of no use to Exchange 2007 users as Exchange 2007 does not have OMA.
Q: What Happens if the user has changed their browser identification code?
A: It will not work, because the server thinks it is a real PC and not a Pocket PC. The user needs to put the registry change back.
Q: Our corporate web site doesn't support ASP, is there a PHP version of this code?
A: You can probably recreate the above sequence in PHP, but we don't have those skills in house.
© Sembee Ltd. 1998 - 2015.
Reproduction of any content on this web site is prohibited without express written consent. Use of this web site is subject to our terms and conditions.
All trademarks and registered trademarks are property of their respective owners. This site is not endorsed or recommended by any company or organisation mentioned within and is to provide guidance only and as such we cannot be held responsible for any consequences of following the advice given.
Sembee Ltd. is registered in England and Wales at 33 Scrivens Mead, Thatcham, Berkshire, RG19 4FQ.
Registered company number: 4704428. VAT Number GB 904 5603 43.
Sembee is a registered trademark of Simon Butler and is used under licence.