Category Archives: 17822

OWA 2013 CU1 Redirection is Broken for Legacy Mailboxes

Exchange 2013 CU1 includes a new native module for HTTP to HTTPS redirection in OWA 2013.  This means that users only need to enter the URL for the OWA 2013 server or load balancer to gain access to OWA.



For example, a user can enter webmail.contoso.com in their browser and OWA 2013 will automatically redirect the user to https://webmail.contoso.com/owa.  This all works great out of the box and does not require any extra configuration by the administrator.



User enters http://mail.domain.com in browser



OWA 2013 CAS redirects http://mail.domain.com to https://mail.domain.com/owa


However, a problem occurs when CAS 2013 CU1 is the front end for an Exchange 2010 SP3 mailbox, which would be typical during a coexistence scenario.  CAS 2013 proxies the HTTPS redirected URL that the user first entered (mail.contoso.com, without the /OWA) to CAS 2010, which results in the following experience:



OWA 2010 mailbox proxied through CAS 2013 CU1

I have not tested it, but I expect Exchange 2007 mailbox users proxied by CAS 2013 CU1 will have the same experience.



Microsoft is aware of the issue, which is expected to be fixed in Exchange 2013 CU2, due around July according to the Exchange 2013 Servicing model.



Until CU2 is released, there are a couple of workarounds:

  1. Perform redirection on the load balancer, if available (i.e., redirect all webmail.contoso.com URLs to https://webmail.contoso.com/owa).  This will cause CAS 2013 to redirect the latter URL to CAS 2010 properly.
  2. Disable the new native redirection module and then use old-school redirection, as follows:

  • Open the %systemdrive%\inetpub\wwwroot\web.config file in Notepad and disable the native redirection module by remarking the <modules> section.
Change this section:

<system.webServer>
<modules>
<add name=”OwaUrlModule” type=”Microsoft.Exchange.HttpProxy.OwaUrlModule,Microsoft.Exchange.OwaUrlModule,Version=15.0.0.0,Culture=neutral,PublicKeyToken=31bf3856ad364e35″ preCondition=”” />
</modules>
</system.webServer>

to this:

<system.webServer>
<!– <modules>
<add name=”OwaUrlModule” type=”Microsoft.Exchange.HttpProxy.OwaUrlModule,Microsoft.Exchange.OwaUrlModule,Version=15.0.0.0,Culture=neutral,PublicKeyToken=31bf3856ad364e35″ preCondition=”” />
</modules> –>
</system.webServer>

  • Save the web.config file.
  • Create a new default.htm file in %systemdrive%\inetpub\wwwroot that contains the following:

<html><meta http-equiv=”REFRESH” content=”0;url=/owa”></HEAD></html>

  • Create a new custom error for HTTP to HTTPS redirection.  Select the Default Web Site in IIS Manager, double-click Error Pages, then click the Add button.
  • Enter 403.4 for the Status Code and select Respond with a 302 redirect.  The enter the Absolute URL as https://webmail.domain.com/owa, using your own OWA FQDN as shown above.
  • Finally, reset IIS using the command IISRESET /NOFORCE /TIMEOUT:120
  • Rinse and repeat for all CAS 2013 CU1 servers.


Exchange 2013 RTM CU1 Stops Transport During Prerequisite Check

I was hoping this issue would be resolved before Exchange 2013 RTM CU1 was released, but apparently not.  This only affects upgrades from Exchange 2013 RTM to RTM CU1.



During the installation of Exchange 2013 RTM CU1, setup runs a prerequisite check on the Exchange 2013 RTM server.  Among other things, setup checks to see that required Windows features and rolls are installed.  If they’re not, setup cannot continue and you need to cancel the installation to install the necessary prerequisites.  The prerequisite check stage is also the last point where you can cancel the installation for any other reason.



Unfortunately, setup stops the Microsoft Exchange Transport service during the prerequisite check and does not restart it if you cancel setup to install the prerequisites.  This means that email flow is affected prior to installing CU1.



If you do cancel installation for any reason after setup runs the prerequisite check, make sure you manually restart the Microsoft Exchange Transport service.


The Last Missing Piece – Exchange 2013 RTM CU1 Released!


Exchange 2013 RTM CU1 was released to the web today, finally allowing customers to upgrade from Exchange 2007 and Exchange 2010.  You can download Exchange 2013 RTM CU1 here.  As you probably know, there is no direct upgrade path from Exchange 2003 — You must upgrade to 2007 or 2010 first.  Read the release notes here.



The Exchange Team blog has an excellent write-up about the changes in RTM CU1, including much anticipated information about Planning and Deployment.  I’m providing a short summary about CU1 here:



  • Exchange Server 2013 CU1 includes both bug fixes and feature improvements.
  • Setup takes 20 minutes or more per server, depending on your hardware.
  • To upgrade from Exchange 2007 all servers must first be upgraded to Exchange 2007 SP3 Update Rollup 10.
  • To upgrade from Exchange 2010 all servers must first be upgraded to Exchange 2010 SP3.
  • If you are upgrading Exchange 2013 RTM note that CU1 (and all future cumulative updates) are build-to-build updates.  CU1 setup will uninstall Exchange 2013 RTM before it installs CU1.  Any customization you may have done for RTM may be lost.
  • CU1 requires AD schema updates, enterprise AD changes, and AD permissions changes.  Therefore, it requires setup /PrepareSchema, /PrepareAD, and /PrepareDomain topology updates.  The GUI setup of CU1 will do all these steps automatically. Because of these additional steps, setup will take longer on the first installation.
  • If you have not installed Exchange 2013 RTM yet, you can install Exchange 2013 CU1 directly from the CU1 update from the web.  No need to install RTM first.
  • If your environment does not include Exchange 2010 servers, you will not be able to add any 2010 servers after installing 2013. If you plan to have any 2010 servers you should deploy a 2010 multi-role server first.
  • When you deploy the first Exchange 2013 Mailbox server in an existing Exchange organization, a new default Offline Address Book is created. All users perform a full download of this new OAB when Outlook is launched.  To prevent this, assign the current default OAB to each database before installing 2013.  The methods to do this are detailed in the blog post above and the release notes.
  • You can deploy multi-role (CAS and Mailbox) server(s) or separate CAS and Mailbox servers.  Due to the fact that CAS proxies all web requests, you will be unable to manage a Mailbox server until there is at least one 2013 CAS in the environment.
  • It no longer matters which role you update first. If you have dedicated CAS and Mailbox servers you can upgrade either role first.
  • You can no longer uninstall a single server role (i.e., you cannot convert a multi-role server to a single role server).  You can only uninstall all Exchange 2013 roles and redeploy.
  • Mailboxes moved from legacy Exchange versions to 2013 will appear to increase in size an average of 30% due to more accurate space calculations. User quotas may need to be increased to account for this.
  • An Address Book Policy Routing Agent has been introduced in CU1 to provide Address Book policies (different Address Books, depending on group membership).
  • With Exchange 2013 RTM CU1 groups can once again be owners of groups for membership management, as was the case in Exchange 2007.
  • Exchange 2013 CU1 includes rudimentary access to “modern” Public Folders (the Exchange 2013 variety) using OWA.  Users must add a specific Public Folder to their Favorites in OWA.  This is only for 2013 Public Folders and only provides access to existing Public Folders — users cannot add or delete 2013 Public Folders in OWA 2013.
  • The Exchange Administration Center (EAC) has been enhanced and now includes Unified Messaging management.
  • Exchange 2013 CU1 will support the Exchange Server 2013 Management Pack for System Center Operations Manager (SCOM), due at a later date.

I’ll be posting an article about OWA 2013 and EAC enhancements shortly.