Archive for November 24, 2015

Exchange 2013 OWA redirect http to https / SSL

Referenced from: https://technet.microsoft.com/en-us/library/aa998359%28v=exchg.150%29.aspx

  • Start IIS Manager.
  • Expand the local computer, expand Sites, and then click Default Web Site.
  • At the bottom of the Default Web Site Home pane, click Features View if this option isn’t already selected.
  • In the IIS section, double-click HTTP Redirect.
  • Select the Redirect requests to this destination check box.
  • Type the absolute path of the /owa virtual directory. For example, type https://mail.contoso.com/owa.
  • Under Redirect Behavior, select the Only redirect requests to content in this directory (not subdirectories) check box.
  • In the Status code list, click Found (302).
  • In the Actions pane, click Apply.
  • Click Default Web Site.
  • In the Default Web Site Home pane, double-click SSL Settings.
  • In SSL Settings, clear Require SSL.
  • Open an Administrative Command Prompt window.
  • Run the following commands:

cd %windir%\System32\Inetsrv
appcmd set config "Default Web Site/autodiscover" /section:httpredirect /enabled:false -commit:apphost
appcmd set config "Default Web Site/ecp" /section:httpredirect /enabled:false -commit:apphost
appcmd set config "Default Web Site/ews" /section:httpredirect /enabled:false -commit:apphost
appcmd set config "Default Web Site/owa" /section:httpredirect /enabled:false -commit:apphost
appcmd set config "Default Web Site/oab" /section:httpredirect /enabled:false -commit:apphost
appcmd set config "Default Web Site/powershell" /section:httpredirect /enabled:false -commit:apphost
appcmd set config "Default Web Site/rpc" /section:httpredirect /enabled:false -commit:apphost
appcmd set config "Default Web Site/rpcwithcert" /section:httpredirect /enabled:false -commit:apphost
appcmd set config "Default Web Site/Microsoft-Server-ActiveSync" /section:httpredirect /enabled:false -commit:apphost

Complete the changes by running iisreset

WARNING:

When you configure redirection from a top-level directory, a web.config file may be created under <drive>\Program Files\Microsoft\Exchange Server\<version>\ClientAccess\oab. If this has happened and you later remove redirection, Outlook may freeze when users click Send and Receive. To avoid this happening after you remove redirection, delete the web.config file from <drive>\Program Files\Microsoft\Exchange Server\<version>\ClientAccess\oab.

Disconnecting your on-prem Exchange 2013 from Office 365

NOTICE: Copied from http://blog.kloud.com.au/2014/05/05/removing-an-exchange-hybrid-configuration-2/ for personal reference.

Assuming the following activities have already been completed;

  • All required mailboxes have been migrated off of the on-premise environment across to Office 365
  • If necessary all public folder content has been migrated across to Office 365, either to shared mailboxes or traditional public folders.
  • All Exchange related DNS entries (autodiscover,OWA etc) have been re-pointed to O365
  • All MX records for SMTP domains that are being managed by O365 have been re-pointed to O365

Once these activities have been completed we can start on the steps required to remove the hybrid config;

  1. Remove the organizational relationship from the on-premise environment as follows; ‘Remove-OrganizationalRelationship -identity “name_of_org_relationship”.  The identity of the organizational relationship can be obtained by using the ‘Get-OrganizationalRelationship’ if required.
  2. Remove the organizational relationship from the O365 tenant as follows; ‘Remove-OrganizationalRelationship -identity “name of_org_relationship”, Again the identity of the organizational relationship can be obtained by using the ‘Get-OrganizationalRelationship’ if required.
  3. Remove the federated domain(s) from the on-premise environment as follows; ‘Remove-FederatedDomain -domainname name_of_domain
  4. Remove the Email Address Policy/Policies associated with those SMTP domains that have been moved to O365.  This can simply be performed from on the on-premise Exchange admin console
  5. Remove the Accepted Domain entries from the on-premise Exchange admin console for those SMTP domains that have been moved to O365.  Again this can simply be performed from on the on-premise Exchange admin console.
  6. Remove the federation trust from the on-premise Exchange environment as follows; ‘Remove-FederationTrust -Identity “Microsoft Federation Gateway” By default the hybrid configuration wizard in Exchange 2010/2013 names the federation trust “Microsoft Federation Gateway”.
  7. Remove the remote domain associated with the Exchange hybrid configuration using the on-premise Exchange Admin Console.  This will be named something like “Hybrid Domain – tenant_name.mail.onmicrosoft.com”
  8. Remove the SMTP send connector from the on-premise environment as follows; ‘Remove-SendConnector “Connector_Name”‘
  9. Remove the inbound and outbound SMTP connectors that were created by the hybrid configuration wizard in the Exchange Online Protection Administration Console
  10. Finally remove the HybridConfiguration object from within Active Directory.  This isn’t supported in Exchange 2010 and its perfectly fine to leave the object in AD without any adverse effects.  If however Exchange 2013 is being used in the hybrid configuration, the following PS command can be used to remove the HybridConfiguration object;  Remove-HybridConfiguration

Once those steps are complete, all references to the previous hybrid configuration are removed leaving two separate and distinct Exchange environments, CompanyA on-premise and CompanyB in O365.