Monthly Archives: May 2012

With SBS 2008, if try to open Outlook Web Access at http://remote.example.com/owa, you’ll get “Error 403 – Forbidden: Access is denied…”, because SSL is required in IIS.   The proper URL is https://remote.example.com/owa, but most users don’t remember that little “s”.

As a note, SBS 2011 already redirects this for you.  But if you’re stuck with SBS 2008, there are tons of articles that show how to automatically redirect users :

• How to redirect requests from HTTP to HTTPS or to the OWA virtual directory in IIS 7
• How to redirect an HTTP connection to HTTPS for Outlook Web Access clients
• Simplify the Outlook Web App URL
• How to Simplify the Outlook Web Access URL
• Exchange 2010 HTTP Redirection Issue
• HTTP to HTTPS redirect
• RWW SBS2008 “403 – Forbidden: Access is denied…” when connecting

Microsoft has 4 different articles on the topic, but the forums are still covered with it.  The solutions vary on a few themes:

• Redirect in IIS on the Default website (doesn’t work since that site doesn’t actually answer those HTTP requests in SBS).
• Disable Require SSL, and edit OWA’s default.aspx to Response.Redirect (doesn’t work because it’s precompiled and handled by DLL).
• Set a redirect or custom 403 page on the actual OWA directory to a custom SSLRedirect.html with a Meta redirect (might work, but clunky & straight outta 1998!)

Other solutions either forget you can’t get past “Require SSL” to reach the redirect, or they don’t know you’ve already been redirected (creating an infinite redirect loop and “Too many Redirects” error).

I think I have a much simpler solution — Just set the OWA directory’s 403 error to redirect to the right URL.  Here’s how:

1. Start the Internet Information Services (IIS) Manager snap-in.
2. Expand the local computer, expand Sites, and then click SBS Web Applications.
3. At the bottom of the SBS Web Applications Home pane, click Features View if this option is not already selected.
4. In the IIS section, double-click Error Pages, and double-click 403 in the list.
5. In the Edit Custom Error Page dialog, select Respond with a 302 redirect.
6. Type the Absolute URL of the /owa virtual directory. For example, type https://mail.contoso.com/owa.

OWA’s Error Pages list should look like this when you’re done:

Hope it helps someone.