Suppose you host more than one domain at your Exchange server , and each company need to have its OWA URL , below is steps how you can implement more than one OWA & ECP on one Exchange 2010 server
1- Create a new WEB SITE
– New IP
– Ports 80 / 443
– Name WebMAIL
– Default Path – C:\inetpub\wwwroot
2- Install Certificate (HTTPS) for External User
3- Copy the Folders:
C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Owa
C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\ecp
to
Ex:
C:\Program Files\Microsoft\Exchange Server\V14_domainname\ClientAccess\Owa
C:\Program Files\Microsoft\Exchange Server\V14_domainname\ClientAccess\ecp
4- ON IIS – ISAPI and CGI Restrictions
Give Permission ALLOW to this DLL
C:\Program Files\Microsoft\Exchange Server\V14_domainname\ClientAccess\Owa\auth\owaauth.dll
5- On Exchange Power Shell
new-owairtualDirectory -WebSiteName “WebMAIL” -Path “C:\Program Files\Microsoft\Exchange Server\V14_domainname\ClientAccess\Owa”
New-ecpVirtualDirectory -WebSiteName “WebMAIL” -Path “C:\Program Files\Microsoft\Exchange Server\V14_domainname\ClientAccess\ecp”
6- Fix Virtual Directory Path
Exchange
Exchweb
Public
In IIS – change – The Virtual Directory Path
….\V14\ClientAccess\Owa
to
….\V14_domainname\ClientAccess\Owa
7- In Exchange Console
– Server Configuration > Client Access > <server> > Outlook Web APP > owa (Mail) > Properties Authentication > Use one or more standard authentication methods > FBA
– Server Configuration > Client Access > <server> > Exchange Control Panel > ECP (Mail) > Properties Authentication > Use one or more standard authentication methods > FBA
8- Reset IIS
Now try to browse the URL of the new OWA
I do not see what you need to copy the Exchange System files to another location. I have created this setup multiple times, and never done so. Indeed you need to create two IIS Websites and it is highly recommended to assign a second IP address to the second website. If you use one NIC, you need to add the second IP with the Skip as source parameter, or if you are using a second NIC you need to uncheck register in DNS check-box.
You will also need to be careful with the external and internal interfaces of the OWA/EXP virtual directories, to make sure that OWA redirects to the correct ECP when the user clicks options. If not done correctly, it could be that the user is forced to re-authenticate when he opens ECP. .
Dear Sir:
First i am copying these files in case you need to do some customization in the OWA and ECP different from the original themes
Second: it is highly recommended to to assign a second static IP (i totaly agree with you in that) but if it is not availiable , then this is not problem you can assign eveyr OWA different ports and work on the same IP
Third: no problem with ECP redirection since they have different ports or dfferent IPs
you are welcome to give me any comments and feedback any time
Will it work externally as internally
Yes
Thanks for this post
It very useful it took some tome to work with me because i had to set the ISAPI settings on the IIS level and on the site level as well
you are most welcome, but why did you set the ISAPI setting in the site level ?
Following the instructions, I get 500 Internal Error after initial login. url contains \owa\auth.owa
I did deviate in one area, in that I have set the new website path to c:\inetpub\newsite and copied the files from \wwwroot.
Something else noticed was when the V14 directory files were copied it prompted for ‘Administrative’ action, which I confirmed and the files copied.
c:\inetpub\newsite is the default path for the default website , it automatically created when you install IIS , and it may have some restriction or security permissions
I just you try the same steps but change the path to customized path as in the URL , or another drive
Do this and let me know if it works or not
I also followed your instructions but also get an 500 internal error with also auth.owa in the url.
Do you have a suggestion why this happens?
what is the path of your new website ?
I created a new folder under intepub with the same security settings as wwwroot.
I had also tried to use /intepub/wwwroot as path of the website but there were the same problems.
no Try a totally different path , you can try a path with the same security settings as /OWA virtual directory
Aaargh YES! Problems with auth.owa. asp files work fine, so with basic auth it all works, but auth.owa fails.
I THINK it’s not actually the auth.owa modular stuff that it is at fault, it’s actually owaauth.dll. While the URL is auth.owa, the detailed log entry mentions owaauth.dll, and sure enough, the same error is there if you try to load owaauth.dll directly.
So the problem seems to be that the duplicate website can’t load ISAPI DLLs. At all, I think. To confirm, I followed step 4 very carefully. (I also tried checking the run any ISAPI box. No dice.)
Help! Any ideas?
To resolve 500 – Internal Server Error, must edit owaauth.dll to be executable from ISAPI filter.
IIS root > new website > ISAPI filters, edit the executable path to new OWA virtual directory, “…\V14_domainname\ClientAccess\Owa\auth\owaauth.dll “
Hello
This article was very helpful for me, now I am trying to the same on exchange 2013 is any post about it?
Thanks in advance
Kindly check these steps , but i didn’t try it from my side
http://blogs.technet.com/b/exchange/archive/2015/02/11/configuring-multiple-owa-ecp-virtual-directories-on-the-exchange-2013-client-access-server-role.aspx
You also need to change the ISAPI filter named “Exchange OWA Cookie Authentication ISAPI Filter” to reflect the new path otherwise you get the 500 internal error