262 Chapter 5 • Managing the Client Access Server Because the /owa virtual directory (vdir) is the only vdir used when accessing a user mailbox stored on an Exchange 2007 Mailbox Server, this is also the vdir under which you confi gure most of the OWA-related functionally (I say most since some settings must still be confi gured using the IIS Manager). Let’s take a closer look at the confi guration options available on the Property page of the owa virtual directory. The fi rst tab, which is the General tab shown in Figure 5.18, shows us information such as the name of the CAS, the Web site to which the owa vdir belongs, as well as the Exchange version and the last time the vdir was modifi ed. In addition, this is where we can specify the Internal and External URL used to access OWA (the internal URL will always be pre-entered). NOTE With Exchange Server 2007, you can longer access Public Folders using the OWA 2007 interface. Table 5.2 Continued Virtual Directory Version Description Public Exchange 2000, 2003 This virtual directory is used to access public folders by using the Outlook Web Access application for mailboxes located on computers running Exchange 2007, Exchange Server 2003, or Exchange 2000 Server. Only public folders on servers that are running Exchange 2003 or Exchange 2000 will be available through Outlook Web Access. Managing the Client Access Server • Chapter 5 263 Moving on to the Authentication tab (Figure 5.19), here we have the option of specifying the authentication method used to authenticate OWA users. Notice forms-based authentication is enabled by default, unlike OWA 2003 where you had to enable this feature manually. If for some reason you don’t want to have forms-based authentication enabled, you can choose to switch to basic by clicking Use one or more standard authentication methods. One reason you might want to do this is because you have an ISA Server 2006 deployed in your perimeter network and you are using it to pre-authenticate user logons, thus enabling Basic authentication instead. Figure 5.18 The General Tab on the OWA Property Page 264 Chapter 5 • Managing the Client Access Server Before we move on, I want to bring your attention to the sentence in the bottom on the Authentication window pane, which says that in order to confi gure SSL settings for the Outlook Web Access virtual directory, you should use the IIS Manager. Since the SSL certifi cate that is installed on the Default Web Site is a self-signed untrusted SSL certifi cate, there will come a day where you want to replace it with an SSL certifi cate from a third-party certifi cate provider (I showed you how this was done in the previous section in this chapter). Now click the Segmentation tab shown in Figure 5.20. In previous versions of Exchange, segmentation was very complex to confi gure, because you had to do so directly in the Registry (at least until the Exchange 2003 Outlook Web Administration tool was released). With Exchange Server 2007 it couldn’t be easier. You simply select the feature you want to disable, click the Figure 5.19 The Authentication Tab on the OWA Property Page Managing the Client Access Server • Chapter 5 265 Disable button and that’s it. You don’t even have to do an IISRESET /noforce afterwards. Most impressively, there is no need to log off and back on since the change is applied immediately! Figure 5.20 The Segmentation Tab on the OWA Property Page TIP If you want to turn off an OWA feature for one or more users, you can do so using the Set-CASMailbox cmdlet. For example, we can turn off the calendar for a user with the following command: Set-CASMailbox <user> -OWACalendarEnabled: $False 266 Chapter 5 • Managing the Client Access Server The next tab is the Public Computer File Access tab, shown in Figure 5.21. Here we can enable and disable direct fi le access. Direct fi le access is a feature that makes it possible for your users to open any fi le that is available through OWA. This is not only fi le attachments, but also fi les located in Windows SharePoint Services document libraries and/or on Windows fi le server shares. Figure 5.21 The Public Computer File Access Tab on the OWA Property Page . owa vdir belongs, as well as the Exchange version and the last time the vdir was modifi ed. In addition, this is where we can specify the Internal and External URL used to access OWA (the internal. clicking Use one or more standard authentication methods. One reason you might want to do this is because you have an ISA Server 2006 deployed in your perimeter network and you are using it to. Server • Chapter 5 265 Disable button and that’s it. You don’t even have to do an IISRESET /noforce afterwards. Most impressively, there is no need to log off and back on since the change is applied