Block Or Allow Selected Users Depending On Location And AD Group Membership In Microsoft Exchange 2013 Outlook Web App

[ 83 ] Comments
Share

A while ago, I wrote an article describing how you might block or allow certain users from using OWA 2010 depending on their location. For example, is it possible to only allow certain users access if they are on the LAN, but not from the Internet? A few people have asked for a similar one for OWA 2013. This indicates two things:

1. There are actually people out there who read this stuff, and
2. There is still currently no built-in way of doing this. Unless they just haven’t found it.

It’s possible if you are prepared to make a small change to one of the .aspx pages. It assumes you have a group named something like AllowExternalOWA (or BlockExternalOWA if you are blocking).

There are two things that need to be done to the server-side OWA source files. They must be done with extreme care, and you should make a backup copy of each file before changing it.

First, locate the web.config file in C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa. Make the backup copy, then open it in Notepad. Search for the text </assemblies> (i.e. the closing assemblies tag), and insert the following line before it:

<add assembly="System.DirectoryServices.AccountManagement, Version=2.0.0.0, Culture=neutral, publicKeyToken=b77a5c561934e089" />

Second, locate the Default.aspx file in the same folder. Make the backup copy, then open it in Notepad. A few lines down, you will see a block of lines that all begin like this:

<%@ Import Namespace="

Immediately after those lines, insert a block of code, like this:

<%@ Import Namespace="System.DirectoryServices.AccountManagement" %>
<%
string strGroupName = "AllowExternalOWA";
string strIP4 = "192.";
string strIP6 = "fe80:";
string strIP = "";
try
{
  strIP = Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
}
catch{}
if(strIP == null)
{
  try
  {
    strIP = Request.ServerVariables["REMOTE_ADDR"];
  }
  catch{}
}
if(strIP == null)
{
  Response.Write("Can't get user's IP address");
  Response.End();
}
bool blnExternal = true;
if((strIP != "127.0.0.1") && (strIP != "::1"))
{
  string strIPVersion = "";
  if(strIP.IndexOf(".") != -1)
    strIPVersion = "4";
  if(strIP.IndexOf(":") != -1)
    strIPVersion = "6";
  if(strIPVersion == "4")
  {
    if(strIP4 == "")
    {
      Response.Write("IP4 range not defined");
      Response.End();
    }
    if(strIP.Substring(0, strIP4.Length) == strIP4)
      blnExternal = false;
  }
  if(strIPVersion == "6")
  {
    if(strIP6 == "")
    {
      Response.Write("IP6 range not defined");
      Response.End();
    }
    if(strIP.Substring(0, strIP6.Length) == strIP6)
      blnExternal = false;
  }
}
else
{
  blnExternal = false;
}
if(blnExternal)
{
  PrincipalContext objCtx = new PrincipalContext(ContextType.Domain);
  UserPrincipal objUser = UserPrincipal.FindByIdentity(objCtx, Page.User.Identity.Name);
  var objGroups = objUser.GetAuthorizationGroups();
  if(!objGroups.Any(x => x.Name == strGroupName))
  {
    Response.Write("Sorry, you are not allowed to access OWA from this location:" + strIP);
    Response.End();
  }
}
%>

That takes care of the ‘Premium’ OWA client.  To prevent users from using the ‘Basic’ client, perform the same procedure for the basicmessageview.aspx file in the C:/Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa\forms\basic folder.

There are a few things to note in this code. At the beginning, you will need to configure the name of the group that you created, and the IP address ranges for your internal network, in IPv4 and/or IPv6 format. My own code covers ranges “192.168.” and “fe80:” by default. If all your clients have only IPv6 addresses, you can leave the IPv4 address empty, and vice versa. Access from the server itself (127.0.0.1 or ::1) is always allowed.

If you want the code to block a group of users, change the line

if(!objGroups.Any(x => x.Name == strGroupName))

to

if(objGroups.Any(x => x.Name == strGroupName))

to check for group membership, rather than the absence of group membership.

As with most of these type of modifications, you will need to check that they still function after each product update. Sometimes your modified file will be replaced by a new one from the update.


83 Responses to Block Or Allow Selected Users Depending On Location And AD Group Membership In Microsoft Exchange 2013 Outlook Web App

  1. Ryan says:

    I would love to accomplish this in my environment! I have a couple issues, first it looks like the IP address that it is finding is the IP of my CAS server. Does this only work on combined role servers? Also, I am not sure what username it is checking on but it looks like it is only seeing local machine groups.

    Sorry, you are not allowed to access OWA from this location: 10.69.97.81 [my CAS server]
    Everyone
    BUILTIN\Users
    NT AUTHORITY\SERVICE
    CONSOLE LOGON
    NT AUTHORITY\Authenticated Users
    NT AUTHORITY\This Organization
    BUILTIN\IIS_IUSRS
    LOCAL
    IIS APPPOOL\MSExchangeOWAAppPool
    BUILTIN\Administrators

  2. Ryan says:

    I should also add, I am making this change on the server with the mailbox role since that is there the specified default.aspx page resides. That seems to be a departure from the 2010 instructions. You would think that page would be on CAS, very confusing architecture.

    • admin says:

      Hello. Yes, I thought it might be going via a proxy (which is what the CAS is, in your situation). I’m going to assume that something like this
      http://stackoverflow.com/questions/1276332/finding-ip-address-of-client-connected-through-a-proxy?rq=1
      isn’t going to work ( you would use HTTP_X_FORWARD_FOR in the code, instead of REMOTE_ADDR ), since I’d be amazed if the Exchange proxying code bothered to forward this to the MBX server. But can you try it just in case? I’m a developer, so I don’t often setup separate FE/BE CAS/MBX topologies.

      If you find that it doesn’t work, we’ll have to see if there’s a page on the CAS server where we can add some similar code, because there’s a chance that the MBX server will never know what the client IP is.

  3. Ryan says:

    string strIP2 = Request.ServerVariables["HTTP_X_FORWARD_FOR"];
    Response.Write(“Sorry, you are not allowed to access OWA from this location:” + strIP + ” ” + strIP2);

    It just returns white space for the second string, so I assume that variable isn’t present. I do really appreciate your blogging and help on this, I can confirm that many people are reading, benefiting, and saving money from this!

    • admin says:

      No prob. Well, we’ll have to find out if there’s a suitable place on the CAS to put this code. Can you find the IIS log entries from the CAS that are recorded when the user requests /owa and logs in?

  4. Ryan says:

    I do not see that file either, CAS or MBX. I did however have some success with this:

    string ipAddress = Request.Headers["X-Forwarded-For"];

    That actually gave me the IP I was looking for when running on your original Default.aspx. Now I just have to figure out how to find the correct value for the user. Do you have any suggestions on variables for that?

    • admin says:

      The lines of code that begin with this one

      System.Security.Principal.WindowsIdentity oUser = Request.LogonUserIdentity;

      are supposed to identify the user.

  5. Vig says:

    Hi, thanks for the great article. I have a scenario where we’ve implemented two sets of Exchange servers across different locations with different internal IP addresses.

    Would your script be able to accomodate two IP segments e.g.
    <%
    string strIP = Request.ServerVariables["REMOTE_ADDR"];
    if(strIP.Substring(0, 8) != “192.168.” "10.1")

    • admin says:

      With a little modification, yes. I think you’re looking for something like this

      if((strIP.Substring(0, 8) != “192.168.”) && (strIP.Substring(0, 5) != “10.1.”))

  6. Vig says:

    Thanks for the quick response. I tried these codes but I am not getting it right.

    Once I added the code in and test it externally, I am getting ‘Bad Request’ for all users after logging in.

    Appreciate some help. Thanks

    • admin says:

      Do you only get that error externally? If so, there might be a problem somewhere else in the code. If you can post all the code you added, I can take a look. But I’m not sure why there would be any connection between a possible javascript error (which would only cause a problem at the client end), and a 400 error at the server end.

      Does it work okay if you take all the code back out again?

  7. Vig says:

    Is the group BlockExternalOWA and AD group or a local group on the Exchange server. If it is to be on the Exchange server, should it reside on the Mailbox or the CAS server. Thanks

  8. Vig says:

    I created the BlockExternalOwa group as a Security group in AD

  9. Vig says:

    I created the BlockExternalOwa group as a Security group in AD

    I only get the error externally. Internally it seems fine.

    After I remove the code, it works well again externally.

  10. Vig says:

    Below is the codes that I have added:
    string strIP = Request.ServerVariables["REMOTE_ADDR"];
    if(strIP.Substring(0, 8) != “192.168.”)
    {
    System.Security.Principal.WindowsIdentity oUser = Request.LogonUserIdentity;
    System.Security.Principal.WindowsPrincipal oPrincipal = new System.Security.Principal.WindowsPrincipal(oUser);
    if(!oPrincipal.IsInRole(“BlockExternalOWA”))
    {
    Response.Write(“Sorry, you are not allowed to access OWA from this location:” + strIP);
    Response.End();
    }
    }
    %>

    • admin says:

      There should also be a matching <% at the beginning. Maybe you just didn’t include it in what got copied for your post?

      • admin says:

        Okay, that’s what I get for forgetting to put my code in <pre> tags within the post. Now that I’ve done so, it should be safe to copy/paste it.

  11. Vig says:

    Sorry, I’ve actually included the <% at the beginning. Below is the actual text:

    • admin says:

      I can’t see the code in that last post. But this talk of <% and %> has actually reminded me that this is server-side C# code, not client-side JavaScript code. I don’t know why I forgot that. But in any case, the syntax is the same, so it should still work. I think it would be easiest if you sent me your modified file (in a zip file, to get past any virus scanners), so that I can try it here. Please send it to me at email@leederbyshire.com .

    • admin says:

      Okay, thanks. I got the zip file, but something blocked my reply to you. The group is an AD security group. In response to my direct reply to you, I get this;

      CH1EHSMHS029.bigfish.com gave this error:
      Service unavailable; Client host [81.168.104.129] blocked using Blocklist 1, mail from IP banned; To request removal from this list please forward this message to delist@messaging.microsoft.com and include your ip address 81.168.104.129 .

      Your message wasn’t delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery.

    • admin says:

      Okay, I just had a look at the file in Notepad, and I noticed a fairly common problem. Have a look at these two lines:

      string strIP = Request.ServerVariables["REMOTE_ADDR"];
      if(strIP.Substring(0, 8) != “192.168.”)

      The second one has the ‘fancy’ double-quote characters (i.e. the left-hand and right-hand ones are angled differently so that you can tell them apart. These should be the simple old-fashioned double-quotes. Unfortunately, some editing software thinks it’s being helpful by automatically inserting them for you. It also sometimes happens when copy/pasting code from a blog, because the blog thinks it’s being helpful, too. But it kills code, because they are extended characters. Sometimes, you can only see the difference if you magnify the text, or increase the font size.

  12. Tan says:

    Is this script works when OWA Authentication is on Form Based Authentcation ?

  13. Alex says:

    Hello! I have the same problem like Vig
    April 16, 2014 at 9:01 am

    I created the BlockExternalOwa group as a Security group in AD

    I only get the error externally. Internally it seems fine.

    After I remove the code, it works well again externally.

    How he decide his problem? I checked my double-quote characters, it’s looked like simple old-fashioned double-quotes.
    Please help me find my mistake
    Thank you

  14. kh says:

    Hi! I have exact environment that Ryan had, where we have frontend and backend exchange 2013 servers, however when I read thru the comment and I realized that Ryan has managed to embed the script and make it successful work. I wonder can you share out the script that how Ryan make it work in exchange environment that had multiple exchange server with frontend and backed design.

    • admin says:

      Looking at those old posts, I’m not sure that Ryan actually got it working, or not. And I still don’t have a frontend/backend setup (I’m a developer, and I can’t afford that much hardware :-) ).

      But anyway, it looks like there is no default.aspx file on the CAS server – is that what you found too?

  15. Alex says:

    Hi,

    I am unable to get this code to refuse connections for user who are not members of the “Domain Local” group.

    We have Exchange 2013 CAS/MBX servers for the FE, with the actual mailboxes on other Exchange 2010 (MBX) servers

    Would it be posible to send you the default.aspx file to review possibly?

  16. Alex says:

    Hi,

    I have been trying to get this script to work on our servers but have been unable to get this to trigger for users that are not members of the (domain local) group defined in the script.

    We have Exchange 2013 CAS/MBX Front End servers, where we have implemented thsi script, with various Exchange 2010 CAS and MBX servers, where the mailboxes reside.

    Would it be posible to send you a copy of the default.aspx page to see if you can see where I am going wrong?

    Thanks in advance,
    Alex

  17. Alex says:

    Sent – Thanks for agreeing to review this, much appreciated.

  18. Alex says:

    Thanks again for all your help with our script.

    Just to let people know, in case you are interested, it appears from our testing that if you have a 2010 & 2013 mix in your environment, the 2010 version of this script will need to be implemented on the 2010 CAS servers.

    There is a good MS blog decribing how the 2013/2010/2007 coexistence works here – http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx

  19. Phil says:

    Hi All

    Sharing this info so it may help someone in future :)

    Our exchange clients connect internally through Microsoft TMG. We didn’t want use TMG to control access because this product is being replaced.

    Amend default.aspx, replace the IP address with your proxy server:

    (paste before <!DOCTYPE html>)

    <%@ Page Language=”c#” AutoEventWireup=”false” Inherits=”Microsoft.Exchange.Clients.Owa2.Server.Web.Default” %>
    <%@ Import Namespace=”Microsoft.Exchange.Clients.Owa2.Server.Web” %>
    <%@ Import Namespace=”System.DirectoryServices” %>
    <%@ Import Namespace=”System.DirectoryServices.AccountManagement” %>
    <%@ Import Namespace = “System.Linq” %>
    <%@ Import Namespace=”Microsoft.Exchange.Clients.Owa2.Server.Core” %>
    <%@ Import Namespace=”Microsoft.Exchange.Clients” %>
    <%@ Import Namespace=”Microsoft.Exchange.Clients.Common” %>

    <%
    string ipAddress = Request.Headers["X-Forwarded-For"];
    if (ipAddress != “192.168.0.241″)
    {
    // set up domain context
    PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
    // find a user
    UserPrincipal user = UserPrincipal.FindByIdentity(ctx, Page.User.Identity.Name);
    if (user == null)
    {
    Response.Redirect(“.\\error.aspx”);
    Response.End();
    }
    else
    {
    // find the roles….
    var groups = user.GetAuthorizationGroups();
    if (!groups.Any(x => x.Name == “Email.OWA.Allow.National”))
    {
    Response.Redirect(“.\\error.aspx”);
    Response.End();
    }
    }
    }
    %>

    An error.aspx page was saved to C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa containing the following
    “Error unauthorised access. Please see administrator. Code: ExternalAccess”

    In addition the following files needed to be copied to C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa\Bin :

    System.DirectoryServices.AccountManagement.dll
    System.DirectoryServices.dll

    I’m not sure where the above two files come from…

    Hope this helps someone

  20. John says:

    Hi,

    i have problem with set block.
    I’ve created group AllowExternalOWA to insert users with unlocked access.
    I observe strange things:
    In first try for to login user appears a blank page with text” bad request”
    What I doing wrong?

    My config:

  21. John says:

    Hi,

    i have problem with set block.
    I’ve created group AllowExternalOWA to insert users with unlocked access.
    I observe strange things:
    In first try for to login user appears a blank page with text” bad request”
    What I doing wrong?

    My config:”


    PS: This symbol i’ve added special, bacause without that i cant paste config.

    • admin says:

      Hi John. I’m going to have to rewrite the article due to some architecture changes in OWA 2013. I hope to have it finished in the next few days. I’ll let you know when it’s finished, and then we’ll try to get it working for you.

    • admin says:

      Hi John – I just updated the article. Please let me know if it works okay for you.

  22. John says:

    Thank’s

    I’ll waiting for You article :)

  23. John says:

    Hi,

    i added You new script and file, but my Server does nothing with that, i don’t see any change.
    It seems, my Exchange ignore that.
    Can You help me?
    Where i can send You my config to check?

    • admin says:

      Hi John. By a massive coincidence, I just sent you another message before I read this one. If you have changed the file, and it makes no difference at all, then I think you may have Exchange 2013 without Service Pack 1. When I tried it on Exchange 2013 RTM (i.e. no service pack), I too noticed that nothing happened when you change the default.aspx file, and you then need to change some other files instead. Does your server have SP1 installed?

    • admin says:

      Okay, I updated the article a couple of days ago, and again this morning, after I found a better way of doing it. Can you tell me which code you added? The original code that has been in the article for a long time, or the code I updated a few days ago, or the code I updated this morning?

  24. John says:

    I use code with use text file with users.

    This article show’s solution with AD Group.

    I’ll try to use this and i’ll send to You feedback.

    • admin says:

      Yes, originally, the article used an AD Group. Then it stopped working at some point. I think it was when SP1 came out, but I never noticed, since I don’t actually use the code myself. I then couldn’t get the AD Group method working, since OWA now proxies to itself, and you are not able to check AD Group membership for an impersonated user. So I used the text file method. However, I did find another way to check Group membership. Hence the update today.

  25. John says:

    I added Your solution to my server.

    But, nothing going to happend, my server look like ignoring this script.
    I have SP1 and – maybe this is important – i have installed all roles on one VM machine.

    • admin says:

      Hello again John. The script should work with SP1 – in fact, without SP1, it wouldn’t work. Having all roles in one VM shouldn’t be a problem, either. I should mention that if you test it from the server’s browser, then you won’t see any difference, because it allows all access from the server itself. So, are you saying that you have tried to log into OWA as a blocked user, from an external location, and it still allowed you to log in? It might help to do an IISRESET, because sometimes the server will compile the files, and continue to use the original version, and ignore the new one.

  26. John says:

    I should do ISSRESET even i restart VM?

    • admin says:

      Not necessary if you rebooted. I just wanted to make sure that the IIS service got restarted since you made the changes.

      If there is no difference after you added the script, then maybe the server is not even using the file. First, make sure you are working on the correct default.aspx file (there are several of them). The one we need is in C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa . Try temporarily renaming the file to Default.aspx.old , then see if you can still log out of and back into OWA.

      Note that you have to log out and back in again to test it. It won’t work if you are already in OWA and then refresh the page. Once you are in OWA, you are already past the Default.aspx file, and it is too late to test it.

  27. Adam says:

    Hi Leo,

    earlier exchange version 2010 we were using basicmesageview aspx to block the basic view also but in exchange 2013 do we need to make any changes with that as i used above code as you mentioned and its working but there are still bit issue with that as users getting basix OWA portal and they are able to access the OWA even if he/she is not in AllowExternalOwa AD group. Please suggest.

  28. Mahesh Panchal says:

    Hi Leo,

    Thanks a lot, its been working in my environment.

  29. John says:

    Hi,

    it work’s finally :)
    Thank’s for help.
    I do IIS reset and wait a while, and resolved itself.

  30. Andrew says:

    Hi,

    I have in issue with this code – it is working when user logon – he enter username & password and got message access denied. But when user then manually goes to /owa mailbox is opened because auth is done. How to remove auth for session before message to user?

    • admin says:

      Hi Andrew. OWA 2013 seems to do a few redirections after logging in, and it hasn’t been easy to find the correct place to put the code. Maybe I need to look a bit harder. I’ll take another look at it.

  31. Andrew says:

    Hi, Please let me know by mail when you will find the solution. ( for now i find out that when i logon for the first time i get default.aspx page, and block working, but next time i got an logon.aspx page redirected to MBX server OWA or CAS Server Proxy-OWA/auth page. ) tell me if i can help you with something. Thanks!

    • admin says:

      Hello again Andrew. I was unable to duplicate what you are seeing. But as a developer, I can’t really replicate all the possible setups that people have, since I only have limited hardware. You have multiple servers (which I don’t have), and I think I heard from someone recently that said you have to perform the described modifications on each server (even the MBX servers) before it will work. Have you tried that?

  32. Andrew says:

    Hi, yes i done this on each server i have

    I have 2x cas servers and 2x mailbox servers

    Cas redirecting to mailbox after logon ( in case mailbox located there )

    if mailbox resides on combined cas+mailbox server – user redirected to server’s own OWA virtual directory.

    First time i logon i get 9default.asps and sometimes logon.aspx) logon prompt and after Logon a get error that i blocked – but if i do a refresh of this window – exchange knows than i already authenticated and redirecting me to my mailbox – simply this is not only default.aspx but also :

    C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\auth\logon.aspx

    And redirection to logon.owa or logoff.owa for logoff process.
    ( and when OWA redirect me after logon or logoff – i\m not already at default.aspx )

    I added to your code Logoff redirection. It works – user logged off server but it redirect back to logon aspx and second time i can logon to my mailbox – i think code also must be placed in logon.aspx but i cannot find out where exactly.

    Thanks, waiting for possible fix :)

    • admin says:

      I don’t think it’s a problem that the user is authenticated – in fact the user needs to be authenticated before the code can check group membership. I think we need to make sure that

      1. The code is actually being executed.
      2. The code knows if the user is external or external
      3. The code know the correct user name.

      In OWA2013 (because it proxies to itself) it is hard to be certain on any of these points. So, we ought to work through them one at a time. We can cover the first two in one go. In the code, just before the line

      if(blnExternal)

      insert another line

      Response.Write(“External=” + blnExternal);

      (if you copy/paste this, note that WordPress might have inserted ‘extended’ left and right curly double quotes, which will break the code – you need to make sure they are plain double-quotes)

      Now, when you look at the page source in the browser, you should always see “External=True” or “External=False” in there somewhere. If not, then there is somewhere else we need to put it. Note that you will probably have to do IISRESET after adding the extra line, since IIS loves to cache more than it ever did.

  33. Andrew says:

    Hi i will check, but i don’t think it will work – because just after opening the page i’ve redirected to

    https://my.domain/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmy.domain%2fowa

    • admin says:

      That’s the logon page. You can’t block the logon page from certain users, because it doesn’t know who they are yet (because it’s the logon page :-) ).

  34. Andrew says:

    hi, checked this –

    First logon in clear session:
    opening:
    htps://my.domain/owa

    External=TrueSorry, you are not allowed to access OWA from this location: 94.76.102.221

    Without closing browser – opening url:
    https://exch.fuib.com/owa/
    And my mailbox opened without any prompt or message

    • admin says:

      When you type in the owa url with exch.fuib.com in, is that a different domain to the one you typed in first? Or is it the same? From the most recent message you sent, it sounds like it’s the same, but if it’s different, then you’ll have to make the changes in the other domain. I think you already know that, but I want to make sure :-)

      Anyway, when you type the url in and the mailbox opens okay, use you IE View menu to look at the page html source. Can you see the word ‘External=True’ or ‘External=False’ in there? Assuming you didn’t yet remove the most recent line I asked you to add for this testing.

  35. Andrew says:

    Sorry :) second url is my real :) Second time – my.domain/owa the same as first time

  36. Andrew says:

    Sorry, exch.fuib.com is wrong – only my.domain is used.

    When i blocked for the first time i can see External = True, but when my mailbox opened – there is no such line in page source

    • admin says:

      Can you save the page source you see when the mailbox opens to a text file, and email it to me at email@leederbyshire.com . I’m trying to work out which page it’s taken you to, and if it’s the normal Default.aspx file that has the extra code in, or something else.

  37. N says:

    Why do you only use 192.x.x.x? cant someone coming from 192.169.x.x be seen as internal?

    I did a quick whois and there are certainly public IP’s above 192.168.255.255

  38. Darra268 says:

    Is there any way to allow more than one private IP range? We use the 172.16.x for internal client and the 10.102.x for internal wifi. Can this be used to allow more than one internal range?

    • admin says:

      The quickest way would be to change the line
      if(strIP.Substring(0, strIP4.Length) == strIP4)
      to
      if((strIP.Substring(0, 7) == “172.16.”) || (strIP.Substring(0, 7) == “10.102.”))
      it’s a bit messy, but saves time.

  39. Darra268 says:

    Thanks!

  40. Mike says:

    I was able to get this working successfully, but with only a single IP address. I need to add 4 more. Can you tell me how to do this/what i need to modify and maybe even an example? Thank you!

  41. Mike says:

    They are not but I was able to get it by rewriting some of the code. Its working properly now with 4 IP addresses on completely different subnets. Any idea if this will work with Exchange 2016?

    • admin says:

      I don’t know. If it still uses Default.aspx as the home page, then there’s a good chance. But I gave up playing catch-up with Exchange. They just seem to make it more needlessly complicated with each new version; which makes it harder to find out where to make changes, and makes it more fragile.

  42. Mike says:

    Has anyone got this to work successfully was Exchange 2016?




Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>