Hi, we have a webpage setup that users hit before OWA that has a consent banner, then forwards them to the page. However, if a user manually types in the URL to the OWA site then they bypass the consent page. Is there a way to configure the server so that if they try the direct link they are forwarded to the consent page? Both pages are hosted on the OWA server. Thanks!
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Force consent page before OWA 4
- Thread starter yesti
- Start date
-
1
- #2
I think you'd have to edit the code for the logon page. But this would be troublesome, since just about every hotfix, update, and service pack overwrites that page. So you'd have to re-edit the page.
Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
-
1
- #3
My webserver experience (other than OWA) is with linux & apache, so I can't provide any specific details however, in concept OWA is just a service being served by a IIS web server from a particular directory.
With apache it is quite easy to protect a directory's content by checking the referrer (the page a user is coming from). I assume that IIS must have similar capability but I don't know what it is. I suspect someone in forum41 could provide more insight about that part.
If this 'protection by referrer' is possible, make sure that you consider the ramifications. For example, if remote users are syncing their PDA's/Smartphones via OWA, this sort of protection would cause problems.
With apache it is quite easy to protect a directory's content by checking the referrer (the page a user is coming from). I assume that IIS must have similar capability but I don't know what it is. I suspect someone in forum41 could provide more insight about that part.
If this 'protection by referrer' is possible, make sure that you consider the ramifications. For example, if remote users are syncing their PDA's/Smartphones via OWA, this sort of protection would cause problems.
-
1
- #4
SteveRoadWarrior
Technical User
- Jun 13, 2007
- 148
The standard web based authentication screen will stop any user before they access the exchange system. I wouldn't edit the Exchange permissions much from the norm.
A low tech way would be to edit the images which adorn the login screen (keeping size and resolution the same) if your agreement message is short. At least you can say that by logging in they agree to terms. That may be enough to keep your legal team happy.
A low tech way would be to edit the images which adorn the login screen (keeping size and resolution the same) if your agreement message is short. At least you can say that by logging in they agree to terms. That may be enough to keep your legal team happy.
-
1
- #5
- Thread starter
- #6
- Status
Similar threads
- Locked
- Question
- Locked
- Question