Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

OWA users

Status
Not open for further replies.
ash786

ash786

Technical User
Jun 20, 2001
38
GB
We run Exchange 2003 in our environment and by default Outlook Web Access is enabled for all mailboxes.
However we are trying to find out if there is an easy way of finding out whom the active users of OWA are in our system but cannot find an easy way of carrying out this task. Is there a way of extracting the active OWA users from the exchange server or from active directory, the only way that I can think of at present is by going through the IIS logs on the OWA server. However this will be an extremely laborious and time consuming task.

Our objective for the above is so that we can group together all the users and only allow these users to access OWA, and disable OWA access for the rest.
 
Sort by date Sort by votes
You already know the answer. The IIS logs would be your only real indication. Take a look at the format you have of your logs and also take a look at some third party tools for analyzing the logs in a more readable format. Webtrends is an example that I have used that works very well.


You might also like this one:

I hope you find this post helpful.

Regards,

Mark
 
Upvote 0 Downvote
I've used the Security logs on the DC's for this. When a user authenticates on OWA, an authentication event (number 540) is logged from the OWA server. So if you sorted out all the logon events from the OWA server, you'd mainly be looking at OWA users. I'm assuming a FE/BE scenario with that statement. Looking at the event details, you will be able to see the originating address, and if the address is outside of your network, then you know that it's an OWA logon and not an event generated internally.

ShackDaddy
 
Upvote 0 Downvote
You could always catch this off of your firewall log if you have access to it. It would probably be much easier going that route as a firewall would have much more extensive logging facilities and you could filter speficially by IP at that point too.
 
Upvote 0 Downvote
try
download the lite version if you have no budget left, ha

i use it on my IIS servers, very cool

Also, depending on what type of Router or Firewall you use (i'm indicating sumthing by Cisco here, coz i don't know anything by Nortel or what ever) you could turn on somesort of access list logging to a SysLog client if you really need upto the second logs?

Maybe useful if you put a Cisco (again based on my knowledge) box in front of the OWA box, so you get internal as well as external IPs logged.

Or alternatively, have you thought of using a Proxy? ISA is especially good at displaying who has come in and is accessing OWA on an internal Mail Server via 80 or 443 Port translations from an IOS Router or Firewall and even internal clients if the front end that holds OWA is in a DMZ away from the internal clients.

there are some 3rd party apps that can present realtime (nearly) logging on connecting clients to a ISA Server via a browser if you want as well (name has left me at the mo) and we can get who and when is accessing the OWA URL

Gurner

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

microsGuy16
  • Locked
  • Question
Global Address List Names not showing in Outlook OWA 365
Replies
0
Views
2K
microsGuy16
microsGuy16
ponoodle
  • Locked
  • Question
Disabling OWA for on prem Exchange while in a hybrid envirenment.
Replies
0
Views
1K
ponoodle
ponoodle
lwhalo
  • Locked
  • Question
Domain Admins - Active Sync/OWA question
Replies
1
Views
97
ntinlin
ntinlin
joblack23
  • Locked
  • Question
owa lock
Replies
0
Views
59
joblack23
joblack23
MrNick0483
  • Locked
  • Question
Exchange 2013 OWA
Replies
2
Views
106
markdmac
markdmac

Part and Inventory Search

Sponsor

Back
Top