2. Navigate to the Firewall Policy node in the console tree.
3. Double-click on the OWA rule.
4. Select the Path tab.
5. Click Add.
6. For the path, enter /iisadmpwd/*, as shown in Figure 12.23.
7. Click OK, OK, Apply, and OK to save the changes.
FIGURE 12.22 Changing the registry to support password resets.
343
12
Securing Exchange Outlook Web Access with ISA Server 2006
FIGURE 12.23 Allowing change password functionality in an ISA OWA publishing rule.
Summary
Outlook Web Access is a powerful tool that, when properly utilized, allows for a broad
array of functionality that can increase productivity. Along with the productivity
increases, however, comes the risk associated with exposing internal corporate assets to
the Internet. Fortunately, ISA Server 2006 allows for unprecedented securing techniques to
make OWA implementations safer and more productive.
Best Practices
. Use ISA to reverse-proxy web-based mail products, such as Outlook Web Access,
whenever possible.
. Use a second external IP address, DNS host, and certificate if forms-based authentication
for OWA is required to co-exist with OMA, ActiveSync, and RPC-HTTP.
Pages:
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566