Use simple techniques to create a unique experience for users
Outlook Web App (OWA) in Exchange Server 2010 is the new name for Outlook Web Access, which has been around for 15 years, ever since Exchange Server 5.0. Since the release of the first version of Exchange Server with OWA, companies and administrators have maintained a desire to make OWA unique, even beyond the supported options. Company customization of OWA ranges from superficial color changes, to full branding, to radical interface changes. The ease of actually accomplishing OWA customization varies greatly, depending on the version of Exchange Server, the available customization tools, and administrators' skill sets. (See also, "OWA Customization in Exchange 2010" and "Bringing OWA to Your Desktop.")
OWA has come a long way from the basic Active Server Pages (ASP) application of Exchange 5.0 and 5.5. Microsoft Exchange Web Services, added in Exchange Server 2007, makes Exchange data accessible from a variety of sources following the Web services API. Exchange Server 2010 with Exchange Web Services has made it easier to develop custom web applications to access Exchange Server data. Exchange 2007 included four user-initiated themes in OWA. In Exchange Server 2010 RTM, OWA customization options weren't yet supported; the old Exchange 2007 theme content was still part of the installation, though not a functional one. It wasn't until Exchange Server 2010 Service Pack 1 (SP1) that Microsoft brought back support for OWA customization. (Exchange Server 2010 SP2, which is the current service pack as of this writing, doesn't add to the OWA customizations that we'll look at in this article.)
In this article, I'll discuss OWA segmentation, which is used to limit the components that users can access through the OWA interface, and customization of the OWA logon and logoff screens.
Microsoft Policy on Customizing OWA
For many of the OWA changes that we'll look at, you must replace existing files with your customized files. For themes, simple Cascading Style Sheets (CSS) changes, and logon- and logoff-screen changes, you're manipulating content at the file level. When Microsoft releases updates to Exchange Server -- whether bug fixes, rollup packages, or service packs -- the company offers no guarantee that your changes won't be overwritten. Nor does it guarantee that code changes in updates won't affect your customization efforts. Therefore, you should maintain a backup of any customization efforts and test Microsoft updates to ensure that your OWA customization still works after they're applied. Microsoft outlines its support policy for OWA customization, for all versions dating back to Exchange 5.5, in the article " Microsoft support policy for the customization of Outlook Web Access for Exchange." In addition, I recommend that you develop and test your customizations, whether comprehensive OWA custom applications or file-level image updates to reflect a branded logon screen, in a lab deployment before putting your work into production.
Segmentation is a fully supported method of customization for OWA. With segmentation, an administrator simply controls which components of OWA are visible to the end user. Many enterprises want their users to have access to the full range of functionality through the OWA client. However, some users might require only a limited set of features to complete their daily duties. For example, I recently worked at a manufacturing plant in which the plant workers needed access to email and contacts, but calendar, tasks, and public folder access was superfluous. Focused OWA access also helps to restrict users from exposing or being exposed to content that might otherwise be considered off limits or confidential. Limiting access to components deemed unnecessary by use or policy is good security practice as well, reducing the risk surface area. Segmentation can also reduce bandwidth use during OWA sessions.
OWA is available by default on any Exchange 2010 server with the Client Access server role installed. No additional configuration is needed to enable segmentation. As of Exchange 2007, segmentation has been readily managed through the Exchange Management Console (EMC). Segmentation is configured through the Client Access server in EMC.
In EMC, navigate to the Client Access server that hosts OWA, then right-click the OWA site and select Properties. The Segmentation tab, which Figure 1 shows, lists the user-level OWA components that can be toggled on and off for users of the Client Access server. (Table 1 lists all the available features.) Select and enable or disable individual features, one at a time.
Exchange Server 2010 introduces OWA mailbox policies. These policies allow administrators to apply segmentation selections to individual users or groups of users, rather than to everyone who connects to OWA on a specific Client Access server. Even though the feature includes "mailbox" in its name, these policies are technically not applied to mailboxes but rather to the web application that's used to access mailbox data. When the Client Access server role is installed, a default OWA mailbox policy is put in place. By default, all the listed, segmentable features are enabled in the default policy.