Managing the Microsoft Outlook Web Access 2007 application in IAG SP2

  • Article

Applies To: Intelligent Application Gateway (IAG)

Application-Specific Settings

The application-specific settings when publishing Microsoft Outlook Web Access 2007 with Whale Communications Intelligent Application Gateway (IAG) 2007 include the following options:

  • Enabling access to documents via Microsoft Office SharePoint Server 2007.

  • Preventing users from uploading or downloading files using Outlook Web Access, unless their endpoint meets the defined security policy requirements.

In addition, the behavior of the application when the form authentication engine is defined to automatically reply to application-specific authentication requests is described in Using Login Forms.

Enabling Access to Sharepoint Server using Outlook Web Access

Microsoft Outlook Web Access 2007 includes integration with Microsoft Office SharePoint Server 2007, where users can access documents via the SharePoint Server from within the Outlook Web Access interface.

In order to enable this functionality, you need to add the SharePoint Server application to the portal. In the IAG Configuration console, use the Add Application Wizard to add the Microsoft Office SharePoint Server 2007 application to the trunk that enables access to Outlook Web Access.

Blocking Uploads and Downloads

You can configure upload and download policies so that end-users cannot upload or download files through Outlook Web Access unless the client endpoint meets the security policy requirements. Users that are blocked are notified accordingly.

In order to enable this option, after you finish adding the Microsoft Outlook Web Access 2007 application to the trunk, you need to assign a unique upload or download policy to the application, as described in this section.

Since Secure/Multipurpose Internet Mail Extensions (S/MIME) support has been returned to Microsoft Office Outlook Web Access in Microsoft Exchange Server 2007 Service Pack 1 (SP1), the IAG "Microsoft OWA 2007 Upload" policy functions as follows:

  • The value "True" prevents uploads from endpoint computers.

  • The value "False" allows uploads from endpoint computers.

To block uploads

  1. In IAG Configuration console, select the trunk that includes the Microsoft Outlook Web Access 2007 application.

  2. In the Applications list, select the Microsoft Outlook Web Access 2007 application, and click Edit to access the Application Properties dialog box.

  3. In the General tab, in the Endpoint Policies area, from the Upload drop-down list, select the policy Microsoft OWA 2007 Upload.

  4. By default, the value of the policy is as follows:

    • The value of the Windows and MAC OS platform-specific policies is "True", and it prevents uploads from endpoint computers running Windows or MAC OS operating systems.

    • The value of the Linux and Other platform-specific policies is "False", and it does not prevent uploads from endpoint computers running Linux operating systems and operating systems other than Windows or MAC OS.

    If required, change the policy to comply with your corporate policy. For more information, see Managing IAG client endpoint policies.

  5. On the toolbar of the Configuration console, click the Activate Configuration icon, and then on the Activate Configuration dialog box, click Activate.

    When the configuration is activated, the message "IAG configuration activated successfully" appears.

    File uploading will only be enabled on client endpoints that comply with the security policy that you define here.

To block downloads

  1. In IAG Configuration console, select the trunk that includes the Microsoft Outlook Web Access 2007 application.

  2. In the Applications list, select the Microsoft Outlook Web Access 2007 application, and click Edit to access the Application Properties dialog box.

  3. In the General tab, in the Endpoint Policies area, from the Download drop-down list, select the policy Microsoft OWA 2007 Download.

  4. By default, the value of the policy is as follows:

    • The value of the Windows and MAC OS platform-specific policies is "True", and they do not prevent downloads to endpoint computers running Windows or MAC OS operating systems.

    • The value of the Linux and Other platform-specific policies is "False", and they prevent downloads to endpoint computers running Linux operating systems and operating systems other than Windows or MAC OS.

    If required, change the policy to comply with your corporate policy. For more information, see Managing IAG client endpoint policies.

  5. On the toolbar of the Configuration console, click the Activate Configuration icon, and then on the Activate Configuration dialog box, click Activate.

    When the configuration is activated, the message "IAG configuration activated successfully" appears.

    File downloading from the server will only be enabled on client endpoints that comply with the security policy that you define here.

Using Login Forms

In the Authentication page of the Add Application Wizard, or in the Web Settings tab of the Application Properties dialog box, you can select the option Automatically Reply to Application-Specific Authentication Requests. If the request form is an HTML form, that is, either HTML Form or Both is selected in the Web Settings tab, once users enter a set of credentials that is valid for the application, for example during the initial login, they are not requested to authenticate again, against the application server.

In the Microsoft Outlook Web Access 2007 application, this means that each time the authentication page is automatically processed; the application is accessed with the default settings of the login page. The main consequence of this for the end-user is that the computer type is automatically defined as "Public or shared", and thus the period of inactivity before the user is logged out is relatively short. The user cannot select the computer type "Private", or select the Outlook Web Access Light option.

.