Exchange services publishing deployment options
Published: January 11, 2010
Updated: February 15, 2013
Applies To: Unified Access Gateway
This topic describes the Exchange services publishing deployment options that are available when using Forefront Unified Access Gateway (UAG). You can publish one or more Exchange mail services via a single Forefront UAG portal, thus providing users with a single entry point to multiple Exchange services.
Forefront UAG enables two deployment scenarios for your Exchange services:
Scenario 1: Creating a portal and then publishing Exchange services as an application in the portal.
For details about publishing applications in a portal, see Implementing a trunk.
This scenario is useful if you have a number of applications that you want to publish through the portal, in addition to publishing Exchange. You may also use this scenario if you are future proofing your deployment; for example, currently you may only require remote access to Exchange services, but in the future, you may also require access to SharePoint websites.
If you intend to publish several Exchange services with different configurations, this is the recommended scenario to publish Exchange though the portal.
Scenario 2: Creating a portal and simultaneously publishing Exchange as an application in the portal, where the portal does not appear to the client.
For details about creating a portal and simultaneously publishing Exchange as an application, see Implementing a trunk.Scenario 2 is similar to scenario 1. However, although you can publish additional applications through the portal in this scenario, you must manually make changes to the portal configuration to allow end users to access them.
Note: To create a portal and simultaneously publish Exchange services, on the Select Trunk Type page of the Create Trunk Wizard, select the Publish Exchange applications via the portal check box. The wizard then guides you through the steps to create the trunk and publish the Exchange services. After completing the wizard, the Exchange application is set as the initial portal application, by default.
The ideal way to publish your Exchange services is if you already have a fully qualified domain name (FQDN) that suggests the purpose of the portal, for example, https://mail.contoso.com.
When you publish OWA via a Forefront UAG portal, you can select to apply one or both of the following options:
Define the OWA application as the site's initial application.
The OWA page serves as the portal home page; that is, the first page presented to users after they log on to the portal.
Apply the OWA look and feel to the portal's logon and logoff pages.
If you had a previous deployment of OWA without Forefront UAG, end users may already be familiar with OWA. This option allows you to continue to provide a familiar look and feel to your end users.
When an end user accesses the site, a health check is performed on the client endpoint. If the client endpoint passes the health check, Forefront UAG allows the end user to set the security settings on the OWA logon page to This is a private endpoint or This is a public or shared endpoint.
If the client endpoint does not pass the health check, Forefront UAG sets the security settings on the OWA logon page to This is a public or shared endpoint. The user cannot change this setting.
By default, Forefront UAG identifies all clients as public endpoints. To change this, edit the policy used by Forefront UAG to identify privileged endpoints. For more information, see Modifying Exchange endpoint policies.
Tip: The administrator should set the portal session timeout to be shorter than the Exchange OWA session timeout so that users are not automatically logged out of OWA while still logged in to the portal.
If you want to define the OWA application as the portal home page, the following OWA functionality is applied to the portal's logon page:
When accessing OWA, end users can choose whether to use Outlook Web Access Light or Outlook Web Access Premium.
For details about browser requirements for OWA, see Educating Information Workers About Outlook Web Access
- When accessing OWA, end users can choose whether to use Outlook Web Access Light or Outlook Web Access Premium.
For deployment instructions, see Publishing Exchange services scenarios.
Supported Exchange versions
Forefront UAG supports publishing the following versions of Microsoft Exchange Server:
Exchange Server 2013
Exchange Server 2010
Exchange Server 2007
Exchange Server 2003
In addition, Forefront UAG SP1, SP2, and SP3 support coexistence topologies where different Exchange versions are simultaneously deployed in organizations. For example, when an organization is moving users from Exchange Server 2007 to Exchange Server 2010, Forefront UAG SP1, SP2, and SP3 support publishing OWA for both versions during the transition period.