Forms Based OWA and MOSS Inbox Web part

i was found great article written by Fergus Strachan. if you have extending your exchange 2003 server with Form based authentication, and want to show your personal inbox in your MOSS personal site.

One of the nice things about Sharepoint is that you can customise your own page to include your email or calendar items in an OWA-based web part. This is particularly useful for me since I look at my other mailbox through my personal Sharepoint page.

However, in order to take advantage of some of the new security features of Exchange Server 2003 our server has forms-based authentication enabled. Forms-based authentication enables cookie-based timeout of OWA pages (and also allows you to log off properly!), but it also restricts the use of authentication methods on that virtual server.

If you follow these steps, you’ll see what happens:

1. Open Exchange System Manager, drill down through Servers, , Protocols, and to HTTP. Right-click the Exchange Virtual Server and select Properties.
2. In the Properties page, select the Settings tab and Enable Forms Based Authentication. Click OK.
3. Now right-click the Exchange virtual directory, select Properties. Now go to the Access tab, click on Authentication.

4. You’ll notice that every option is greyed out, and it’s not possible to select Integrated Windows Authentication. Not ideal for people wanting to access their Inbox via http://servername/exchange

   Forms Based Outside, Integrated Inside

   To work around this issue, it’s possible to employ a technique used in SharePoint for enabling Extranet access to portal servers. Create an additional Virtual Server for internal access, utilising Integrated Authentication.

To do this, follow these steps:

1. In System Manager again, go back to the HTTP folder within Protocols.
2. Right-click the HTTP folder and select New, HTTP Virtual Server.
3. Give it an indicative name such as “Internal”.
4. Now in order to distinguish this virtual server from the standard Exchange folder you can either assign a separate IP address to it or, as we do here, assign a host header.
5. Under IP Address, select Advanced. Click on the only line within the box and click Modify…
6. Under Host Name type in the NetBIOS name of the server and click OK twice.
   Note: Doing this will allow you to access the standard virtual server (the one using forms based auth) via the fully qualified domain name of the server – server.domain.com – and the integrated auth version using simply “server”.
7. Under Exchange Path ensure that it’s pointing to your mailbox store and click OK to close it.
8. Now right-click the Internal virtual server and select New, Virtual Directory.
9. Under Name type Exchange and go to the Access tab.
10. Select Scripts and click on Authentication. Under Authentication select Integrated Windows Authentication, and also Basic if you desire. Click OK twice to exit.

You’ll probably want to repeat this process for the Public store too…

Now simply wait for Exchange to update the IIS Metabase (you may want to run “iisreset”) and you will be able to access Exchange via http://servername/exchange. And you can configure your personal SharePoint page with this address as well, and it won’t ask you to enter your credentials.