3.4. OWA Customizations
It is quite common for
organizations to have modified OWA in Exchange Server 2003 to meet their
organization's needs, and you will want to reflect these modifications
in your Exchange Server 2010 deployment as well.
Outlook
Web App 2010 has a single theme whose graphic elements, colors, and
other elements can be modified to accommodate your organization's
branding—logos, color scheme, graphic elements, and so on. OWA 2007
supported multiple themes, but Exchange Server 2010 Outlook
Web App has one theme for all users, although multiple theme support
will be included with Exchange Server 2010 SP1. Any modifications are
overwritten when you deploy an Exchange service pack or rollup, so you
need to make backups of any changes and reapply them after applying the
service pack or rollup.
Another element that is
frequently customized is the OWA sign-in and sign-out pages. Outlook Web
App can be customized in this manner as well; the sign-in, language
selection, and sign-out pages are created based on the graphics and
logon.css files. These files are located in the base theme folder in the
Exchange installation directory at <Exchange Server>\V14\Client
Access\OWA\<version number>\themes\base. Again, any modifications
are overwritten when you deploy an Exchange service pack or rollup, so
you need to make backups of any changes and reapply them after applying
the service pack or rollup.
If you have multiple Client
Access servers in your environment, you must copy any changes made to
each Client Access server to ensure a consistent user experience.
3.5. Outlook Interoperability
In Exchange 2010, the Client Access server role now handles the RPC connectivity from
MAPI clients such as Microsoft Office Outlook for connections to
mailbox databases; connections to public folder databases are still made
directly to the RPC Client Access service on the Mailbox role. In
Exchange 2007 and earlier, Outlook clients connecting to an Exchange
server from inside an organization's firewall would connect directly to
the Exchange 2007 Information Store.
For the purposes of
coexistence, however, it is important to note that RPC Client Access
requires RPC encryption by default. Outlook 2007 and later use
encryption by default, but Outlook 2003 is not configured for RPC
encryption by default. RPC encryption can be turned off on the Client
Access server, but best practice is to enable encryption for Outlook
2003 users either manually or through Active Directory group policy to
ensure that these users can connect to their mailboxes when they are
moved to Exchange 2010. Detailed instructions for configuring RPC
encryption for Outlook are available at http://support.microsoft.com/kb/2006508.
In addition, as mentioned in the Section 3.1
section of this article, if Outlook 2003 is in use in the environment,
public folders will also need to be maintained to provide free/busy
functionality to Outlook 2003 users.
3.6. Exchange ActiveSync Coexistence
When Exchange Server 2010
Client Access is deployed, it provides direct support for Exchange
Server 2003 mailboxes.
You must enable Integrated
Windows authentication on the Microsoft-Server-ActiveSync virtual
directory on the Exchange 2003 back-end server. This allows the Exchange
2010 Client Access server and the Exchange 2003 back-end server to
communicate using Kerberos authentication to provide for seamless coexistence for Exchange Server 2003 mailboxes access via Exchange Server 2010 ActiveSync. IIS
Manager cannot be used to change the authentication settings on the
ActiveSync virtual directory, because the DS2MB process within the
Exchange 2003 System Attendant will overwrite the settings that are configured. Integrated Windows authentication can be configured in one of two ways: