Making customisations to OWA is typically documented by Microsoft and various articles found on the NET
These are good comprehensive guides on how to do it
- http://technet.microsoft.com/en-us/library/bb124348.aspx (official Microsoft tech library)
- http://technet.microsoft.com/en-us/library/ee633483(EXCHG.140).aspx
- http://johnruby.wordpress.com/2011/03/12/customize-the-outlook-web-app-sign-in-and-sign-out-pages-exchange-2010-sp1-help/
(Customize the Outlook Web App Sign-In and Sign-Out Pages: Exchange 2010 SP1 Help ) - http://technicaljeditrials.info/2011/02/28/exchange-2010-multiple-owaecp-directories-part-1/ This particular resource show very well how to have Exchange 2010 – Multiple OWA/ECP Directories
A few notes that i made during a real customisation
Situation
Exchange server 2010 running on a multi tenant setup. The host has more than 20 domains. In order to implement autodiscover the "autodiscover redirection" method is used. A good resource for that is here .
One of the customers what to have a customized logon screen and not only the theme.
In order to do that a new site was created with a new IP, lets call it CUSTOMER_SITE.
I used initially the previously mentioned articles and there was "something" missing.
After spending a lot of time i found this article
In that was basically described what i did. The part i was missing is that on the Owa\auth\*.* files AUTHENTICATED USERS DID NOT HAD READ and EXECUTE permissions, only READ!!! ( GO FIGURE !!!)
The path i finally used to create the new site was on a separate D:\clinetsite_root folder.
- Now NTFS Permission Folder
C:\Program Files\Microsoft\Exchange Server\V14_ext\ClientAccess\Owa\auth\*.*SYSTEM FULL
ADM FULL FULL
OWA_EXT_USERS READ & Execute
Authenticated user READ & Execute
Another important issue was that of the redirection. If i used redirection on OWA folder i got a successfull connection followed by a mailbox unavailable error. So redirection had to only be at the root level of the new domain.
Also have to note that a new SSL cert was required to bind exclusively to the new IP address with the FDQN of the new site. A bargain site for such a task is https://www.ssls.com/ which offer a SSL for $5 per year. It is for ONLY 1 NAME !!!
On ISAPI filter on the root of the new domain have also to configure Exchange OWA Cookie Authentication ISAPI Filter to point to the new site location and not the default location of Exchange (ie C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\owa\auth\owaauth.dll for an Exchange 2010 installed on C)
