Customizing OWA 2000 Using Segmentation.
By Lee Derbyshire
Customizing Exchange 5.5 Outlook Web Access was never an easy task, the ASP files were poorly commented, and the code (with its use of the CDO Renderer) is obscure, to say the least. But at least it could be done. When it comes to Exchange 2000 OWA, however, many people fall at the first hurdle; there aren’t even any ASP files to edit; in fact, it’s often hard to work out where the HTML output comes from. With SP2, Microsoft added a feature, known as segmentation, to Exchange 2000 that allows you to quite easily make some rather major changes to the appearance of OWA.
What can you do with segmentation? Well, basically you can hide the special folders (Contacts, Tasks, etc.) from the interface, and turn off New Mail Notifications and Reminders. There isn’t much you can do cosmetically, but you can enable the OWA ‘Reach’ interface to speed up access for your dial-up users.
In this article, I will show how to enable segmentation at a granular level by modifying the Active Directory schema, and at a server level by adding a registry entry. There is also a warning regarding a strange side-effect on MS Outlook.
To be able to modify segmentation attributes for individual users, or groups of users, it is necessary to add an attribute to the Windows 2000 Active Directory schema. Fortunately, MS have provided a VB script that allows us to do this quite easily. The name of the script is OWA-SCHEMA.VBS and it is provided with SP2, or later. My service pack (SP3) was downloaded from the MS download site, and the file was located in the folder named server\support\OWASCHEMA . If you have a different service pack, or received it on a CD, you may find it in a different place. Once you have located the file, copy it, and the other file in the folder OWA-SCHEMA.LDF into a temporary working folder on your Exchange server. Note that you actually need to have applied the SP2, or later, in order for segmentation to work.
To run the script, you will need to be logged onto the server that holds the Schema Master FSMO role for your Domain with an account that is a member of at least the Schema Admins group. Open a command prompt box, navigate to the folder you placed the files in with the CD command, and then use the command CSCRIPT OWA-SCHEMA.VBS to run the script. You should get an output like this (figure 1) in your command prompt window:
Fig.1 – Modifying the AD schema with OWA-SCHEMA.VBS .
When the script has executed, you will find an extra file, ldif.log , in your working directory. If everything has gone according to plan, the last line of the file will be something like 'The command has completed successfully'. When you have successfully executed the script, you can delete all three files.
Now you can use ADSI Edit to change segmentation values for your Users. If you have not yet installed ADSI Edit onto your server, you will find the setup program for it (and some other utilities) in the SUPPORT\TOOLS folder of your Windows 2000 installation CD. You must be very careful using ADSI Edit. If you change the wrong thing you could well bring down your entire Directory, causing you hours of anxiety and unplanned repair work. Using ADSI Edit, locate the User or Group you wish to change segmentation attributes for in the left-hand tree view, open its properties from the context menu, and then select the msExchMailboxFolderSet attribute from the drop-down list. This attribute would not have existed before executing the OWA-SCHEMA.VBS file. Here (figure 2), I have selected the msExchMailboxFolderSet attribute for the Administrator User as an example:
Fig. 2 – Modifying the msExchMailboxFolderSet attribute in ADSI Edit.
To enable or disable segmentation features, you will need to enter a numeric value for this attribute. Each controllable OWA property is represented by a single binary digit, which are increasing powers of two. Thus, to enable several features, you just add the numbers together and enter this number as the value for msExchMailboxFolderSet. Here (table 1) are the bit values you need in order to calculate this value:
New Mail Notification
Rich OWA Interface
Table 1 – OWA Segmentation bit values.
So, for example, to disable OWA access to all special folders except for Public Folders and Contacts, you would enter a decimal value of 69 (which is calculated in this case by adding together 64 + 4 + 1). This would give the User or Group what is know as the ‘Reach’ OWA interface, and all other special mailbox folders hidden. The decimal value to enable all features is 1023.
In my Administrator User example above, I have used the segmentation value 1. This value hides all special mailbox folders and enables the Reach interface (shown in figure 3), which is simpler and may be used to speed up OWA access for dial-up users. It may not look very different at first glance, but you will notice that some elements are missing, and that the selected message is shown in a frame within the main browser window instead of a second window.
Fig 3. – The OWA Reach Interface.
Note that you can’t actually disable the Messaging feature using segmentation, although the numbers in table 1 would suggest that you could. Maybe this feature is intended for a future version? If you attempt to disable it by using an even attribute number (i.e. with the lowest bit reset), it will ignore your settings. Also be aware that when a folder is hidden in this way, it isn’t actually deleted from the User’s mailbox – it can still be reached by typing in a specially crafted URL - it is just hidden from the interface, that’s all.
What if you want to make a server-wide change to your OWA appearance? Well, that’s a little easier – you can do it with a modification to the registry of your Exchange Server. Create a registry DWORD value named DefaultMailboxFolderSet at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeWeb\OWA and enter a decimal value. The value is calculated the same way as before using the numbers in table 1.
Fig. 4 – Controlling OWA segmentation in the registry.
The main difference, when you use the registry, is that you will have to stop and start the Exchange Information Store service to apply any changes that affect the visibility of folders, and stop and start the World Wide Web service if you have enabled the Rich or Reach OWA interface. If you are using both methods, or are applying the ADSI Edit method at different Directory levels, you should note that changes lower down the AD hierarchy take precedence over changes at a higher level. So, for instance, changes at the user level have priority over changes at the server level. You can take advantage of this to customize the appearance in different ways for some of your users.
I also said at the beginning of the article that there was a strange side-effect in MS Outlook. During testing, I discovered that on a machine with Windows XP and Outlook 2002 installed, any changes made to the appearance of folders in OWA was also reflected in Outlook the next time it was run after OWA had been used on the same machine. Look at the Folder List in figure 5.
Fig. 5 – Special Folders hidden from Outlook.
Note that the special folders Contacts, Calendar and Tasks are no longer visible in the folder tree view. This change is not, as far as I can tell, documented anywhere, and the fact that it appears only after using OWA on the same machine (and for the same user) makes me think that it is not intentional. You can still access the folders using the shortcuts on the left, but if you have subfolders in Contacts, for example, they can be difficult to reach. This change in appearance isn’t undone until you change the segmentation values on the server, and re-open OWA on the client end. Note that I have only seen this on the XP/Outlook 2002 combination. If anyone can shed any light on this behaviour, I’d be interested to hear from you.
Segmentation also works with Exchange 2003, and extra attributes may be added in future versions.
If you would like us to email you when Lee Derbyshire releases another article on MSExchange.org, subscribe to our 'Real-Time Article Update' by clicking here. Please note that we do NOT sell or rent the email addresses belonging to our subscribers; we respect your privacy!
About the author:
Lee Derbyshire BSc (Hons), MCSE is a full-time IT Professional living in the UK. You can visit his Web page at www.leederbyshire.com .