Outlook Web App 2010 provides remote Exchange users with an extremely rich mailbox experience. However, the experience might be a little bit too rich for some organizations.
There are several reasons to disable an OWA feature. For example, I once had a client that stored lots of sensitive data in public folders. To prevent data leakage, the organization issued a mandate that prohibited users from accessing public folder data from outside their private network. The problem with this mandate is that by default, OWA allows access to public folders. The IT department decided that rather than force users off OWA, it would use segmentation to disable OWA public folder access.
Depending on your security requirements, you can also use segmentation to disable your users' ability to change passwords through OWA or disable journal folder access.
Segmenting OWA is also a good way to conserve Internet bandwidth. While OWA isn’t usually considered a high-bandwidth application, there are certain features, like Unified Messaging Integration, that consume a lot of bandwidth.
Unified Messaging integration is by far the most bandwidth-intensive OWA feature, but if you're desperate to scale back on bandwidth consumption, you can also use segmentation to disable the OWA Instant Messaging feature.
Flexible hosting options
Segmentation also benefits hosted environments where an Exchange shop provides services to either multiple siloed departments within one company or to multiple companies. In these situations, it's common to provide each group of users with a different OWA experience based on the amount of money their company is paying for the service.
For example, an organization might offer a basic subscription that includes the standard OWA client, while also offering the premium OWA client for an additional fee. Segmentation makes it possible to enable or disable the premium client.
On a side note, the segmentation feature also offers a way to disable address list access. However, even with address lists disabled, OWA users can still access the default global address list (GAL). This is a big problem for organizations that provide subscription-based OWA access.
Microsoft recently pulled a TechNet article that explained how to segment the GAL because it was designed for Exchange 2007. If you attempt this method on an Exchange 2010 server, it does irreparable damage. The good news is that Microsoft will offer GAL segmentation as a standard feature in Exchange 2010 SP2.
The OWA segmentation process
If and when you decide to segment OWA 2010, the process is quite simple; to enable or disable OWA features, go into the Exchange Management Console (EMC) and navigate to Server Configuration -> Client Access. Next, click on the client access server (CAS) that you want to implement segmentation on. Select the OWA Default Web Site option and click Properties. Exchange 2010 will display the OWA (Default Web Site) Properties sheet.
Click on the properties sheet’s Segmentation tab. This tab contains a list of the individual OWA features that can be segmented (Figure 1). To enable or disable an OWA feature, select the feature and click either Enable or Disable.
Remember, segmentation only affects OWA users. It does not affect ActiveSync or Outlook users. If you need to customize Outlook, you must do so through either group policy settings or customized deployments.
ABOUT THE AUTHOR:
Brien Posey is a seven-time Microsoft MVP with two decades of IT experience. Before becoming a freelance technical writer, Brien worked as a CIO for a national chain of hospitals and healthcare facilities. He has also served as a network administrator for some of the nation’s largest insurance companies and for the Department of Defense at Fort Knox.
This was first published in June 2011