Article ID: 4606, created on Mar 26, 2008, last review on Aug 12, 2014

  • Applies to:
  • Operations Automation 5.3
  • Operations Automation 5.2
  • Operations Automation 5.1
  • Operations Automation 5.0
  • Operations Automation 2.7
  • Operations Automation 2.6

Please note, this is unapliccable for POA >5.4, since introduction of system-wide property "Allow OWA auto-login from MyCP" in scope of POA-65351. See KB #118368 for POA > 5.4.


Some providers prevent customers' CP users (Account Administrators) from accessing end users' mailboxes by hiding passwords. However, autologin to Outlook Web Access is still available and can be used to gain unauthorized access.


Until feature request #117998 is processed, there is no way to disable the OWA link using the POA CP. The only way is to adjust database properties in the following way:
UPDATE exch_protocols_services SET owa_dir='' WHERE service_id=<service_id>;
(replacing <service_id> with the appropriate service ID; it can be selected using the query below:SELECT service_id, host, ip_addr FROM exch_protocols_services p
    JOIN exch_nlb_clusters c USING(cluster_id)
    JOIN dns_resource_records d ON(d.rr_id = c.dns_record_id);
For example:plesk=> SELECT service_id, host, ip_addr FROM exch_protocols_services p
plesk-> JOIN exch_nlb_clusters c USING(cluster_id)
plesk-> JOIN dns_resource_records d ON(d.rr_id = c.dns_record_id);
 service_id |              host               |     ip_addr
        119 |     |
        132 | |
(2 rows)

To disable OWA autologin for, use 132 as the service_id:
plesk=> BEGIN;
plesk=> UPDATE exch_protocols_services SET owa_dir='' WHERE service_id=132;
plesk=> COMMIT;

After this update is performed, the OWA link from the customer's CP may become broken, returning error 404 for the following URL:

To resolve this issue, one may set up a redirect (this should be done on all CAS servers or Front-ends participating in the NLB cluster):

1. Create an empty file, C:\inetpub\wwwroot\auth\owaauth.dll.
2. Set the following options for the file "/auth/owaauth.dll" in the IIS Management Console on the Default Site:
  • "Redirection to a URL" - selected
  • "Redirect to:" - /owa
  • "Exact URL entered above" - checked

5356b422f65bdad1c3e9edca5d74a1ae 0c262e25de71ebe1ac525040493d11d0 1daac7478dc3e43f59cdce868c0fea76 80fcf07a72a3fc2739554dff85ce8fe7 caea8340e2d186a540518d08602aa065 c2898cda1192c88ccc616ade5f670bd6 2554725ed606193dd9bbce21365bed4e a8cdca46e4357a6e38fded820770e272 25ba5a02b9d70d4212e34c355e881968 c27596ac4fff6cb4c8ec8891dae57001 e12cea1d47a3125d335d68e6d4e15e07

Email subscription for changes to this article
Save as PDF