Please note, this is unapliccable for POA >5.4, since introduction of system-wide property "Allow OWA auto-login from MyCP" in scope of POA-65351. See KB #118368 for POA > 5.4.
Some providers prevent customers' CP users (Account Administrators) from accessing end users' mailboxes by hiding passwords. However, autologin to Outlook Web Access is still available and can be used to gain unauthorized access.
ResolutionUntil feature request #117998 is processed, there is no way to disable the OWA link using the POA CP. The only way is to adjust database properties in the following way:
BEGIN;(replacing <service_id> with the appropriate service ID; it can be selected using the query below:
UPDATE exch_protocols_services SET owa_dir='' WHERE service_id=<service_id>;
SELECT service_id, host, ip_addr FROM exch_protocols_services pFor example:
JOIN exch_nlb_clusters c USING(cluster_id)
JOIN dns_resource_records d ON(d.rr_id = c.dns_record_id);
plesk=> SELECT service_id, host, ip_addr FROM exch_protocols_services p
plesk-> JOIN exch_nlb_clusters c USING(cluster_id)
plesk-> JOIN dns_resource_records d ON(d.rr_id = c.dns_record_id);
service_id | host | ip_addr
119 | exchange.example.com. | 064.131.091.165
132 | exchange2007.example.com. | 064.131.091.112
To disable OWA autologin for exchange2007.example.com, use 132 as the service_id:
plesk=> UPDATE exch_protocols_services SET owa_dir='' WHERE service_id=132;
After this update is performed, the OWA link from the customer's CP may become broken, returning error 404 for the following URL:
To resolve this issue, one may set up a redirect (this should be done on all CAS servers or Front-ends participating in the NLB cluster):
1. Create an empty file, C:\inetpub\wwwroot\auth\owaauth.dll.
2. Set the following options for the file "/auth/owaauth.dll" in the IIS Management Console on the Default Site:
- "Redirection to a URL" - selected
- "Redirect to:" - /owa
- "Exact URL entered above" - checked