When installing Exchange Server 2007, the OWA direct file access feature is enabled by default, but if you enable forms-based authentication (FBA) on the respective OWA virtual directory, it only works when the user selects Private computer on the FBA logon page. If a user selects Public computer on the logon page, the OWA document access feature will be disabled, at least by default. If you, after installing the Exchange 2007 bits, want to change the default configuration settings, there are several knobs and features you can adjust on afterwards. In order to do so you need to open the Exchange Management Console, then navigate down to the Server Configuration node and select Client Access (see Figure 1).
Note:
Although the feature can be configured both from within the Exchange Management Console (EMC) as well as from the Exchange Management Shell (EMS), we’ll concentrate on the configuration options within the EMC in this article.
Figure 1: Client Access Server in the Exchange Management Console
Now select the server, on which the Client Access server role has been installed, in the Result Pane. Click the OWA (Default Web Site) virtual directory in the Result Pane then select Properties in the Action Pane (or simply right-click the vdir and select Properties in the context menu).
Note:
You can configure the OWA direct file access options per virtual directory, so if you for example, host multiple companies with each, with their OWA path configured, you can enable/disable OWA direct file access features per company.
Click the Private Computer File Access tab and you’ll see a screen similar to the one shown in Figure 2 below.
Figure 2: Private Computer File Access under the OWA (Default Web Site) Property Page
Here we can enable/disable the direct file access feature as well as customize it further. As expected the Direct File Access feature is enabled, now click the Customize button. This brings us to the screen shown in Figure 3.
Figure 3: Direct File Access Settings
When you have enabled the direct file access feature you can specify which types of files users can access without saving them first. You can do this by clicking the Allow button under Always Allow, which brings us to the screen in Figure 4 below.
Figure 4: Allowed File Types
As you can see you simply type the extension of the file type you want to allow, and enter the MIME types of the files that are allowed. Now click OK to exit the Allow list window.
Note:
The Allow list overrides the Block list and the Force Save list, so be wise when you add/remove file types from the Allow list.
The Block list and the Force Save list which also are accessed from the screen back in Figure 3 are identical to the Allow list, so I won’t show a screenshot of those here, just mention that the Block list, as the name implies, is used to specify any file types your users should not be allowed to access via OWA. The Force Save list is used to specify file types your users must save to disk before they can be opened. The last feature in Figure 3, which is called Unknown Files, is used to specify how unknown file types that haven’t been specified in the Allow list, Block list or Force Save list should be handled. You can select between Force Save, Allow and Block as shown in Figure 5.
Figure 5: Specify how Unknown File Types should be handled
Click OK to get back to the Private Computer File Access tab (Figure 2).
Besides the option of enabling/disabling the direct file access feature completely, there’s also a WebReady Document Viewing feature to be found here. When this feature is enabled, which is the case by default, the file types specified (see Figure 6) can be viewed in Internet Explorer, instead of opening the actual file type application such a Word, Excel, PowerPoint and PDF.
Figure 6: WebReady Document Viewing Settings
In part two of this article series, I’ll show you a Word file opened within Internet Explorer instead of Word using the WebReady Document Viewer feature.
As you can see in Figure 2, you can also force WebReady Document Viewing, before OWA tries to open the file in the respective application.
Note:
The WebReady Document Viewing feature is especially useful, if you’re for example accessing the OWA from an Internet Kiosk.
As can be seen back in Figure 2 there’s also the option of enabling/disabling access to either Windows File Share or Windows SharePoint Services under the Private Computer File Access tab.
Now click OK, then the Remote File Servers tab. As you can see in Figure 7 below, we also have the option of specifying the host names of servers from which the clients are allowed/denied access. Here it’s worth noting that the Block list takes precedence over the Allow list.
Figure 7: Remote File Servers tab under the OWA (Default Web Site) Property tab
In addition you can specify how to access files from remote file servers that are not in the Block list or Allow list, here you can choose between Allow and Block.
The very last configuration option there is to cover is related to which domain suffixes should be treated as internal Web Sites. This is done by clicking the Configure button and then entering the domain suffix for sites whose FQDN names should be treated as internal (see Figure 8).
Figure 8: Internal Domain Suffix List for sites whose FQDN name are treated as internal
You can now close the Property windows and exit the Exchange Management Console, as this was all there was to show you on the server-side.
In part two of this article series, I’ll show you how this OWA direct files access feature works in the OWA 2007 Premium client. Until then have a nice one!
Alright we’ve been through enough boring configuration settings now, so I bet most of you are eager to see the OWA direct file access feature in action, so let’s get going by logging on to a mailbox using OWA 2007. Remember you need to use the Premium client in order for the feature to work. Also bear in mind that, unless you changed the default configuration settings, you need to select This is a private computer on the forms-based Authentication (FBA) page shown in Figure 1 below.
Figure 1: OWA 2007 Forms-based Authentication Page
When we have logged on to OWA 2007, we need to click the Documents button in the left pane (see Figure 2).
Figure 2: Clicking the Documents button in the left pane
This brings us to the page shown in Figure 3, which is where the fun begins.
Figure 3: OWA 2007 Direct File Access page
As you can see, I haven’t accessed any Windows file shares or Windows SharePoint Services server using this account, or at least I didn’t add them to Favorites in the left pane.
Note:
Any SharePoint Folders added in the Outlook 2007 client will also be visible and accessible via the OWA direct file access page.
Let’s try opening a file share on an internal Windows file server in the organization. We do this by clicking Open Location in the left pane, where after we specify the UNC path to the share (see Figure 4).
Figure 4
Now let’s click open. As you can see all folders within the specified Windows file share is listed in the right pane (see Figure 5).
Figure 5: Accessing a Windows File Share on an internal server
If you’re using OWA on the internal network or if the FQDN of the Windows file share server (not likely) or Windows SharePoint Services server is published on the Internet, you also have the option of opening the folder list in Windows Explorer by clicking Open in Windows Explorer in the toolbar. Right under the Open in Windows Explorer link, you can click Add to Favorites; so that the particular folder you’re currently located in is added to the Favorites list in the left pane (see Figure 6). If you’re the right-clicking kind of guy, you can also right-click a folder to bring up a context menu, from where you can select Add to Favorites.
Figure 6: Adding file shares to the Favorites list
Another neat feature is the breadcrumb navigation to the right of the Add to Favorites button, a feature that makes it easy to get back to, for example the top level folder, if you for example are located several levels down in the folder hierarchy.
Let’s take a look at the folder context menu I mentioned before. Let’s for instance right-click on the folder called MSExchange.org. This brings up the context menu shown in Figure 7 below. As you can see we have four options here, Open which will simply open the folder in the right pane, Open in New Window which (you guessed right) will open the folder in a new browser window. We then have an option called Copy Shortcut, this option will copy the folder UNC to the clipboard. Right-clicking MSExchange.org and selecting Copy Shortcut would copy an UNC called file://ehvms07/fileshare/MSExchange.org to the clipboard. We already covered the Add to Favorites option, so I won’t talk more about that one.
Figure 7: Folder context menu
Ok now let’s try to navigate to a folder containing a file, in this case a Word file. As you can see in Figure 8 the file context menu is slightly different from the folder context menu. Selecting Open would open the file in the associated application, in this example Microsoft Office Word.
Figure 8: Right-clicking on a file
But what if you’re accessing your mailbox from, for example, an Internet kiosk? Well it doesn’t really matter, because then you simply select Open as Web page instead as I did with a word document in Figure 9 below. In the top of the browser window you can see the full name of the respective file as well as how big it is. You also have the option of opening or saving the particular file by either left clicking (will open file in the respective application, if installed locally on the machine from which you logged on to OWA) or right-clicking (saves the file to disk) the file.
Figure 9: Opening a file in a web page
Note:
It’s the new OWA 2007 WebReady Document Viewing feature which makes us capable of opening almost any type of file in a browser window, instead of the associated application. As some of you may know the WebReady Document Viewing feature also can be used to open message attachments in ordinary email messages.
The third option in the file context menu back in Figure 8 is Send By Email, which will attach the selected file as an attachment in a new Email message (see Figure 10).
Figure 10: Sending a file from a remote file share as an attachment
The last option in the context menu which is Copy Shortcut is similar to the one in the folder context menu. It will provide a UNC like the following:
Conclusion
The new direct file access feature is an extremely welcome addition to OWA, and makes the best web mail client in the world even better. I don’t think I’m the only one who has attended a conference or simply been on the move, and suddenly had the need to access a document or some other file type located on an internal non-exposed SharePoint site or UNC file share on your corporate network, without having the option of establishing a VPN connection. With the new direct file access feature this is no longer an issue, since you can access documents as well as many other file types directly from within an OWA session. Not only that, it’s also possible to open these documents in a browser window, should you be using, for example, an Internet kiosk without the required applications (such as Word, Excel, PowerPoint, PDF reader etc.) installed. You can even send one of the files via the direct file access feature as an attachment in an email message, without downloading the file to your local machine!
In addition it’s worth noting that even though the direct file access feature only supports read access to files stored on either a Windows File Share server or a Windows SharePoint Services server, you always have the option of downloading the document to your local machine for further editing.
When speaking the configuration settings on the server-side, it’s great to be able to control what type of files your users should be allowed access to, as well as being able to configure the feature per virtual directory/per user.
沒有留言:
張貼留言