Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Microsoft The Internet

Can OWA Replace the Outlook Client and the VPN? 73

Posted by Cliff from the for-those-who-have-pained-outlooks dept.
IPAQ2000 writes "This past week, I attended a panel discussion sponsored by Microsoft and other major players in the space. One of the ideas brought up by one of the expert panel attendees from a company called Seaside Software claimed that large organizations should rely mainly on Outlook Web Access (OWA) for Exchange 2K access for remote users. He claimed that OWA access with SSL makes it perfect for secure access and saves the hassle of the VPN client support. I can see how avoiding the VPN client and the Outlook client together on desktops around large organizations (like mine) could be a good thing (by saving money), and how moving to OWA for remote users makes sense. In fact, it looks like MS themselves are putting much more emphasis on the browser in Exchange 2003 (OWA and Outlook are almost identical) so that users can run whatever version is appropriate for their needs, according to connectivity speeds, location, etc. There was a discussion regarding mobility and remote solutions in the enterprise. I thought that this might be a good subject for a Slashdot discussion, especially as it relates to Exchange. What do you think about OWA as main way of accessing Exchange, especially as OWA keeps getting richer with each version of Exchange?"
This discussion has been archived. No new comments can be posted.

Can OWA Replace the Outlook Client and the VPN? More

Can OWA Replace the Outlook Client and the VPN?

Comments Filter:

  • Not as great as it looks (Score:3, Informative)

    by DetrimentalFiend ( 233753 ) on Tuesday March 11, 2003 @11:41PM (#5490858)
    I just used this today at work (we have the latest version of exchange) and it's really a pain compared to outlook. I'm sure as they add features and functionality it'll be nicer (and it's sure nicer from a management standpoint), but I'm still not thrilled with the interface. Currently we have everyone in the office running normal outlook with a few people (including us IT staff) trying out the web version of exchange when needed.

    • Re:Not as great as it looks (Score:5, Informative)

      by Jeremiah Cornelius ( 137 ) on Wednesday March 12, 2003 @12:39AM (#5491141) Homepage Journal
      Here are some of the problems with OWA:

      * IIS must be secured against cross-site and Unicode attacks. In reality, this means URLScan and IISLockdown. URLScan often makes undeliverable, messages which can be accessed via the Outlook 'fat' client. Example: the message with a subject-line 'This is the Visio...' will be acceptable to Outlook. OWA will turn this subject-line into the document name at the end of a URL. URLScan sees 'https://(fq.servername)/exchange/This is the Visio....msg', and parses the sequence of four 'dots' as a possible directory traversal. Access is denied! User sees a 404, big PITA. Expect lots of tech support calls on issues similar to this one.

      * All the groovy advanced features are supported only under IE. Other browsers get a functional, if unexceptional subset. There is no activeX plugin or anything - MS just uses nifty, DHTML and VBScript for drag-n-drop, etc. in OWA. The server-side ASP on OWA effectively generates a different, alternate interface for non-IE clients.

      Weigh your options, and see if it isn't better to publish Exchange access through an SSL-style VPN appliance like Neoteris or Aventail.

      • OWA will turn this subject-line into the document name at the end of a URL. URLScan sees 'https://(fq.servername)/exchange/This is the Visio....msg', and parses the sequence of four 'dots' as a possible directory traversal. Access is denied!

        IMO, the OWA is doing somewhat stupid thing here, but that should work anyway. URLScan [microsoft.com] seems seriously broken. Perhaps I'm a little stupid but could somebody explain how string "This is the Visio....msg" could be ever interpreted to mean "directory travelsal" instead of simple file name? And while you're on it, could you please also explain why IIS doesn't include equivalent functionality (sensible logging, file size limits etc) by default. It cannot be because of "bloat".

        All the groovy advanced features are supported only under IE.

        Are you really surprised that MS product (OWA) works better with MS product (IE) than with some competing browser? Me neither.

        • Exchange 2000 represents its DBMS message store as a filesystem, mounted as M: (!)

          I think that Exch4/5 used a MAPI-style client-connection to get to the message store. In 2000, the M: drive is browsable -with the right perms- and full of sub-dirs named for each of the NetBIOS compatible logon names of the recipients. These appear to contain subdirs for mailbox folders, with messages as discreet filesystem objects. These are in the form [subject-line text].msg.

          For message access, OWA constructs mailboxes by pointing to the .msg files as URLS - including ASCII/Unicode conversion to Hex for delimiter chars ( [subject-line%20text%2Emsg] ).

          URLScan is pretty 'dumb'. It doesn't have complex rules, just a text-file config, with prohibited extensions (.exe, .com, .bat) and prohibited URL combos (%2E%2E%5C, %2E%65%78%65). I'm pretty sure that if ".." is prohibited, then the first two "dots" match the rule, URL is blocked, and a 404 is generated by IIS. You never parse farther down the URL. You will also block attachments with .exe extensions, because they are represented as URLs too. URLScan behaves just like you are trying to submit input to an .exe on the webhost, even though this is a simple GET, without a form.

          The point is, this works most of the time. When it doesn't, you have a high-frustration situation for the user, with arelatively involved technical explaination. Do you want this situation when the user is a Senior Vice-President?

          • URLScan is pretty 'dumb'.

            "Pretty"? "Really" would be a better word.

            You will also block attachments with .exe extensions, because they are represented as URLs too.

            Oh.. and attachments without ".exe" extension but with MIME-type that tell the system it's an executable get through? Nice system...

            I'm not familiar with URLScan or ISSLockdown but they sound a lot like a hacky patch to a broken architecture. I'm happy I don't need to use any of those pieces of software :-)

            • You are lucky.

              Yes, MS IE dones NOT respect MIME types, and MS has no fix here! I think IIS may well respect these - but URLScan is tasked to protect the clients too.

              I do not know if the architecture is "broken". Many parts are implemented poorly, or with a bias to err on the side of user simplicity - without regard to systemic consequence. I agree that the net effect of these manifests the same behavior as a fundamental architectural deficiency.

              I work in InfoSec. The longer I do this, the less bias I have towards one imlementation or another. You move your problem around the system - like a puzzle of sliding tiles. That said, I use *N?X systems as a matter of course, and don't have a Win box without Cygwin...

  • Cross Platform as well as remote users (Score:4, Insightful)

    by elliotj ( 519297 ) <slashdot&elliotjohnson,com> on Tuesday March 11, 2003 @11:45PM (#5490879) Homepage
    Considering that a native OS X Outlook client is the one major app that makes it annoying to use a Mac on a Windows network, improvements in OWA are very welcome.

    Up to this point, OWA hasn't been an acceptable subsitute for me, but I would like it to be. It's lightweight (esp. compared to Outlook), cross platform and definitely better in X2K than it was in X5.5.

    I wonder what MS will have as the additional features you get in 'real' Outlook as OWA gets better. I have heard they're considering a native OS X Outlook client, but I'm not holding my breath.

    This would be great for cross platform users. One of the reasons people like the mac is that you can use Office on a unix workstation, but without Outlook, it's still slightly kludgy.
    • The native os x client to microsoft exchange server is due by summer 2003, according to microsoft/mac website.

      I'm just waiting for that moment to go to my boss and make him swap by current (crap) dell laptop for a powerbook.
    • You can use OpenOffice.org with a rootless X server right now. Apple are rumoured to be doing a Carbonised version Real Soon Now(tm), too, and all the time it gets better. KMail is ramping up to be better than Outlook in all respects except the matter of being a virus incubator. Safari AKA Konqueror is now a Carbonised Apple-ication. And so it goes.

      Unless each new MS-Office has some amazingly useful new features, assessors won't be asking of OpenOffice.org, `is it good enough to replace MS-Office' but `why shouldn't we replace MS-Office with this faster, portable, safer and more useful office suite'? Especially since it's both Free and free.

      There are quite a few webmail apps, but since web and direct connection are quite different environments, it's not really that flash an idea to try to make them indistinguishable.
      • While I appreciate your point, and have no great love for Microsoft Office per se (although it is very good on OS X I must admit), the issue I was really trying to address was that of a Microsoft Exchange client. None of your suggestions would really be suitable for people needing to tap into the groupware components of Exchange (shared clendaring, contacts, meeting planning etc). That's one major place where Exchange has traction within organziations and for which we are at the mercy of Microsoft to provide a client. The only non-MS client I know of is a connector for Evolution that you can purchase from Ximian.

        • And the Ximian connector uses OWA to gain access to the calendar/contact information from Exchange Server that is not available by IMAP...

          Until we get standard protocols for calendars & contacts and Exchange supports them, we're stuck with OWA...

          Balam
        • I presume KDE libraries are available for OS X for free but suspect that the Qt component is pay-for on Macs. I don't know how hard it would be to Aquafy Kolab.

          KMail is being groomed as an Exchange client and married to Kolab, which is being constructed (indirectly by the German government) as a FOSS replacement for Exchange.
  • My Big Company also does VPN. Even if I could get e-mail via the web, I'd still have to use VPN to access other things (like our source-code machines for Perforce commands).

    Back to e-mail, all I want is the ability to forward my mail to an address of my choosing (at least so I can do better filtering and sorting with Procmail). If I have that (which I do), I couldn't care less what e-mail servers they run.

    I want all my mail in one place (in my mail spool on my home mail server) so I can check all my mail just by hitting Tab. I don't want to have to log in to some lame web client several times a day just to read mail.

  • VPN not used for just Outlook though (Score:4, Insightful)

    by SpaFF ( 18764 ) on Tuesday March 11, 2003 @11:45PM (#5490887) Homepage
    While this seems a feasable idea for people who use VPNs just for outlook, sometimes you need a VPN connection because you need a "workplace" IP. Many organizations have websites, fileshares, etc. which are only available if you are trying to access them from an IP address that is on the local network.

    Also AFAIK OWA doesn't let you do things like set up filtering rules, personal folders, and other things that the Outlook client allows you to do.

    • The newest of their betas for Exchange will let you do rules just fine. It is getting harder and harder to distinguish between the Outlook client and OWA. In fact, if you have some spare time on your hands, it's wise to check whatever betas they have on offer at the site. If for any other reason, you can see where things are going with their products and prepare accordingly.

      CliffH

  • Can OWA do Mozilla? (Score:1, Interesting)

    by Anonymous Coward
    Since for a lot of companies the big dealbreaker for switching to Linux desktops is Outlook/Exchange and its calendaring capabilities, is this a way to avoid that? Can you have an exchange server setup but have everyone in the company use the web client on Linux so outlook itself is not necessary?
    • Yeah I can access out OWA server here at work using Mozilla on Linux. It has access to mail, calendar, contacts, and the "public folder" system. It doesn't have some of the more "sophisticated" features of the Outlook client though. Import/export support, mail filters, etc.

    • OWA can work with Mozilla, Netscape, etc, but it's a pretty different experience and does not offer all of the functionality that OWA under IE does. Folders are in different locations on the screen, etc.

  • UT arlington (Score:3, Informative)

    by Hadlock ( 143607 ) on Tuesday March 11, 2003 @11:47PM (#5490895) Homepage Journal
    I use OWA every day at UT Arlington, it works flawless for me on 98, 2000, XP and OS X. This is, of course, when I'm not at my personal computer downloading emails to mail.app. For some blasted reason you can only send email through the university servers when you're physically connected to the univ network via STMP or whatever. I can't use mail.app to send email from my offcampus apartment. fuck. so i have to log in and turn off pop up window protection in chimera/navigator/camino to send mail via the web interface.

    i hate having to delete all my sent/recieved email with attachements. could they make deleting email any less intutitve?

    all in all it works for me and the rest of campus of 22-23 thousand people + faculty. what was the question again?
    • if your isp isn't egress filtering on port 25 (which a lot of them do), you might want to talk to the mail admins and see if they can setup authenticated smtp so you can use their servers from off campus to send your mail, if you configure your client to authenticate.

      they've got exchange setup for that here, and it works great, except when exchange decides it wants to lose some of the mail (yay!)

  • Why OWA? (Score:2, Interesting)

    by digerata ( 516939 )
    Man, I could be shuch a fawking troll right now. Especially since I got home from the bar just now.

    But I won't and I won't burn the karma.

    I guess I am just one of the luckier ones. We have several thousand users streched all over the globe and we don't touch Outlook or Exchange. We never will.

    But since there still isn't an enterprise open source offering that compares. We are Novell Groupwise, all the way. And guess what? We have never had a attachment virus, ever.

    Okay, drunkin troll read head... Fook Exchange!

    • We are Novell Groupwise, all the way. And guess what? We have never had a attachment virus, ever.
      No surprise. I guess there are two major reasons for Groupwise being less vulnerable to that:
      1. It's a pain to use. When people try to prevent using it, the chance that they click on an attachment they shouldn't is lower.
      2. The rest of it doesn't work either, so why should VBA attachments?
      • I've administered GroupWise 5.5, and tested 6.5 and also both Exchange 5.5 and 2000. GroupWise does work -- and it works well. In a lot of ways it works better than Exchange but in others not as well. It would be interesting if you could explain some of the thoughts behind your opinions on this.

  • Yeah, maybe, as far as email goes. But you'll still need VPN to access the file server, where the resources/research/collabrative documents live. Maybe you could do that through an https login, which has a familiar interface and is compatible with nearly everything that can use a web browser. But then the docs themselves wouldn't be secure, right? So forget it.
  • For those who use Microsoft Outlook Web Access - do yourself a huge favor and run something other than IE before declaring it sucks. Hitting the server with mozilla will give you a smaller feature set, but it is very usable on low bandwidth connections. Since I go through machines like candy, I've always left my mail on the server. Several thousand messages later... and IE takes forever before it caches everything. Whenever I need to search or move folders around I'll switch to IE, but for the day in day out stuff use something else. Heck, webmail makes even Netscape 4 look good.
  • At work I have 3 PST files, and they're about 3GB total. I NEED my PST. I need my archive. I have everything pretty much anybody has ever said to me and anything I've ever replied with in that PST. With OWA I'm dead in the water.
    • I've seen this comment elsewhere, and this isn't a problem with OWA at all, it's a procedural/methodology problem. Basically, you're not storing your mail on the server. Of course a webmail interface isn't going to access everything you've got, because it's not on the server.

      But what if it WAS on the server? What if you DID have that 3GB of archived mail on the server? Would OWA be okay for you then?

      And what's keeping you from putting it on the server? Your mailadmins setting quotas? Concerned about privacy? Performance?

      • this isn't a problem with OWA at all, it's a procedural/methodology problem

        Yes indeedy. I cringe when people proclaim their utter reliance on PST files; they're not impervious to corruption, you know.

        * Put it on the server. If there are quotas and it's that important, work with the admins or your manager to devise a proper and workable resolution.
        * Alternately, and again, if it's truly that important, consider a document management system or some other real mail handling system.

        Either it really is that crucial, in which case you're living on a wing and a prayer with your current procedures, or it isn't that crucial, in which case you may need to re-evaluate your procedures.
    • I have extreme difficulty believing you have 3GB of vital conversation in your PSTs. Lose the attachments and see if it doesn't drop to less than 800mb.
      • I've gotten rid of many of the attachments. The problem is that there are user's guides, project plans, firmware drops, etc. that I need to keep. A lot of it is CYA, though. If I didn't have to worry about stuff coming back to bite me on the ass I wouldn't keep nearly as much as I do.
    • The proscribed limit on pst file size is 2GB. After that you are going to have to end up running fixpst every few weeks - especially if your pst is on the server and you are accessing it over the network and never closing outlook, autoarchiving, or deleteing deleted items(!).

      Backing up a pst of this size is a ridiculous venture.

      With OWA you keep your ridiculous amounts of c.y.a material on the exchange server where it is more efficiantly maintained *and* accessible from OWA.
      • Um, as I said, I have 3 pst files. I've split them up and only open them when I need them. One PST has date over two years old and is unlikely to grow. Another is for my little used folders. This kind of organization is only possible with locally stored PST files and it helps that wherever I am, the data is quickly accessible.
        Unlike others in my department, I have a minimal number of items in my Inbox and I know exactly where items are when I need to go splelunking for them.
        (also, our server admins have draconian mailbox size limits, so anything else is impossible)

  • OWA isn't that great (Score:4, Informative)

    by Bishop ( 4500 ) on Wednesday March 12, 2003 @12:26AM (#5491092)
    Ofcourse MS is pushing OWA over SSL. MS does not have a good VPN product.

    I have used both Outlook and OWA. I did not like OWA. I found that OWA was slow. Meeting reminders did not work. Autosave was tempremental. I lost a few emails when OWA lost its connection to the server (the fault of my ISP). In short useing real Outlook was better.

    There are also security risks with OWA. Unless you outfit every user's browser with a SSL cert then a user can use any web browser to read their email. Before you know it you have your users checking their coporate email from Internet cafes and other insecure places. Furthure an attacker would like nothing better to do then start guessing at passwords and reading coporate email.

    If you are going to manage SSL certs you might as well go whole hog and run a VPN. A VPN provides both security and an additional ammount of control to system administrators.

    As others have written accessing the intranet is more then just access to email. VPNs also allow users to access file servers, and company internal webservers.

    VPNs work and provide your users with more then just email. OWA over SSL is a hack.

    • Great point about client certs! Users and admins seem to forget that the client computer itself may not be secure, in which case you can't trust SSL.

      There are also many other features you lose without a full client application; especially the ability to have your entire mail folder on your own computer (so that you only have to retrieve new mails).

  • Outlook plugins a necessity. (Score:3, Interesting)

    by FrenZon ( 65408 ) on Wednesday March 12, 2003 @12:54AM (#5491228) Homepage
    With the prevalence of PDAs, and phones with PDA functions, it's getting ever harder to break the Outlook stranglehold - my phone syncs with my Outlook contacts/calendar/todo, and that's VERY important functionality. I'd love to use another PIM, but until the syncing software is available, I, and many other business users aren't likely to make the transition.
  • OWA won't replace much of anything for me, since I keep my Calendar and e-mail on my PDA and sync it (via Evolution). If anyone can manage to do that through the web, then I'm impressed (and I want links so I can do it myself).
  • I hate Kapor's project kills Outlook dead.

  • Really not there yet. (Score:2, Informative)

    by mpechner ( 637217 )
    I have access to both outlook via vpn and OWA. For the normal user, OWA is fine. But if you have custom views, OWA is not an option. My task list is grouped by a numeric priority and by project. You can't do this with OWA. Maybe owa.net will have the functionality. Ever notice that nets are use to capture things? I think .NET is Microsoft being honest.
    • My task list is grouped by a numeric priority and by project. You can't do this with OWA.

      So learn CDO and vbs and alter OWA. It's not that hard.

      • I was the example. Do you expect everyone in the company to learn how to program? Or maybe expect IT to have someone who job is to code each persons custom view? Think about the big picture. I stand by my original premise, OWA is not really there yet.
  • maybe. but not for a couple of versions yet. I sometimes use OWA but it lacks many features and usablility is a little off. So maybe in a version or 2.
  • After having to deal with OWA for two weeks being off site, I have to say that hyping that system is a losing battle. In the course of two weeks, I easily lost 6 hours of productivity. I also spent an hour with the IT people trying to figure out a way around the firewall that let me just use Outlook and the VPN client.

    The objectives are productivity first, while maintaining security. People need to remember this first!

    That said, the concept of web access for remote resources is a good idea. You just can't loose ANY of the functionality that you rely on for the normal product. Just for starters, we have spell check, signatures, reminders, and accurate rendering of attachments (no more "This file type is not yet supported" HTML files when you save an attachment!!!). If you really want to get fancy, you need to have a means for offline access too!

    Until the product lets you at least do as much as Pine 1.0, give me a hole in the firewall!

  • link here

    if you use windows 2003 server, AND you use exchange 2003 server, AND you use outlook 11 you can connect to exchange directly w/outlook via ssl w/o a vpn. this is good enough for many people.

    they've changed the exchange/outlook pair to be much more remote-friendly and less bandwidth intensive.

  • OWA is actually quite nice IMHO, especially if you are using IE under Windows. In my experience, it works reasonably well with Netscape/Mozilla, as well as Apple's KTHML-based Safari. However, before you switch to an all-webmail system, you ought to consider the following:

    * Offline Access: If your organization, like ours, has a lot of travelling users, they will not be able to catch up on email while they are, for example, catching a flight. This can be mitigated with Mobile Information Server. (ActiveSync your PDA over the 'net before you get on the plane.)
    * Convenience: Checking email over the web is generally considered not as easy as checking it w/ a dedicated client. That's why many folks, like Yahoo!, no longer offer free POP3 services unless you pay up--because many people are willing to spend money for the convenience. Further, many users navigate to sites by typing in the URL in the "Start | Run" dialog box, which will cause them to inadverdently navigate out of their OWA client and thus stop new mail notification.
    * Security: Since you mentioned SSL... Many firewalls, for obvious reasons, cannot inspect traffic encapsulated in a SSL tunnel. So any application-level protocol protection provided by the firewall will be rendered useless. Example of this would be the Cisco PIX 515's "fixup" commands.
    * More security: Having OWA generally means that users can access your email system with non-company issued systems. You can secure your servers all day long, but a simple key logger on a non-company system can bring you down to your knees. Especially since many Windows shop does unified login user/pass w/ Active Directory.

    That said though, I use OWA to check work email every night on my Mac when I make it home. It works fine. When implemented properly it's a great compliment to Outlook, but IMHO it's probably not suitable as a replacement of Outlook
  • We're a GroupWise shop and have been running WebAccess (same thing - web frontend that replicates 95% of the client's functionality) for a few years. We're not a massive corporate either, but have about 300 users at various sites.

    For almost all of the "remote email" use people need, WebAccess does the job nicely. It's generally people just checking email/appointments from home or when they're at client sites - they can just type in a URL, put in username/password and be there. Even the people who use VPN also use WebAccess from time to time because it's often more convenient than getting out the laptop, hooking it up to LAN/modem/mobile and syncing.

    We have a few people who work from home most of the time and are perfectly happy with WebAccess. I've not used OWA recently, but WebAccess does almost everything people would need, works properly across different browsers, it's very light so it works acceptably even on 9600bps mobile connections (there's even WAP and Palm VI versions) and handles things like spellchecking and addressbooks via Java apps. People can set up and change rules, change passwords, proxy to other people's accounts, access shared folders. If OWA is at that kind of state now then it should also be fine for most.

    We also have some people who need to be running the full client and VPN. People who need to sync then work offline or who have more complicated calendars that are better managed by dragging things about than editing individual appointments.

    I wouldn't drop VPN, but a decent web frontend for your groupware stuff can reduce a lot of the need for it, and those who just need a quick and easy check of their mail can do it with far less complexity.
  • I implemented OWA in my on organizationa s a nice bonus and now it has become more or less mission critical. There's almost nowhere you can go these days where you can't get easy access to a web browser; OWA is well worth it even in the old 5.5 version we use. Future upgrades will no doubt improve on things.

    But it isn't as powerful in some regards as full Outlook, and in my mind the best way to get full Outlook on Linux etc. is Terminal Server to a real copy. The Linux RDP client is in great shape.

    Of course, there are costs associated with this, so an OWA solution is also an important part.
  • You could always rip out your Exchange servers and replace them with Domino on Linux. Your users could then use iNotes to access their mail via the Outlook client, or use the iNotes web mail interface via SSL, or use IMAP or POP3 and SMTP with their choice of mail program. Or even use Notes.

    You could also consolidate a bunch of Exchange servers onto one iSeries box, and cut your costs. Domino on iSeries has been shown to deal happily with up to 10,000 simultaneous mail users on one server.

  • Offline synchronization (Score:2, Informative)

    by beaner ( 38376 )
    I use OWA with work on a pretty regular basis, but my main problem with using it as a primary means to access email is its lack of offline synchronization. I'm a consultant, and as such I tend to travel a lot, which means I am often without connectivity. I'm sure the same thing goes for travelling sales people, executives, etc.

    Internet connectivity is still not ubiquitous, but as long as you've synched your laptop, you at least have your old email, and can compose new emails, queueing them up until you have a chance to synchronize again. Given that email tends to be one of the primary means of communication when working in large, geographically disperse teams, having offline access to old emails can be a lifesaver at times (say, when you're onsite with no Net access and need to make an emergency phone call, but the contact info happens to be in an email somewhere).

    Other than that, OWA is usable, but not great.. In my experience, I've had formatting issues, and the occaisional IE crash. Of course, Outlook crashes too, so there's not really much difference there..

    - Sean
  • I used to do tech support for the MS 5.5 Exchange Server Client team, and we heard during training that OWA was pretty much a last minute hack that was never actually supposed to be utilized as much as it was.

    Of course, as more and more people started using it (and our call volume on it rose!) MS started to concentrate on improving the web client more. The jump from OWA in 5.5 to 2000 is terrific, and I expect that progress to keep getting better. Hell, even between 5.5 service packs OWA improved significantly.

    I already have an SSL cert on the OWA server that I work on now, so I'm looking forward to the next incarnation of OWA.

    URLscan, properly tweaked for use with OWA, isn't as bad as some have said, but it isn't perfect either. I consider it a necessary evil which is far better than the possible alternative of not using it at all. It might choke on an attachment here or there with an odd character in the name, but overall the negative effect is minimal.

  • It works OK, but most users really don't like it all that much. It can be slow and there are occasional problems with needing to refresh a web page because it didn't completely render. From my understanding there are frequently scheduled reboots of these OWA enabled servers.

    The Outlook Web Client is limited compared to the full Outlook client. Those heavy email users would find it unacceptable for frequent use. It's fine for getting one's email remotely but it's not good enough for constant use.

    Since the OWA runs on Microsoft IIS on the NT/2000 platform, you have GOT TO MAKE SURE that it is patched and updated very frequently. I know of smaller outfits who didn't do this and when Code Red and Nimda were rampant they were infected.

    In addition to OWA we also use some Citrix abilities for Intranet and other access via a web interface but the encryption is increased for these services using the RSA SecurID fob and high encryption.

    We run VPN as well for those work at home or frequent travelers (high speed hotel access). I've got a laptop hooked up right now running VPN using the RSA SecurID system for high encryption. This is preferred! I can access everything exactly as if I was in the office and it's just slightly slower than being on the WAN in a field office. It is completely acceptable. I can access client/server systems, Intranet, Host, etc. All from the comfort of my home.

    Yeah VPN and RSA encryption are not cheap but neither is office space. Go ask someone in the know what it costs to maintain an office or cubicle for a single employee. You would be surprised. The ones in the know factor in electricity, floor space, heat, air-conditioning, parking, phone, network, etc. into the equation. Consider all these costs over the cost of VPN, encryption, cell phone, phone line and the power and flexibility of working remotely.

    Heck, I pay for my own broadband connection out of my pocket anyway. Putting the work laptop on the home network was a no brainer. I am not looking for work to pay for the broadband connection at all. I just want to be able to utilize VPN to get to the corporate network.

    I don't get to work at home but I am on call and I am able to respond to an outage much quicker using broadband and VPN. To dial into the network and then have to run my desktop remotely via pcANYWHERE is much slower then VPN. This remote control is a workaround for the low bandwidth. Just to reset a password could take me 40min. without remote control. With remote control it takes about 15min. With VPN, I can do it in about 10 seconds because the laptop is on my network and left booted up. I just have to login to the VPN and double-click a VB app, type in the ID to reset and click OK.

    Everyday tasks are accomplished as easily as if I were in the office directly connected. The productivity gains of working at home are amazing. You would not believe the distraction in a busy office. Noise, chit-chat, waiting in line at the cafeteria, worthless meetings, etc. I get so much more done it's not funny!

    Dire Straits would sing "I WANT MY VPN" instead of "I WANT MY MTV".
  • Having been responsible for installing and managing OWA setups, I'd strongly recommend an imap client over OWA.

    Someone who is used to the intermediate user features of Outlook (i.e. message filtering and folders [specifically, marking a group of message for moving into folders]) will find OWA a major PITA.

    Sure, OWA is great for simple access to e-mail from a public kiosk. But OWA simply won't please the daily user of an Exchange e-mail system.

    • I agree with you, and use IMAP (over SSL or VPN) myself when remote. However, e-mail's just the tip of the iceberg for most Outlook users. What do you do for Outlook's non-mail features i.e. the GAL (global address list), contacts, calendars, tasks, etc...? There's no way to access these over IMAP.

      In my case I fall back to OWA or Outlook over VPN for those, but what if they weren't available?

      Balam
      • Good question.

        The global address list can be queried via LDAP.

        But you're right about calendars and tasks. Those would not be accessible through imap. For those I'd have to send them to OWA.

        • LDAP also won't get you to the contacts in your Contacts folder or any other folders in your Mailbox or Public Folders either, which are often more relevant than the GAL.

          Note that OWA 5.5 is also deficient in this area since it only allows you access to your primary Contacts folder, and not to any Public Folders that contain Contacts. OWA 2000 is supposed to improve on that but still has some restrictions I can't remember.

          I still don't see why MS doesn't just make Contacts and Calendar items accessible ov

  • I did a consulting gig for a small company that does landscaping. I noticed the boss was running OWA, and I asked him why don't he use outlook. His reply was, "This is outlook, see it says 'outlook'"

    They had the exchange services provided by the ISP, guess that is a good thing becouse they didn't have a local admin to reboot exchange server all the time.

  • At the risk of running afoul of the anti-upgrade/anti-microsoft sentiments on Slashdot, it should be noted that the next version of Office (which just went beta 2), in combination with Windows Server 2003 and Exchange 2003 (Titanium) will allow remote users to use the native Outlook client to connect to an Exchange server using XML-RPC over HTTPS. This should allow remote users to dump the need for VPN if all they're doing is connecting to Exchange. Combined with some strides that Microsoft has made in making Outlook work better in an offline/caching mode, this is a really decent solution for using Outlook if you're a remote user.

    So far as OWA, Titanium has a much better interface than Exchange 5.5 (ugh) and even Exchange 2000. OWA will support creating and editing server-side rules, and now includes integrated spell-checking, so if the Windows Server 2003/Exchange 2003/Outlook 2003 combination is too daunting (either financially or technically), Exchange 2003 OWA would be a good second choice.

    • New Page 1

      from the seaside software web [seasidesw.com] site: What it is:
      HiPerExchange is software only solution that is installed on the remote PC (Win '98 and
      up; IE 5.0+). No server-side component whatsoever. Does require E2K
      server, not 5.5, however.

      Target user: remote/mobile Exchange user who faces Outlook slowdown over
      low-speed lines
      IT shops that wish to expand browser-based mail use
      thru high performance, offline use

      What it does:
      Background http(s) synch to pull down user's mail store. Synchs hea

Slashdot Top Deals

The Tao is like a glob pattern: used but never used up. It is like the extern void: filled with infinite possibilities.

Close