Here are the ISA Server/Forefront TMG HTTP Policy settings I use for ECP, OAB and Autodiscover. These settings were tested with Outlook 2007/2010 and Exchange 2007.
|
Setting and rule |
*Exchange ActiveSync |
*RPC over http |
|
General tab |
||
|
Maximum headers length |
32768 |
32768 |
|
Maximum payload length |
10485760 (10 MB) |
Any |
|
Maximum URL length |
1024 |
16384 |
|
Maximum query length |
512 |
4096 |
|
Verify normalization |
Yes |
Yes |
|
Block high bit characters |
Yes |
Yes |
|
Block responses containing Windows executable content |
Yes |
Yes |
|
Methods tab |
||
|
Allow only specified methods (see WEBDAV Methods http://msdn.microsoft.com/en-us/library/aa142917(EXCHG.65).aspx) |
OPTIONS POST |
RPC_IN_DATA RPC_OUT_DATA GET POST |
|
Extensions tab |
||
|
Action taken for file extensions |
Allow only specified extensions |
Allow only specified extensions |
|
Extension list |
. (dot) |
.dll (rpcproxy.dll) .asmx (Exchange Web Service) .xml (for Auto discovery) .lzx (for OAB) .wsdl (Exchange Web Service) |
|
Block requests containing ambiguous extensions |
Yes |
Yes |
|
Headers Tab |
||
|
Blocked headers |
None |
None |
|
Signatures Tab |
||
|
Blocked signatures:Request URL |
./ \ .. % : |
./ \ .. % & |
Author: Jan Tiedemann, Senior Premier Field Engineer
Thank's for the guide, really usefull! We want to see more like this 😉
Just one question. When I use the Blocked signatures in ActiveSync HTTP-Filter, Nokia Phones can't download attachments anymore. When I look at the log on TMG it shows that they request the file with a "%" in the path. I guess that's the problem.
Can you explain shortly, WHY you block certain signatures? I have a few customers, that have issues with their Nokia phones.
Good part ist, that ActiveSync is not officially supported in our environment so I am very flexible 😉
THX!
"Allow only specified methods" is not working for iPhone users
social.technet.microsoft.com/…/65f65cb2-92e4-45a6-ade8-163f03619524
Could someone also publish these settings for:
Exchange 2010
Exchange 2013
for OWA, Outlook Anywhere, ActiveSync and AutoDiscovery
I’ve searched for hours but cannot find anything new regarding these Exchange versions.