Exchange 2007 OWA Redirect Bug Introduced with Exchange 2010 SP1

The Customer where I now work has a mix of Exchange 2007 and Exchange 2010 users.  It seems that SP1 has introduced a obvious bug.  Before I get into that, I’ll give some background on how Exchange 2010 coexists with previous versions of Exchange.
When you have a mix of Exchange 2010 and older versions in your environment, you have to do a bit of work to make the two work together for your external users.  In a nutshell, you use Exchange 2010 Client Access Server (CAS) as your primary entry point for all external users. 
Say you use webmail.wardvissers.nl as your externally accessible URL.  If an Exchange 2010 user logs in from the Internet, the Exchange 2010 CAS will do its thing and the user will get a nice Outlook Web App screen.
If an Exchange 2007 user logs in using webmail.wardvissers.nl, the Exchange 2010 CAS will redirect the user to an externally accessible Exchange 2007 CAS using a different URL (like legacy.wardvissers.nl).  The redirection is silent, but the user may notice their browser changed to legacy.wardvissers.nl
How the redirect is handled is managed by the LegacyRedirectType setting in the Exchange 2010 OWA virtual directory.  In most cases, LegacyRedirectType is set to Silent.  To see what the setting is in your environment, run:Get-OWAVirtualDirectory -Server <CASservername> | FL Identity, LegacyRedirectType

In SP1, this redirection is no longer silent.  When your Exchange 2007 user logs in via webmail.wardvissers.nl, they are presented with this screen:

The text reads:

A temporary change has occurred that requires you to connect to a different server.  To connect, click the button below.  For security reasons, you’ll be asked to enter your user name and password again.

Sure enough, when you click Connect, you are redirected to legacy.wardvissers.nl, where you have to re-enter your user information.
Thankfully, the same sort of thing doesn’t seem to happen with Outlook Anywhere or ActiveSync clients.
I checked the LegacyRedirectType value on my 2010 SP1 CAS boxes and they are all still set to Silent.  The issue occurs because the OWA virtual directory value for LegacyRedirectType is being ignored.  This is an extraordinarily unfortunate thing to have been introduced with SP1.   If you have a mixed Exchange 2007/2010 environment, I suggest you wait until the rollup 2 is out before deploying SP1. 

Update 15 December 2010

Update 2 for Exchange 2010 and the fix is there described 2458419 "A temporary change has occurred that requires you to connect to a different server" error message when Exchange Server 2007 mailbox users try to access their mailboxes by using an Exchange Server 2010 Client Access server

You can download the rollup HERE

Translate »