Configure Exchange Outlook Web Application and Exchange Admin Center
Hideez Enterprise Server – Integration of Hideez Server with Exchange OWA and Exchange AC via WS Federation

Step 1: Configure integration for Exchange OWA in Hideez Server
Login to Hideez Server as Administrator.
Navigate to WS Federation Settings:
Go to Settings → Parameters → WS Federation section.
Add Exchange OWA as a Service Provider:
Click Add Service Provider.
Fill in the following details:
Name: OWA
WT-Realm:
https://{owa-url}
(e.g.,https://mail.example.com/owa/
)Reply URL:
https://{owa-url}
(e.g.,https://mail.example.com/owa/
)In our case
https://exch.lab.hideez.com/owa/
Click Add.


Obtain IdP Details:
Click on Details for the newly added service provider.
Download the IdP signing certificate.
Copy the IdP WS Federation URL.

Step 2: Configure integration for Exchange admin center (EAC) in Hideez Server
Add an Exchange admin center (EAC) as a Service Provider:
Click Add Service Provider.
Fill in the following details:
Name: ECP
WT-Realm:
https://{ecp-url}
(e.g.,https://mail.example.com/ecp/
)Reply URL:
https://{ecp-url}
(e.g.,https://mail.example.com/ecp/
)In our case
https://exch.lab.hideez.com/ecp/
Click Add.


Obtain IdP Details:
Click on Details for the newly added service provider.
Download the IdP signing certificate.
Copy the IdP WS Federation URL.

Step 3: Configure Exchange Server Sign-On via Hideez Server
1. Install the Certificate on the Exchange Server for Exchange OWA:
Open the MMC Console on the Exchange Server:
Press Win + R, type
mmc
, and press Enter.In the MMC console, go to File → Add/Remove Snap-in.
Select Certificates from the list, then click Add.
Choose Computer account and click Next → Select Local Computer → Click Finish → OK.



Import the Certificate
In the MMC console, navigate to:
Certificates (Local Computer) → Trusted Root Certification Authorities → Certificates.
Right-click on Certificates → All Tasks → Import.
Follow the Certificate Import Wizard:
Click Next and browse to the location of the
ws-fed-signing-owa.cer
Select the certificate and click Next.
Ensure the certificate is placed in the Trusted Root Certification Authorities store.
Click Next → Finish.







2. Execute Commands in Exchange Management Shell for Exchange OWA:
Open the Exchange Management Shell and execute the following commands:
Set-OrganizationConfig -AdfsIssuer "{Hideez WS Fed URL}" -AdfsAudienceUris "{OWA Base URL}" -AdfsSignCertificateThumbprint {Hideez Cert Thumbprint}
In the above command:
{OWA Base URL}
is the Exchange OWA host,{Hideez WS Fed URL}
is the Idp WS Federation URL.{Hideez Cert Thumbprint}
is the thumbprint of the certificate you downloaded and installed.
Example:
Set-OrganizationConfig -AdfsIssuer "https://dev.hideez.com/wsfed" -AdfsAudienceUris "https://exch.lab.hideez.com/owa/" -AdfsSignCertificateThumbprint d80e7aa3d27ac800fb2d5fa7c08748a73d924cd2
Step 4: Configure Sign-On to Exchange admin center (EAC) via Hideez Server
1. Install the Certificate on the Exchange Server for Exchange OWA:
Open the MMC Console on the Exchange Server:
Press Win + R, type
mmc
, and press Enter.In the MMC console, go to File → Add/Remove Snap-in.
Select Certificates from the list, then click Add.
Choose Computer account and click Next → Select Local Computer → Click Finish → OK.



Import the Certificate
In the MMC console, navigate to:
Certificates (Local Computer) → Trusted Root Certification Authorities → Certificates.
Right-click on Certificates → All Tasks → Import.
Follow the Certificate Import Wizard:
Click Next and browse to the location of the
ws-fed-signing-ecp.cer
Select the certificate and click Next.
Ensure the certificate is placed in the Trusted Root Certification Authorities store.
Click Next → Finish.







2. Execute Commands in Exchange Management Shell for Exchange admin center (EAC):
Open the Exchange Management Shell and execute the following commands:
Set-OrganizationConfig -AdfsIssuer "{Hideez WS Fed URL}" -AdfsAudienceUris "{ECP Base URL}" -AdfsSignCertificateThumbprint {Hideez Cert Thumbprint}
In the above command:
{ECP Base URL}
is the Exchange Admin Center (EAC) host,{Hideez WS Fed URL}
is the Idp WS Federation URL.{Hideez Cert Thumbprint}
is the thumbprint of the certificate you downloaded and installed.
Example:
Set-OrganizationConfig -AdfsIssuer "https://dev.hideez.com/wsfed" -AdfsAudienceUris "https://exch.lab.hideez.com/ecp/" -AdfsSignCertificateThumbprint 3e04c68e71a591de637d0d21dcfd8e6f4b843684
Step 5: Configure Virtual Directories:
1. Configure virtual directories for AD FS authentication for OWA:
Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -AdfsAuthentication $true -BasicAuthentication $false -DigestAuthentication $false -FormsAuthentication $false -WindowsAuthentication $false
2. Configure virtual directories for AD FS authentication for Exchange admin center (EAC):
Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -AdfsAuthentication $true -BasicAuthentication $false -DigestAuthentication $false -FormsAuthentication $false -WindowsAuthentication $false
Step 6: Restart Internet Information Services (IIS)
Restart IIS to apply the changes:
net stop was /y
net start w3svc
Last updated
Was this helpful?