urlscan + OWA spell checker
- From: "Brian Edwards" <BrianEdwards@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 28 May 2005 22:33:38 -0700
After enabling urlscan on my Exchange 2003 server, my OWA users can no longer
use the spell checker. I have modified the urlscan.ini file to support .dll
extensions, as required by the spell checker, but can't seem to make it work.
Also, I was wondering if I am missing any customization options in my
urlscan.ini file. Recommendations?
TIA.
Error from urlscan log file:
Client at 192.168.0.132: URL contains extension '.dll', which is disallowed.
Request will be rejected. Site Instance='1', Raw
URL='/exchweb/bin/spell/owaspell.dll'
urlscan.ini:
; Exchange 2003 Urlscan configuration for OWA, Outlook Mobile Access,
Exchange ActiveSync,
; remote procedure call over Hypertext Transfer Protocol, and Web Folders.
; Version 1.1
[options]
; NOTE: Customers with Exchange 2003 running on Windows Server 2003 with
URLScan installed may need to modify the "VerifyNormalization=1"
; option in this template to be "VerifyNormalization=0" if they encounter a
"404" error when attempting to open messages or items that contain
; the "+" symbol in the subject or name.
UseAllowExtensions=0
NormalizeUrlBeforeScan=1
VerifyNormalization=0
AllowHighBitCharacters=1
AllowDotInPath=1
RemoveServerHeader=0
EnableLogging=1
PerProcessLogging=0
AllowLateScanning=0
PerDayLogging=1
RejectResponseUrl=
UseFastPathReject=1
;LoggingDirectory=
LogLongUrls=0
[AllowVerbs]
; These are the only verbs that are permitted.
GET
POST
PROPFIND
PROPPATCH
BPROPPATCH
MKCOL
DELETE
BDELETE
BCOPY
MOVE
SUBSCRIBE
BMOVE
POLL
SEARCH
HEAD
PUT
OPTIONS
RPC_OUT_DATA
RPC_IN_DATA
X-MS-ENUMATTS
LOCK
UNLOCK
[DenyVerbs]
[DenyHeaders]
;
; Request headers that are listed in this section cause Urlscan to
; reject any request where these request headers are present.
;
; List headers in the form
; Header-Name:
transfer-encoding:
[AllowExtensions]
;.asp
..cer
..cdx
..asa
..htm
..html
..txt
..jpg
..jpeg
..gif
..dll
[DenyExtensions]
; Deny executable files that might run on the server.
; DO NOT include .exe in this list if Exchange 2003 OWA is configured to use
SMIME as that would disable OWA.
..exe
..bat
..cmd
..com
; Deny scripts that are used infrequently.
..htw ; Maps to webhits.dll, part of Index Server.
..ida ; Maps to idq.dll, part of Index Server.
..idq ; Maps to idq.dll, part of Index Server.
..htr ; Maps to ism.dll, a previous administrative tool.
..idc ; Maps to httpodbc.dll, a previous database access tool.
..shtm ; Maps to ssinc.dll for server-side includes.
..shtml ; Maps to ssinc.dll for server-side includes.
..stm ; Maps to ssinc.dll for server-side includes.
..printer ; Maps to msw3prt.dll for Internet printing services.
; Deny various static files.
..ini ; Configuration files
..log ; Log files
..pol ; Policy files
..dat ; Configuration files
; Deny extensions for Outlook Mobile Access.
..asax
..ascs
..config
..cs
..csproj
..licx
..pdb
..resx
..resources
..vb
..vbproj
..vsdisco
..webinfo
..xsd
..xsx
;.dll ; Cannot do this for RPC over HTTP or for Exchange ActiveSync.
[DenyUrlSequences]
... ; Do not permit directory traversals.
../ ; Do not permit trailing dot on a directory name.
\ ; Do not permit backslashes in URL.
% ; Do not permit escaping after normalization.
& ; Do not permit multiple Common Gateway Interface processes to run on a
single request.
[RequestLimits]
MaxAllowedContentLength=1073741824
MaxUrl=16384
MaxQueryString=4096
.
- Follow-Ups:
- Re: urlscan + OWA spell checker
- From: Andrew Sword [MVP]
- Re: urlscan + OWA spell checker
- Prev by Date: Re: Exchange 2003 Default Permission
- Next by Date: Exchange 2003 Mailbox Manager
- Previous by thread: AUTODL DOCUMENTATION
- Next by thread: Re: urlscan + OWA spell checker
- Index(es):
Relevant Pages
|
