If you’ve ever installed Exchange 2010 or 2013, you can probably recall that first time you tried visiting OWA, and there it is the 403.4 error. Of course that small moment of panic sets in because you’re certain there were no errors with the install. Then after a few minutes of scouring the internet, you finally realize that you’re not crazy because this is by designed!
While I understand that the last thing we want is to expose our user’s login information over an HTTP connection, from a usability perspective it’s frustrating for users to have to remember to type https:// when trying to get to OWA. We can resolve this by going to the default site and disabling the require SSL and setting up a redirection. However,thanks to inheritance, you’ve just unknowingly disabled the requirement for SSL across the entire default site. Now we need to go to each of the various folders and enable the SSL requirement, but make sure that the PowerShell folder isn’t enabled or you’ll break the Exchange management shell.
So 30 minuets later I’ve fixed one of my Exchange servers, awesome! I got tired of going through this routine, so I cooked up a PowerShell script that will do the work for you. Hopefully you’ll find it useful as well!