Symptoms



Consider the following scenario. You try to access a Microsoft Exchange 2013 Outlook Web Access (OWA) website that is published through a Microsoft Forefront Unified Access Gateway 2010 server. The server is running Service Pack 3. In this scenario, you may receive the following error message:

You have attempted to access a restricted URL, the URL contains an invalid path.


Additionally, multiple warning messages that resemble the following are logged in the Web monitor event log:



Note These messages are followed by a description that the URL contains an invalid path.

The following are URL examples that may not match the predefined URL ruleset:

Embedded OpenType font styles (Rule will allow this path but applies only to gif|css|wav|wrng|png|ico)
/owa/15.0.620.29/owa2/resources/styles/segoeui-regular.eot?
/owa/15.0.620.29/owa2/resources/styles/segoeui-semibold.eot?
/owa/15.0.620.29/owa2/resources/styles/segoeui-semilight.eot?

MP3 sound files ( (Rule will allow this path but applies only to gif|css|wav|wrng|png|ico)
/owa/15/0/620.29/owa2/resources/sounds/calendar_notify.mp3?UA=0
/owa/15/0/620.29/owa2/resources/sounds/email_notify.mp3?UA=0

Additional fonts (Rule allows themes but not from /owa/AUTH/ path)
/owa/auth/15.0.620/themes/resources/segoeui-regular.eot?
/owa/auth/15.0.620/themes/resources/segoeui-regular.ttf
/owa/auth/15.0.620/themes/resources/segoeui-semibold.ttf
/owa/auth/15.0.620/themes/resources/segoeui-semilight.eot?
/owa/auth/15.0.620/themes/resources/segoeui-semilight.ttf

ASHX ( (Rule allows this extension but not for /owa/MANIFESTS/ folder path)
/owa/manifests/appCacheManifestHandler.ashx?manifest=0&layout=mouse&UA=0
/owa/manifests/appCacheManifestHandler.ashx?manifest=0&layout=tnarrow&UA=0
/owa/manifests/appCacheManifestHandler.ashx?manifest=0&layout=twide&UA=0
/owa/manifests/appCacheManifestHandler.ashx?manifest=1&layout=mouse

Cause

This problem occurs because some URLs that may be used during client Exchange 2013 OWA access are not matched by the Regex expressions in the *.RuleSet_ForExchangePub2013.ini files. These rulesets are included in the new Exchange 2013 publishing templates in Service Pack 3 for Forefront Unified Access Gateway 2010.

Resolution

To resolve this problem, install Service Pack 4 for Microsoft Forefront Unified Access Gateway 2010.

Workaround

To work around this problem, manually add the missing Exchange 2013 URLs to the existing Forefront Unified Access Gateway rulesets.

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References

See the terminology Microsoft uses to describe software updates.

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!

×