In my Exchange Server environment, I needed to add a security disclaimer to the Outlook Web App (OWA) logon screen. Exchange doesnβt provide a PowerShell parameter to set this text, so I customized the OWA logon.aspx file manually. Here’s how I did it step by step.
π Step 1: Locate the OWA Logon Page
- On the Exchange server, I navigated to the following path:
C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\auth
This folder contains the files that control the OWA logon page. The one I needed to modify was:
logon.aspx
π Tip: Before touching anything, I created a backup copy of the original file:
Copy-Item "logon.aspx" "logon_backup.aspx"
βοΈ Step 2: Edit the Logon Page
I opened logon.aspx using Notepad or Notepad with Run as administrator.
Inside the file, I searched for this line (usually near the bottom):
"div class="hidden-submit"
Then I added the following HTML code just above it to display my custom disclaimer:
This message now appears right below the login form when users access OWA.
π Step 3: Restart IIS
To apply the changes, I restarted IIS: iisreset
After that, I opened the OWA URL in a browser and confirmed that the disclaimer was visible below the sign-in area.
π Things to Keep in Mind
- Cumulative Updates (CUs) can overwrite customizations, so I saved a copy of my modified file and documented the steps in case I need to re-apply them.
- This change affects only OWA, not the ECP page.
- For more advanced branding, I could also edit
logon.cssin the same folder.
β Final Result
Now, every time someone visits my OWA page, they see a bold disclaimer clearly warning about authorized use and monitoring. Itβs a simple but important security enhancement.