Exchange 2013 has built-in features that allow end users to share calendars with internal users and engage in external...
collaborations using several methods, including forest trusts and federated sharing. But the simplest way is to enable Exchange's built-in, standards-compliant calendar-sharing feature. This tip explains how to enable the calendar-sharing feature and publish it securely to the Internet.
The feature for sharing Exchange 2013 calendars with external users is called Anonymous sharing. This doesn't mean that calendars for end users will be exposed for anonymous users to browse. It means that when an end user shares his calendar with someone outside the organization, an encoded URL will generate that cannot be guessed, but it doesn't require a username and password to access.
To enable Anonymous Calendar Sharing, open the Exchange Administration Center and navigate to Organization > Sharing. In the Individual Sharing section, edit the Default Sharing Policy (Figure 1).
Choose Add to add a new domain to the Default Sharing Policy.
After doing so, the Sharing Rule window will open. You might want to choose the Sharing with all domains option, which incidentally is selected by default, but choosing this option will have no effect, as it relates to other domains that use Exchange's Federated Sharing feature. Instead, choose Sharing with a specific domain and enter Anonymous.
We'll also choose the maximum level of detail that all users will be able to share with external users to include All calendar appointment information.
After choosing to save the new rule, verify that the additional Anonymous domain is listed within the Default Sharing Policy and save the changes (Figure 2).
Our next step within Exchange Server is to ensure that Anonymous Calendar sharing features are ready for use in Exchange itself. We'll use the Exchange Management Shell to configure this setting against each Exchange 2013 Mailbox Server, using the following command (Figure 3).
Get-OWAVirtualDirectory -Server <ServerName> | Set-OWAVirtualDirectory -AnonymousFeaturesEnabled:$True
Publishing Anonymous Calendars to the Internet
If your Exchange Servers are not directly exposed to the Internet, you'll likely need to make a few configuration changes to publish Anonymous Calendar sharing. Anonymous Calendar sharing is available on the Internet via HTTP -- not HTTPS -- under the path /owa/calendar/.
We'll take a quick look at how to publish this using Forefront TMG, though the same approach applies to other options, such as IIS Application Request Routing.
We'll start by creating a new Web Site Publishing Rule within TMG (Figure 4).
Our rule to publish Anonymous Calendars is fairly simple, so we'll just show the pages of the Wizard that use non-default settings. The first setting we'll change from the default is to select Use non-secured connections to connect the published Web Server or server farm on the Server Connection Security page.
On the Internal Publishing Details page, we'll choose a specific path to share calendars. We don't need to publish anything except for /owa/calendar/* on HTTP using this rule, so we'll enter that path. If it's necessary, we'll also create a new Web Listener as part of the Wizard. The minimum settings required for our HTTP-only listener are a Client Connection type of Insecure with a Client Authentication Method of No Authentication.
After creating the rule, we can verify that it's listed as a higher priority than other Exchange Rules and activate the configuration.
The end-user experience to share calendars
Now that we've configured Anonymous Calendar Sharing in Exchange, let's have a look at how this affects end users.
The best thing about the process for sharing calendars is that end users don't have to do anything special for external sharing. All they need to do is navigate to the Calendar in OWA or Outlook and choose Share (Figure 5).
After choosing to share their calendars, end users can limit the recipient's ability to view all the details in the calendar. For example, they may wish to only share availability with some people and full details with others.
When a recipient receives the resulting sharing message, they receive instructions and two links to the shared calendar. The first is an HTTP link that allows the recipient to view the sender's calendar in a Web browser. This requires no access to a calendar reader, only access via HTTP to the Internet and the recipient's Exchange Server.
The second link is a link to the standards-compliant iCal version of the shared calendar. This can be added to most email programs, or even to webmail clients like Gmail. For example, if recipients want to add the calendar to Outlook, they simple choose Add Calendar > From Internet. After confirming they want to subscribe, the shared calendar will be shown within Outlook and updated automatically on a regular basis (Figure 6).
Exchange 2013 builds upon features introduced mid-lifecycle in Exchange 2010 to really make standards-based calendar sharing integrated seamlessly into the product.
About the author:
Steve Goodman is an Exchange MVP and works as a technical architect for one of the U.K.'s leading Microsoft Gold partners. Goodman has worked extensively with Microsoft Exchange since version 5.5 and Office 365 since its origins in Exchange Labs and Live@EDU.