well the only issue with this approach is i have a standard role that everyone gets. The old OWA was part of that role so now i have taken owa out of the old role but it still has stuff that users need to get to. So if i assign the 2007 owa role and put a stop after that the users will not get the rest of the bookmarks they are suppose to get.

If i put the Standard role first and then owa 2007 one underneath it and than put a stop rule that will work but than our corporate standard of keeping owa at the top of the page does not work

Hi,

I think you would need two AD groups in order to map each specific OWA rule. We have a similar issue and this was the only way we could get this going. However, you could flag a specific AD attribute for users that need the new or old bookmark and setup a role mapping rule to check the attribute.

-John

Hi,

may be a "Custom Expressions" Role Mapping is the solution (I think the advanced license is needed for that)

With a "Custom Expressions" Role Mapping the "NOT" logical operator is available, so if your are not a member of a group you«ll get a specific role

Well both are good suggestions but we have over 50k users and moving them from one group to another is not something that our MSFT team said they can do. So all i have is one group that has all the 2007 owa users and than there are the people who are not part of that group.

i do have advanced license and have tried to use custom expressions but they are not working either. May be i am not using the right syntax but there are no examples of this either so i am not sure.

using

NOT group.groupname does not work it throws a syntax error bec we use "." in our group names

groups!="groupname" does not throw a syntax error but it does not work either as there is no match for this rule in the policy trace.

Try -

groups != ("groupname")

That worked for me.

Ken