• What we have here, is a failure to communicate…

Microsoft Exchange Outlook Web App – Restricting Users By Location (IP Subnet) & Group

The powers that be decided that we need to be more secure and most of our users should not be working remotely without permission, and that includes just checking email. So I had to devise a way to make this happen. I found a script somewhere online that seemed to provide such a restriction. The file to be changed is

C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Owa\forms\startpage.aspx
Of course, this is for Exchange 2010. I assume this would be similar in later versions of Exchange, but I cannot confirm.
This is my first iteration:

However, this did not work when I tried to restrict the user to group “pridedallas.com\\Outlook Web Access – Remote” – no user had access.

After much effort, I discovered that LogonUserIdentity is the Exchange service name, not the actual user name. So I modified it to this, which works great!