Forum Discussion
NimbostratusAPM / Exchange 2010 / iAPP / Authentication issue
Hi,
i'm using APM 11.6 HF5, Exchange 2010 SP3 UR10 and the iAPP "f5.microsoft_exchange_2010_2013_cas.v1.5.0". APM is standalone and will Forward traffic to LTM. Maybe someone could help me with a authentication issue that will occour in the following Situation:
1) Open Browser and open Outlook Web App URL (IE, Chrome) 2) Close Browser without loggin in (leave username and Password field blank) 3) Start Outlook 2010 4) Getting Username / Password Dialog
the following works:
1) Start Outlook 2010 2) No Passwort Dialog 3) Connected to Exchange
and this is working also:
1) Start Outlook 2010 2) No Password Dialog 3) Connected to Exchange 4) Open Browser and Open OWA URL 5) Login to OWA (f5 Logon page) 6) OWA and Outlook works
and this is not working:
1) Open Browser and Open OWA URL 2) Login to OWA (f5 Logon page) 3) OWA works 4) Start Outlook 2010 5) getting Password prompt
Have anyone a idear where this is coming from?
Regards, Frank
5 Replies
Hi Frank, that sounds unusual. Have you turned up APM logging to debug? If you go to System ›› Logs : Configuration : Options, then set Access Policy and SSO to Debug and watch /var/log/apm from the command line, you should see some indication of what's happening.
I assume you are using NTLM front-end auth for Outlook Anywhere, correct?
Frank_ZoechlingHi,
i have turned on logging and thats whats in the log when i get the Password Dialog:
Sep 1 10:05:14 apm notice tmm3[17698]: 01490506:5: 5b436b7b: Received User-Agent header: Mozilla%2f4.0%20(compatible%3b%20MSIE%207.0%3b%20Windows%20NT%206.1%3b%20WOW64%3b%20Trident%2f7.0%3b%20SLCC2%3b%20.NET%20CLR%202.0.50727%3b%20.NET%20CLR%203.5.30729%3b%20.NET%20CLR%203.0.30729%3b%20.NET4.0C%3b%20.NET4.0E). Sep 1 10:05:14 apm notice tmm3[17698]: 01490544:5: 5b436b7b: Received client info - Type: IE Version: 7 Platform: Win7 CPU: WOW64 UI Mode: Full Javascript Support: 1 ActiveX Support: 1 Plugin Support: 0 Sep 1 10:05:14 apm notice tmm3[17698]: 01490500:5: 5b436b7b: New session from client IP 80.147.160.205 (ST=Bayern/CC=DE/C=EU) at VIP 172.18.1.122 Listener /Common/owa.domain.de.app/owa.domain.de_edge (Reputation=Unknown) Sep 1 10:05:20 apm notice tmm[17698]: 01490521:5: 12b66fcc: Session statistics - bytes in: 1501, bytes out: 2449 Sep 1 10:05:29 apm notice tmm[17698]: 01490506:5: f73a778d: Received User-Agent header: MSRPC. Sep 1 10:05:29 apm notice tmm[17698]: 01490544:5: f73a778d: Received client info - Type: unknown Version: 0 Platform: unknown CPU: unknown UI Mode: Full Javascript Support: 0 ActiveX Support: 0 Plugin Support: 0 Sep 1 10:05:29 apm notice tmm[17698]: 01490500:5: f73a778d: New session from client IP 80.80.80.80 (ST=Bayern/CC=DE/C=EU) at VIP 192.168.1.1 Listener /Common/owa.domain.de.app/owa.domain.de_edge (Reputation=Unknown) Sep 1 10:05:29 apm notice apd[12316]: 01490010:5: f73a778d: Username 'user@domain.local' Sep 1 10:05:29 apm notice apd[12316]: 01490005:5: f73a778d: Following rule 'fallback' from item 'SSO Credential Mapping' to ending 'Allow' Sep 1 10:05:29 apm notice apd[12316]: 01490102:5: f73a778d: Access policy result: LTM+APM_ModeI don't see any error. I'm using Basic Authentication for OWA and Outlook Anywhere. Regards, Frank
- There should be more to that log. Did you mean to say that you are using forms-based auth for OWA? The iApp only supports forms and smart card auth when using APM. You might want to open a case with F5 support on this. If you want to post the case , I can track it as well.
- Frank_Zoechling
Hi, there is nothing more in the log. I'm using forms based auth for OWA and Basic auth for Outlook Anywhere. i will open a Support case. Thanks for your help.
- Frank_Zoechling
Case is open: C1914351
