Forum Discussion
CirrusAPM Rewrite and MS Sharepoint
Hi,
Still seeing issues with certain aspects of using an F5 as a reverse proxy for our Sharepoint system. I now have SSO working just fine, however, we are still having issues getting the Edit/Read only function working as we would expect. After doing quite a bit of research, I ran across this Microsoft KB articular that may shed some light on the issues we are seeing. Just wanted to throw this out and see what others think: Supportability of Rewrite and Redirects with SharePoint 2007/2010/2013
Oh, and we are using rewrites in our setup..
Thoughts... dg
20 Replies
kj07208_118528I was evaluating the same thing. The rewrite technology makes me nervous especially with SharePoint and all the components and integration into Office. Use can use APM and SSO without the rewrite technology. Also another thing to consider is that SharePoint especially SP 2010 makes use of SilverLight. Have you tried any Office products yet? If so what was your experience and what version of Office did you use?
DannyG_34437Currently only using Office 2010 and Office 2007 loaded on the clients. Just started noticing odd issues while testing... Users are normally expecting to see the message "Open for read only or edit" when connected to the LAN while opening MS documents, but when coming through APM, application just wants to open in office or save as... My question is, How do I turn off rewrite and what are the implications of doing so?- DannyG_34437
Ok, I turned off rewrite for my site and boom... The opening of Microsoft documents started working as expected when going through APM. However, my SSO is no longer working... Working on this one now... Anyone with ideas why SSO would stop working just off the top of their head?
Thanks,
dg
- Kevin_Stewart
Employee
Two questions:
-
Is this related to your other post about "Editing sharepoint documents through APM"? And was it always configured behind a portal rewrite?
https://devcentral.f5.com/questions/editing-sharepoint-documents-through-apm
-
What SSO method are you using? You should absolutely be able to do SSO to SharePoint without using portal rewrite, but there may be some subtle differences in the SSO config.
-
- Kevin_Stewart
Do you have the NTLM SSO profile applied to the access policy, and if so are you feeding it the correct values in the session variables (session.sso.token.last.username, session.sso.token.last.password, and session.logon.last.domain)?
- DannyG_34437
Yes, I have the NTLM SSO profile applied to the policy and am feeding it the correct tokens. Really kind of puzzled by this one... Now, I am only aware of one way to turnoff rewrite, and that is by using the bypass list in the rewrite profile. Is this correct?
Thanks, Danny
- DannyG_34437I believe what I turned on is actually called "Split-Tunneling" ..
- Kevin_Stewart
Oh I see. You're still inside a portal. Is this absolutely required? Can you not just publish SharePoint directly with an access policy?
- DannyG_34437
I think I have to use the portal. However, tell me more about publishing directly with access policy.
- Kevin_Stewart
Well, the first thing to look at is the latest SharePoint iApp. You can download it directly from DevCentral and install it.
https://devcentral.f5.com/wiki/iApp.Microsoft-Applications.ashx
The iApp will ask you a few simple questions about your environment and then build out the complete configuration (LTM, APM, NTLM SSO). From there you can tweak, but then you may not have to.
- DannyG_34437
Yeah... I've been testing the iAPP. Works well, but still have the same issues with editing documents. If I put the vip/fqdn in the bypass, editing sharepoint documents works as expected. However, SSO breaks... My question is if I put the VIP/FQDN in the bypass list does that automatically exclude using SSO?
Thanks, Danny
