Forum Discussion

The-messenger_1's avatar
The-messenger_1
Icon for Nimbostratus rankNimbostratus
Sep 08, 2017

client certificate authentication - continued

I've been working on an APM policy to use client cert auth (no login page/no password) for Exchange ActiveSync. I think my session is successful but this isn't right and I'm not sure that Exchange is actually accepting this. Here's a snip of a session. The domain name is set, the entries metatdata len 351 and "Could not find SSO domain, check variable assign agent setting" will continue to repeat throughout the session.

 

 

VPE

 

  • Hi,

    Which account is used as exchange account? Did you create a machine account as recommended when working with CAS cluster?

    If yes, which SPN did you configured for this account?

    If you have defined one, is it :

    HTTP/mailserver-02.domain.org    
    

    If not and is based on the Host of the request, define Kerberos sso pattern to

    HTTP/%h