Forum Discussion
AltocumulusDrop request pre APM Login
I have an APM policy for mail access.
Policy is as follows:
Client for MS Exchange -> Login Page -> Domain check -> Domain A -> LDAP Auth -> Success -> SSO -> Allow -> Fail -> Deny -> Domain B -> LDAP Auth -> Success -> SSO -> Allow -> Fail -> Deny
So problem is we are moving to Exchange 2016 and want to restrict /mapi URI
I tried the following iRule but the our test show the user still getting to the login prompt.
when HTTP_REQUEST { if { [string tolower [HTTP::uri]] starts_with "/mapi/" } { log local0. "Rejecting [HTTP::uri] request" reject } }
Would I need to set something in the policy or look at the following variable instead? session.server.landinguri
If so how would I write this irule?
Thx Rich
2 Replies
kunjanNimbostratus
Are they able to use mapi after Login?
richard_polyakOk figured out the issue. It was more than just /mapi requesting authentication, I also required to drop /ews & /autodiscover for the new VS / APM policy.
