Exchange 2010 Deployment Guide and ActiveSync

Cheers Dayne.

Which makes me wonder about EWS support... This iRule ONLY does basic auth. But basic auth for EWS is explicitly stripped out, unless you copy the iRule and modify iot (It's signed, so you can't modify it in place).

Is that by design? or just a simple over-sight? Or am I missing something? (In fact the doc seems to ignore EWS entirely. Especially in the requirements).

FWIW we did get it working. Basically enable the EWS BKEND basic auth variable, (Enable 401 caching while we're at it) and modify the VPE to include AD auth after splitting between exchange clients (non-interactive) and non-exchange clinets (interactive) so that interactive need to use securid.

[Note that doesn't take into account enforcing securid for all OWA. In theory you could get around the securid auth requirement by using EWS or acctivesync to setup a session, so you have to catch that later in an iRule to veriofy all access to /owa* has had a secureid authentication]

H