exchange 2016 APM S4U Issues when AD domain and Email domain differ

Guys

I am wondering if you can help. I am currently deploying a green field exchange 2016 deployment through a BIG IP APM/LTM combo. This is two seperate F5 appliances, whereby the first is APM and the second is LTM. I have deployed the solution using the latest Exchange 2016 iAPP however when accessing the services externally I get S4U ticket issues.

In this deployment, the internal AD domain, and the external mail domain are two different addresses. For the sake of this I will refer to the AD domain, as AD.LOCAL, and email as EMAIL.COM.

Ive added the EMAIL.COM suffix to AD Sites and Services, such that a user is able to login with a UPN of ADDRESS@EMAIL.COM or USERID@AD.LOCAL

However I am seeing S4U ticket issues in the APM.log file.

DNS is working correctly, and I have setup the SPNs as per the build guide with the correct AD deligation accounts. Ive got to the limits of my knowledge

Has anyone had similar problems?

Forum Discussion

exchange 2016 APM S4U Issues when AD domain and Email domain differ

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

IPv8 Would Fix My Routing Tables. It Will Never Ship.

Recent Discussions

Errors with AS3 3.56.0 with F5 17.5.1.6

F5 ASM/AWAF – violations logged but no learning suggestions generated

F5 VELOS Backplane Inter-Tenants Communication

migrate from serie I to R. Cluster LTM-GTM

Best Practice guide for enabling Attack signature In BIG-IP ASM