F5 mapi over http Preauthentication failed via APM

Hello, yes you should be to support MAPI with the iApp, per the deployment guide:

https://www.f5.com/content/dam/f5/corp/global/pdf/deployment-guides/microsoft-exchange-2016-dg.pdf

"You can configure the BIG-IP system to support any combination of the following services supported by Mailbox servers: Outlook Web App (which includes the HTTP resources for Exchange Control Panel), Exchange Web Services, Outlook Anywhere (RPC over HTTP, including the Offline Address Book), ActiveSync, Autodiscover, POP3, IMAP4, and MAPI over HTTP. "

Hello dave,

Thanks for your answer.

I've done the configuration using Iapp 1.02 (we use basic authentication + ntlmv2).

but mapi authentication on F5 DMZ still failed via APM.

for testing i've used https://testconnectivity.microsoft.com/.

error message is : "Testing the address book "Check Name" operation for user xxx against server xxx. An error occurred while attempting to resolve the name".

see attached the diagram of the VPE.

Thanks,

What does your APM log say when you attempt to authenticate? If you do not have a lot of APM for other applications it should be manageable by following the log in cli bash

tail -f /var/log/apm

Bear in mind that your exchange servers might not have been configured for basic auth.

I have seen external MAPI work well with APM, this was configured with NTLM for validating the klient and then kerberos to the backend server.