Forum Discussion

TomTomT_347946's avatar
TomTomT_347946
Icon for Nimbostratus rankNimbostratus
Jan 18, 2018

How can I identify the SharePoint Application in Access Policy?

Hi All,

 

I'm taking over the responsibility of our F5 and don't have any experience as of yet. We have an Access Policy which identifies users accessing out SharePoint services over the Internet using SSO and Client OS session variables.

 

I'm unable to figure out how to identify what people are using the SharePoint application to where I would just forward the user to the server and bypass SSO as credentials are already added in the application.

 

I've included a picture of our current Access Policy.

 

 

The "SharePoint Application" branch doesn't work and contains this code:

 

expr { [mcget {session.client.platform}] contains "com.microsoft.sharepoint" }

 

Does anyone know a different way of defining a branch for identifying the SharePoint application? The App works just fine when bypassing the F5 altogether. I opened a support case, but since we have an AWS F5 instance, it doesn't include the "full" support in our license and the tech suggested to get that for "installation" assistance.

 

Any help would be greatly appreciated!

 

  • try adding a custom logging agent at the fallback branch of the "IP Reputation" to log the client.platform variable and check what will be logged while using the sharepoint client.