irule to disable APM access profile

Thing is native Mail.app works without a hitch for any NTLM domain I come from in the format of \user. With Mail.app and when looking at the debug apm log, it receives the NTLM encoded auth header, proceeds straight to SSO mapping and an APM allow event.

With Outlook 2011, the APM only receives the basic authentication header and then fails over to the AAA server, which authenticates only if the requesting NTLM domain is in the same domain as the actual Exchange servers. This presents an issue in a resource forest deployment as what we are in. I tried LDAP failover, got an APE allow but no access for the client. I also tried the requesting domain in the AAA server but then I get errors logged about the realm not being local to the KDC, which I can understand because of Kerberos constrained delegation issues when going cross-forest.

So trying to find something to capture the HTTP traffic on the MacOutlook client to see if it is sending NTLM or whether it's something on the F5.

Looking at the older exchange iApp template it appears as if there were issues with MailApp and OutlookMac but since addressed.