Forum Discussion

Pluppo_72680's avatar
Pluppo_72680
Icon for Nimbostratus rankNimbostratus
Jun 03, 2014

Second authentication prompt when accessing Exchange 2013 Outlook Web app using BigIP LTM.

We are deploying Exchange 2013 loadbalanced behind BigIP (running 11.3). I have used the newest iApp (f5.microsoft_exchange_2010_2013_cas.v1.3.0) to make the configuration. We are only using LTM and ...
application delivery
devops
iApps
LTM
microsoft
  • mikeshimkus_111's avatar
    mikeshimkus_111
    Jun 03, 2014

    Hi Pluppo, is it possible for you to use the IE Developer Tools' (F12) network facility or an application like Fiddler or HTTPWatch to identify the resource that responds with the 401 status after you have logged in? My guess is that it's ECP, since that's most closely related to OWA. On the Client Access servers, do you have OWA and ECP authentication types both set to forms-based for all servers?

     

    thanks

     

    Mike

     

Cody_Green's avatar
Cody_Green
Icon for Employee rankEmployee
Jun 03, 2014

Pluppo,

 

My guess is that OWA is accessing a second service (like EWS) and is trying to use NTLM/Kerberos authentication. You may not have the F5 configured to handle client NTLM authentication correctly when using using OneConnect.

 

Try disabling OneConnect and see if you're still prompted. If so, you can re-enable your OneConnect and configured/adjust your NTLM profile.

 

Cody