Can I Capture Outlook Login Details With no Login Page in APM?

I'm working with a customer that wants to use APM to handle some more granular access to their Exchange 2016 servers that are being load balanced by LTM. Is there a way I can create an access policy that can determine the user or UID of a user when they attempt to connect to exchange through Outlook? They want to make it so certain users do not have access to Exchange based on their IP and an AD attribute. If i were just IP it would be easy enough. I can't figure out how to capture any username information without having a login page.

Any ideas?