cancel
Showing results for 
Search instead for 
Did you mean: 

exchange 2013 owa logout page redirect back to apm login page

Basavaraj
Altostratus
Altostratus

Hi Experts,

 

We have deployed 2013 exchange owa sso using f5 APM, from outside users can access https://mail.emmcc.com, users get apm login page and customer provides AD credentials and they will diretly log into outlook. When users click the log-out page users are getting an exchange log-out page. we want users to be redirected to apm login page when they click on the outlook logout.

 

would like to know if this possible to do if yes how can I achieve this?

 

Thanks

Basavaraj

4 REPLIES 4

Hi Basavaraj,

 

there is a deployment guide for Microsoft Exchange Server 2016, which I think is also applicable to 2013.

DEPLOYMENT GUIDE - Microsoft Exchange Server 2016 (BIG-IP v11 - v13: LTM, APM, AFM)

Scroll all the way down to "Creating the iRule to terminate inactive APM sessions if using Forms-based authentication for OWA (default)".

 

This will terminate the session on APM and you will see this:

0691T00000C2WHpQAN.png 

For simplicity, here is the iRule

when RULE_INIT { set static::cookie_sessionid [format "sessionid=null; path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT;"] set static::cookie_cadata [format "cadata=null; path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT;"] set static::cookie_usercontext [format "UserContext=null; path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT;"] } when ACCESS_SESSION_STARTED { if { [string tolower [HTTP::uri]] contains "ua=0" } { ACCESS::session remove } } when ACCESS_ACL_ALLOWED { set apm_mrhsession [HTTP::cookie value "MRHSession"] if { [table lookup $apm_mrhsession] == "EXCHANGE_LOGOUT" } { ACCESS::session remove table delete $apm_mrhsession } } when HTTP_REQUEST { set isset 0 if {[string tolower [HTTP::uri]] starts_with "/owa" } { if {[string tolower [HTTP::uri]] contains "logoff" } { ACCESS::session remove HTTP::respond 302 Location "https://[HTTP::host]/vdesk/hangup.php3" "Set-Cookie" $static::cookie_sessionid "Set-Cookie" $static::cookie_cadata "Set-Cookie" $static::cookie_usercontext } else { if { [string tolower [HTTP::uri]] contains "ua=0" } { set mrhsession [HTTP::cookie value "MRHSession"] set isset 1 } } } } when HTTP_RESPONSE { if { $isset == 1 } { if { $mrhsession != "" && [HTTP::status] == 440 } { table set $apm_mrhsession "EXCHANGE_LOGOUT" return } } }

 

Dear Danial,

 

Thanks for your response

 

we have deployed the owa sso with 2013 iapp template, there are a couple rules are already created, do you want me to edit any one of the irule or do you want me to add this irule to the virtual server?

 

Thank you

Basavaraj

You could check if there is an iRule with the same or similar content created by the iApp and attached to the VS. If not, create this one, add it to the VS and give it a shot.

 

Also, when using iApp prior to version v1.0.1rc1, there was an issue where users were unable to logout of an APM session after clicking logout from OWA. The issue has been corrected in iApp version v1.0.1rc1. Always make sure to use the latest iApp version. IMHO it is perfectly OK to use the RC versions.

Hi Daniel,

 

Thanks for your response, I will check this and update you same

 

Thanks

Basavaraj