Microsoft Teams Calendar is not syncing with exchange calendar through APM

Majed · ‎22-Apr-2020

Hello,

I have implemented a custom APM for exchange 2016 using exchange iapp v 1.2. it is working fine but when I deployed a hybrid exchange with office 365 to use Microsoft Teams, calendar is not working. If I disable APM, Calendar is syncing and working fine. the problem is when the traffic goes through APM.

we tried to bypass the APM by adding this rule to the app:

priority 1

when HTTP_REQUEST {

set is_disabled 0

switch -glob [string tolower [HTTP::path]] {

"/ews/mrsproxy.svc" -

"/ews/exchange.asmx/wssecurity" {

set is_disabled 1

set path [HTTP::path]

ACCESS::disable

HTTP::path _disable-$path

pool /Common/Exchange2016.app/Exchange2016_as_pool7

}

"/autodiscover/autodiscover.svc/wssecurity" -

"/autodiscover/autodiscover.svc" {

set is_disabled 1

set path [HTTP::path]

ACCESS::disable

HTTP::path _disable-$path

pool /Common/Exchange2016.app/Exchange2016_as_pool7

}

when HTTP_REQUEST_RELEASE {

if { [info exists is_disabled] && $is_disabled == 0 } { return }

if { [info exists path] } {

HTTP::path $path

unset is_disabled

unset path

}

But still the calendar is not working.

I appreciate any help or if anyone has run into this issue before.

Regards,,,

Boris_R · ‎06-Jun-2020

Hi Majed, have you find an answer I've exactly the same problem, all the Microsoft part seems to be fine : hybrid configuration, oauth, licensing… But Calendar button doesn't appear for on-premise users...

Majed · ‎12-Jun-2020

I have not found any solution even I opened a ticket with F5 support but they did not provide any resolution.

Kaloyan · ‎12-Jun-2020

Just a guess from my side - try to disable APM for /ews* and /autodiscover* , not only for particular URIs...

When I made such exception, the exchange team wanted it in this way...

Majed · ‎12-Jun-2020

I disabled for all URLs but the same issue. i am thinking of taking exchange out of APM and find another way to apply MFA since the APM doesn't work.

Boris_R · ‎12-Jun-2020

I've tried on my side to take Exchange out of F5 (only autodiscover and EWS) and it doesn't resolve the problem. I have opened a ticket with Microsoft Support Premier yesterday, i'll tell you if we find...

Majed · ‎12-Jun-2020

thank you. actually I advised by Microsoft to apply Azure MFA through ADFS authentication. I have not applied that yet. I will be waiting your finding with MS support.

JesseG · ‎01-Jul-2020

Hi Majed,

Were you able to resolve this issue. I am having the same exact problem. Have Microsoft Premier support ticket open, but have not received much help so far. I was unsure if it is an F5 issue. Was F5 support able to help you?

Thank you

Majed · ‎01-Jul-2020

I am still working on it with both F5 and Microsoft and has not been solved yet.

JesseG · ‎02-Jul-2020

Thanks.

I opened a support case with F5 as well. Will keep you posted.

JesseG · ‎24-Jul-2020

just an update for everyone.

Opened a support case with Microsoft and F5 but there was no progress made in resolving the issue yet

JesseG · ‎30-Oct-2020

modifying this iRule got the calendar working in teams

iRuleName: VSNAME_apm_disable_hybrid_uri_irule7.

priority 1
 
when HTTP_REQUEST {
 set is_disabled 0
 switch -glob [string tolower [HTTP::path]] {
  "/ews/mrsproxy.svc" -
   "/ews/exchange.asmx" -
   "/ews/exchange.asmx/wssecurity" {
   set is_disabled 1
   set path [HTTP::path]
   ACCESS::disable
   HTTP::path _disable-$path
 
  pool /Common/WEBMAIL2016-547.app/WEBMAIL2016-547_ews_pool7
  }
   "/autodiscover/autodiscover.svc/wssecurity" -
   "/autodiscover/autodiscover.json" -
   "/autodiscover/autodiscover.svc" {
   set is_disabled 1
   set path [HTTP::path]
   ACCESS::disable
   HTTP::path _disable-$path
  pool /Common/WEBMAIL2016-547.app/WEBMAIL2016-547_ad_pool7
   }
  }
 }
 
when HTTP_REQUEST_RELEASE {
  if { [info exists is_disabled] && $is_disabled == 0 } { return }
  if { [info exists path] } {
   HTTP::path $path
   unset is_disabled
   unset path
  }
 }

Majed · ‎31-Oct-2020

Thank you very much. Indeed calendar is working now.

zanoob1 · ‎26-Jan-2023

Hello there,

I also have the same problem but the above irule did not help in resolving.

Got the same irule from an article too but still getting 403 error and i still see some /EWS and autodiscover request coming into APM even when the irule is set to disable APM for the URI.

priority 1
when HTTP_REQUEST {
set is_disabled 0
switch -glob [string tolower [HTTP::path]] {
"/EWS/mrsproxy.svc*" -
"/EWS/mrsproxy.svc" -
"/ews/mrsproxy.svc" -
"/EWS/exchange.asmx*" -
"/EWS/exchange.asmx" -
"/ews/exchange.asmx" -
"/EWS/Services.wsdl" -
"/ews/Services.wsdl" -
"/EWS/exchange.asmx/wssecurity*" -
"/ews/exchange.asmx/wssecurity" -
"/EWS/exchange.asmx/wssecurity" {
set is_disabled 1
set path [HTTP::path]
ACCESS::disable
HTTP::path _disable-$path
pool /Common/hem_exchange_2016_dtag.app/hem_exchange_2016_dtag_ews_pool7
}
"/autodiscover/autodiscover.svc/wssecurity" -
"/autodiscover/autodiscover.xml" -
"/autodiscover/autodiscover.json" -
"/autodiscover/autodiscover.svc" {
set is_disabled 1
set path [HTTP::path]
ACCESS::disable
HTTP::path _disable-$path
pool /Common/hem_exchange_2016_dtag.app/hem_exchange_2016_dtag_ad_pool7
}
}
}
when HTTP_REQUEST_RELEASE {
if { [info exists is_disabled] && $is_disabled == 0 } { return }
if { [info exists path] } {
HTTP::path $path
unset is_disabled
unset path
}
}

and still see in APM logs

DevCentral

Microsoft Teams Calendar is not syncing with exchange calendar through APM

F5 Receives Six Trust Radius
Best of 2023 Awards

F5 XC WAF

F5 BIG-IP

DevCentral

Microsoft Teams Calendar is not syncing with exchange calendar through APM

F5 Receives Six Trust Radius Best of 2023 Awards

F5 XC WAF

F5 BIG-IP

F5 Receives Six Trust Radius
Best of 2023 Awards