Microsoft Teams Calendar is not syncing with exchange calendar through APM

Majed · ‎22-Apr-2020

Hello,

I have implemented a custom APM for exchange 2016 using exchange iapp v 1.2. it is working fine but when I deployed a hybrid exchange with office 365 to use Microsoft Teams, calendar is not working. If I disable APM, Calendar is syncing and working fine. the problem is when the traffic goes through APM.

we tried to bypass the APM by adding this rule to the app:

priority 1

when HTTP_REQUEST {

set is_disabled 0

switch -glob [string tolower [HTTP::path]] {

"/ews/mrsproxy.svc" -

"/ews/exchange.asmx/wssecurity" {

set is_disabled 1

set path [HTTP::path]

ACCESS::disable

HTTP::path _disable-$path

pool /Common/Exchange2016.app/Exchange2016_as_pool7

}

"/autodiscover/autodiscover.svc/wssecurity" -

"/autodiscover/autodiscover.svc" {

set is_disabled 1

set path [HTTP::path]

ACCESS::disable

HTTP::path _disable-$path

pool /Common/Exchange2016.app/Exchange2016_as_pool7

}

when HTTP_REQUEST_RELEASE {

if { [info exists is_disabled] && $is_disabled == 0 } { return }

if { [info exists path] } {

HTTP::path $path

unset is_disabled

unset path

}

But still the calendar is not working.

I appreciate any help or if anyone has run into this issue before.

Regards,,,

Boris_R · ‎06-Jun-2020

Hi Majed, have you find an answer I've exactly the same problem, all the Microsoft part seems to be fine : hybrid configuration, oauth, licensing… But Calendar button doesn't appear for on-premise users...

Majed · ‎12-Jun-2020

I have not found any solution even I opened a ticket with F5 support but they did not provide any resolution.

Kaloyan · ‎12-Jun-2020

Just a guess from my side - try to disable APM for /ews* and /autodiscover* , not only for particular URIs...

When I made such exception, the exchange team wanted it in this way...

Majed · ‎12-Jun-2020

I disabled for all URLs but the same issue. i am thinking of taking exchange out of APM and find another way to apply MFA since the APM doesn't work.

Boris_R · ‎12-Jun-2020

I've tried on my side to take Exchange out of F5 (only autodiscover and EWS) and it doesn't resolve the problem. I have opened a ticket with Microsoft Support Premier yesterday, i'll tell you if we find...

Majed · ‎12-Jun-2020

thank you. actually I advised by Microsoft to apply Azure MFA through ADFS authentication. I have not applied that yet. I will be waiting your finding with MS support.

JesseG · ‎01-Jul-2020

Hi Majed,

Were you able to resolve this issue. I am having the same exact problem. Have Microsoft Premier support ticket open, but have not received much help so far. I was unsure if it is an F5 issue. Was F5 support able to help you?

Thank you

Majed · ‎01-Jul-2020

I am still working on it with both F5 and Microsoft and has not been solved yet.

JesseG · ‎02-Jul-2020

Thanks.

I opened a support case with F5 as well. Will keep you posted.

JesseG · ‎24-Jul-2020

just an update for everyone.

Opened a support case with Microsoft and F5 but there was no progress made in resolving the issue yet

JesseG · ‎30-Oct-2020

modifying this iRule got the calendar working in teams

iRuleName: VSNAME_apm_disable_hybrid_uri_irule7.

priority 1
 
when HTTP_REQUEST {
 set is_disabled 0
 switch -glob [string tolower [HTTP::path]] {
  "/ews/mrsproxy.svc" -
   "/ews/exchange.asmx" -
   "/ews/exchange.asmx/wssecurity" {
   set is_disabled 1
   set path [HTTP::path]
   ACCESS::disable
   HTTP::path _disable-$path
 
  pool /Common/WEBMAIL2016-547.app/WEBMAIL2016-547_ews_pool7
  }
   "/autodiscover/autodiscover.svc/wssecurity" -
   "/autodiscover/autodiscover.json" -
   "/autodiscover/autodiscover.svc" {
   set is_disabled 1
   set path [HTTP::path]
   ACCESS::disable
   HTTP::path _disable-$path
  pool /Common/WEBMAIL2016-547.app/WEBMAIL2016-547_ad_pool7
   }
  }
 }
 
when HTTP_REQUEST_RELEASE {
  if { [info exists is_disabled] && $is_disabled == 0 } { return }
  if { [info exists path] } {
   HTTP::path $path
   unset is_disabled
   unset path
  }
 }

Majed · ‎31-Oct-2020

Thank you very much. Indeed calendar is working now.

zanoob1 · ‎26-Jan-2023

Hello there,

I also have the same problem but the above irule did not help in resolving.

Got the same irule from an article too but still getting 403 error and i still see some /EWS and autodiscover request coming into APM even when the irule is set to disable APM for the URI.

priority 1
when HTTP_REQUEST {
set is_disabled 0
switch -glob [string tolower [HTTP::path]] {
"/EWS/mrsproxy.svc*" -
"/EWS/mrsproxy.svc" -
"/ews/mrsproxy.svc" -
"/EWS/exchange.asmx*" -
"/EWS/exchange.asmx" -
"/ews/exchange.asmx" -
"/EWS/Services.wsdl" -
"/ews/Services.wsdl" -
"/EWS/exchange.asmx/wssecurity*" -
"/ews/exchange.asmx/wssecurity" -
"/EWS/exchange.asmx/wssecurity" {
set is_disabled 1
set path [HTTP::path]
ACCESS::disable
HTTP::path _disable-$path
pool /Common/hem_exchange_2016_dtag.app/hem_exchange_2016_dtag_ews_pool7
}
"/autodiscover/autodiscover.svc/wssecurity" -
"/autodiscover/autodiscover.xml" -
"/autodiscover/autodiscover.json" -
"/autodiscover/autodiscover.svc" {
set is_disabled 1
set path [HTTP::path]
ACCESS::disable
HTTP::path _disable-$path
pool /Common/hem_exchange_2016_dtag.app/hem_exchange_2016_dtag_ad_pool7
}
}
}
when HTTP_REQUEST_RELEASE {
if { [info exists is_disabled] && $is_disabled == 0 } { return }
if { [info exists path] } {
HTTP::path $path
unset is_disabled
unset path
}
}

and still see in APM logs

DevCentral

Microsoft Teams Calendar is not syncing with exchange calendar through APM

Khoros Kudos Award 2022