Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 

Microsoft Teams Calendar is not syncing with exchange calendar through APM

Majed
Altocumulus
Altocumulus

Hello,

 

I have implemented a custom APM for exchange 2016 using exchange iapp v 1.2. it is working fine but when I deployed a hybrid exchange with office 365 to use Microsoft Teams, calendar is not working. If I disable APM, Calendar is syncing and working fine. the problem is when the traffic goes through APM.

we tried to bypass the APM by adding this rule to the app:

priority 1

when HTTP_REQUEST {

 set is_disabled 0

 switch -glob [string tolower [HTTP::path]] {

  "/ews/mrsproxy.svc" -

  "/ews/exchange.asmx/wssecurity" {

   set is_disabled 1

   set path [HTTP::path]

   ACCESS::disable

   HTTP::path _disable-$path

   pool /Common/Exchange2016.app/Exchange2016_as_pool7

  }

  "/autodiscover/autodiscover.svc/wssecurity" -

  "/autodiscover/autodiscover.svc" {

   set is_disabled 1

   set path [HTTP::path]

   ACCESS::disable

   HTTP::path _disable-$path

   pool /Common/Exchange2016.app/Exchange2016_as_pool7

  }

 }

}

when HTTP_REQUEST_RELEASE {

 if { [info exists is_disabled] && $is_disabled == 0 } { return }

  if { [info exists path] } {

   HTTP::path $path

   unset is_disabled

   unset path

 }

}

 

But still the calendar is not working.

I appreciate any help or if anyone has run into this issue before.

 

Regards,,,

13 REPLIES 13

Boris_R
Nimbostratus
Nimbostratus

Hi Majed, have you find an answer I've exactly the same problem, all the Microsoft part seems to be fine : hybrid configuration, oauth, licensing… But Calendar button doesn't appear for on-premise users...

I have not found any solution even I opened a ticket with F5 support but they did not provide any resolution.

Kaloyan
Cirrus
Cirrus

Just a guess from my side - try to disable APM for /ews* and /autodiscover* , not only for particular URIs...

When I made such exception, the exchange team wanted it in this way...

I disabled for all URLs but the same issue. i am thinking of taking exchange out of APM and find another way to apply MFA since the APM doesn't work.

Boris_R
Nimbostratus
Nimbostratus

I've tried on my side to take Exchange out of F5 (only autodiscover and EWS) and it doesn't resolve the problem. I have opened a ticket with Microsoft Support Premier yesterday, i'll tell you if we find...

thank you. actually I advised by Microsoft to apply Azure MFA through ADFS authentication. I have not applied that yet. I will be waiting your finding with MS support.

JesseG
Altostratus
Altostratus

Hi Majed,

 

Were you able to resolve this issue. I am having the same exact problem. Have Microsoft Premier support ticket open, but have not received much help so far. I was unsure if it is an F5 issue. Was F5 support able to help you?

 

Thank you

Majed
Altocumulus
Altocumulus

I am still working on it with both F5 and Microsoft and has not been solved yet.

Thanks.

 

I opened a support case with F5 as well. Will keep you posted.

JesseG
Altostratus
Altostratus

just an update for everyone.

 

Opened a support case with Microsoft and F5 but there was no progress made in resolving the issue yet

JesseG
Altostratus
Altostratus

modifying this iRule got the calendar working in teams

 

iRuleName: VSNAME_apm_disable_hybrid_uri_irule7.

 

priority 1   when HTTP_REQUEST { set is_disabled 0  switch -glob [string tolower [HTTP::path]] {   "/ews/mrsproxy.svc" -   "/ews/exchange.asmx" -   "/ews/exchange.asmx/wssecurity" {   set is_disabled 1   set path [HTTP::path]   ACCESS::disable   HTTP::path _disable-$path   pool /Common/WEBMAIL2016-547.app/WEBMAIL2016-547_ews_pool7 }   "/autodiscover/autodiscover.svc/wssecurity" -   "/autodiscover/autodiscover.json" -   "/autodiscover/autodiscover.svc" {   set is_disabled 1   set path [HTTP::path]   ACCESS::disable   HTTP::path _disable-$path pool /Common/WEBMAIL2016-547.app/WEBMAIL2016-547_ad_pool7   }   }  }   when HTTP_REQUEST_RELEASE {   if { [info exists is_disabled] && $is_disabled == 0 } { return }   if { [info exists path] } {   HTTP::path $path   unset is_disabled   unset path   }  }

 

Thank you very much. Indeed calendar is working now.

Hello there, 

I also have the same problem but the above irule did not help in resolving.

Got the same irule from an article too but still getting 403 error and i still see some /EWS and autodiscover request coming into APM even when the irule is set to disable APM for the URI.

priority 1
when HTTP_REQUEST {
set is_disabled 0
switch -glob [string tolower [HTTP::path]] {
"/EWS/mrsproxy.svc*" -
"/EWS/mrsproxy.svc" -
"/ews/mrsproxy.svc" -
"/EWS/exchange.asmx*" -
"/EWS/exchange.asmx" -
"/ews/exchange.asmx" -
"/EWS/Services.wsdl" -
"/ews/Services.wsdl" -
"/EWS/exchange.asmx/wssecurity*" -
"/ews/exchange.asmx/wssecurity" -
"/EWS/exchange.asmx/wssecurity" {
set is_disabled 1
set path [HTTP::path]
ACCESS::disable
HTTP::path _disable-$path
pool /Common/hem_exchange_2016_dtag.app/hem_exchange_2016_dtag_ews_pool7
}
"/autodiscover/autodiscover.svc/wssecurity" -
"/autodiscover/autodiscover.xml" -
"/autodiscover/autodiscover.json" -
"/autodiscover/autodiscover.svc" {
set is_disabled 1
set path [HTTP::path]
ACCESS::disable
HTTP::path _disable-$path
pool /Common/hem_exchange_2016_dtag.app/hem_exchange_2016_dtag_ad_pool7
}
}
}
when HTTP_REQUEST_RELEASE {
if { [info exists is_disabled] && $is_disabled == 0 } { return }
if { [info exists path] } {
HTTP::path $path
unset is_disabled
unset path
}
}

and still see in APM logs