Hi,
We are currently implementing Exchange 2007 with Symantec Enterprise Vault. I've managed to get everything working except.
Enterprise Vault Via Outlook Plugin without having to re-ente...
After adding this to the SSO iRule. We keep getting this NTLM Popups and every email under archive we click we get the NTLM Popup.
Below is a sample screenshot.
All iRules Assigned
1) MS_Exchange_2007_owa_redirect_irule7
when HTTP_REQUEST {
if { ([HTTP::uri] == "/") } {
HTTP::redirect https://[HTTP::host]/owa/
}
}
MS_Exchange_2007_login_timeout
when RULE_INIT {
set static::cookie_sessionid [format "sessionid=null; path=/; Expires=Thurs, 01-Jan-1970 00:00:00 GMT;"]
set static::cookie_cadata [format "cadata=null; path=/; Expires=Thurs, 01-Jan-1970 00:00:00 GMT;"] }
when ACCESS_SESSION_STARTED {
if { [string tolower [HTTP::uri]] contains "ua=0" } {
ACCESS::session remove
}
}
when ACCESS_ACL_ALLOWED {
set apm_mrhsession [HTTP::cookie value "MRHSession"]
if { [table lookup $apm_mrhsession] == "EXCHANGE_LOGOUT" } {
ACCESS::session remove
table delete $apm_mrhsession
}
}
when HTTP_REQUEST {
set isset 0
if {[string tolower [HTTP::uri]] starts_with "/owa" } {
if {[string tolower [HTTP::uri]] contains "logoff" } {
ACCESS::session remove
HTTP::respond 302 Location "https://[HTTP::host]/vdesk/hangup.php3" "Set-Cookie" $static::cookie_sessionid "Set-Cookie" $static::cookie_cadata
} else {
if { [string tolower [HTTP::uri]] contains "ua=0" } {
set mrhsession [HTTP::cookie value "MRHSession"]
set isset 1
}
}
}
}
when HTTP_RESPONSE {
if { $isset == 1 } {
if { $mrhsession != "" && [HTTP::status] == 440 } {
table set $apm_mrhsession "EXCHANGE_LOGOUT"
return
}
}
}
3) MS_Exchange_2007_apm_combined_pool_irule7
when ACCESS_ACL_ALLOWED {
set sessionid [ACCESS::session data get "session.user.sessionid"]
switch -glob -- [string tolower [HTTP::path]] {
"/microsoft-server-activesync" {
pool /Common/MS_Exchange_2007.app/MS_Exchange_2007_as_pool7
persist uie $sessionid 7200
COMPRESS::disable
CACHE::disable
return
}
"/owa" {
pool /Common/MS_Exchange_2007.app/MS_Exchange_2007_owa_pool7
persist uie $sessionid 7200
return
}
"/ews*" {
pool /Common/MS_Exchange_2007.app/MS_Exchange_2007_oa_pool7
persist uie $sessionid 7200
COMPRESS::disable
CACHE::disable
return
}
"/ecp*" {
pool /Common/MS_Exchange_2007.app/MS_Exchange_2007_owa_pool7
persist uie $sessionid 7200
return
}
"/oab*" {
pool /Common/MS_Exchange_2007.app/MS_Exchange_2007_oa_pool7
persist none
return
}
"/rpc/rpcproxy.dll*" {
pool /Common/MS_Exchange_2007.app/MS_Exchange_2007_oa_pool7
COMPRESS::disable
CACHE::disable
persist uie $sessionid 7200
return
}
"/autodiscover*" {
pool /Common/MS_Exchange_2007.app/MS_Exchange_2007_ad_pool7
persist none
return
}
"/enterprisevault*" {
pool /Common/EV_POOL
return
COMPRESS::disable
CACHE::disable
}
default {
This final section takes all traffic that has not otherwise
been accounted for and sends it to the pool for Outlook Web
App
pool /Common/MS_Exchange_2007.app/MS_Exchange_2007_owa_pool7
persist uie $sessionid 7200
}
}
}
when HTTP_RESPONSE {
if { [string tolower [HTTP::header values "WWW-Authenticate"]] contains "negotiate"} {
ONECONNECT::reuse disable
ONECONNECT::detach disable
NTLM::disable
}
if {[HTTP::header exists "Transfer-Encoding"]} {
HTTP::payload rechunk
}
}
MS_Exchange_2007_select_sso_irule7
when ACCESS_ACL_ALLOWED {
set req_uri [string tolower [HTTP::uri]]
if { $req_uri contains "/owa/auth" } {
WEBSSO::select [set foo /Common/MS_Exchange_2007.app/exch_form_basedv2_sso]
}
unset req_uri
}
5: MRHSession
when HTTP_REQUEST {
if { ( [HTTP::cookie exists MRHSession] ) and not ( [ACCESS::session exists -state_allow [HTTP::cookie value MRHSession]] ) } {
if { ( [HTTP::uri] ne [ACCESS::session data get session.server.landinguri] ) and not ( [ACCESS::session data get session.server.landinguri] eq "" ) } {
HTTP::redirect [ACCESS::session data get session.server.landinguri]
}