[NetScaler Unified Gateway and Exchange OWA 2016 Problem]

I got it ! :-)

 

Here is the Solution:

 

1. Configure your App in UG as Intranet Application:

 

 

2. Create your Traffic and Form SSO Profiles and Policies at Security->AAA->Policys like this:

 

add tm formSSOAction AAA_profile_OWA_sso_form -actionURL "/owa/auth.owa" -userField username -passwdField password -ssoSuccessRule "HTTP.RES.SET_COOKIE.COOKIE(\"cadata\").VALUE(\"cadata\").LENGTH.GT(70)" -r

 

add tm trafficAction AAA_pol_OWA_sso_trafic -appTimeout 1 -SSO ON -formSSOAction AAA_profile_OWA_sso_form -persistentCookie OFF -InitiateLogout OFF -kcdAccount NONE

 

 

add tm trafficPolicy aaa_pol_OWA_sso_traffic "HTTP.REQ.URL.CONTAINS(\"owa/auth/logon.asp\")" AAA_pol_OWA_sso_trafic

 

 

3. Bind the Traffic Policy to your LB vServer, not to the UG vServer!

 

bind lb vserver srv_cas_owa -policyName aaa_pol_OWA_sso_traffic -priority 100 -gotoPriorityExpression END -type REQUEST

 

4. At the LB vServer for OWA set the Authentication Options to:

 

 

5. It Works  :)

 

 

Best regard

 

Frank

 

 

[NetScaler Unified Gateway and Exchange OWA 2016 Problem]

I got it ! :-)

 

Here is the Solution:

 

1. Configure your App in UG as Intranet Application:

 

 

2. Create your Traffic and Form SSO Profiles and Policies at Security->AAA->Policys like this:

 

add tm formSSOAction AAA_profile_OWA_sso_form -actionURL "/owa/auth.owa" -userField username -passwdField password -ssoSuccessRule "HTTP.RES.SET_COOKIE.COOKIE(\"cadata\").VALUE(\"cadata\").LENGTH.GT(70)" -r

 

add tm trafficAction AAA_pol_OWA_sso_trafic -appTimeout 1 -SSO ON -formSSOAction AAA_profile_OWA_sso_form -persistentCookie OFF -InitiateLogout OFF -kcdAccount NONE

 

 

add tm trafficPolicy aaa_pol_OWA_sso_traffic "HTTP.REQ.URL.CONTAINS(\"owa/auth/logon.asp\")" AAA_pol_OWA_sso_trafic

 

 

3. Bind the Traffic Policy to your LB vServer, not to the UG vServer!

 

bind lb vserver srv_cas_owa -policyName aaa_pol_OWA_sso_traffic -priority 100 -gotoPriorityExpression END -type REQUEST

 

4. At the LB vServer for OWA set the Authentication Options to:

 

 

 

5. It Works  :)

 

 

Best regard

 

Frank

 

 

[NetScaler Unified Gateway and Exchange OWA 2016 Problem]

With normal Content Switching everything is fine.

By the way, I've removed

 

<add key="LogonSettings.SignOutKind" value="LegacyLogOff" />

 

in owa/web.config to bring the Logoff page back.  :)

Yes, with normal CS its fine. But with UG not..

 

Thanks for the Logoff Know-How :)

 

Can anybody help us with the UG Issue ?

[NetScaler Unified Gateway and Exchange OWA 2016 Problem]

 

Same problem with v11.0.64.34. The Content-Part doesn't load.

Hi,

I've taken a closer look on that. The NetScaler is manipulationg the URLs:

 

The Netscaler places an string like "*/cpvn/XXXXXXXXXXXX" after "/owa/#path=" in the URL.

When you manually delete this string -> "*/owa/#path=/mail", the Content-part is loading.

 

So, why does the NetScaler this, and how can we stopp it ?

 

[NetScaler Unified Gateway and Exchange OWA 2016 Problem]

Good Morning,

 

I have successfully configured the Unified Gateway with OWA 2016 and SSO.

 

But when the User opens OWA, the Content of the Site is Missing (see Attach).

With ECP there are no problems.

When I open the OWA directly on the Exchange, everything is fine.

 

 

My config is: Unified gateway -> Loadbalancer vServer -> 2x Exchange 2016 Server

 

 

Can anyone please help me to troubleshooting this Issue ?

 

Kind regards

 

Frank Loeppert