Frank Löppert
-
Posts
5 -
Joined
-
Last visited
Content Type
Forums
Articles
Labs
Videos
TechZone
Citrix Community Articles
Events
Profiles
Posts posted by Frank Löppert
-
-
I got it ! :-)
Here is the Solution:
1. Configure your App in UG as Intranet Application:
2. Create your Traffic and Form SSO Profiles and Policies at Security->AAA->Policys like this:
add tm formSSOAction AAA_profile_OWA_sso_form -actionURL "/owa/auth.owa" -userField username -passwdField password -ssoSuccessRule "HTTP.RES.SET_COOKIE.COOKIE(\"cadata\").VALUE(\"cadata\").LENGTH.GT(70)" -r
add tm trafficAction AAA_pol_OWA_sso_trafic -appTimeout 1 -SSO ON -formSSOAction AAA_profile_OWA_sso_form -persistentCookie OFF -InitiateLogout OFF -kcdAccount NONE
add tm trafficPolicy aaa_pol_OWA_sso_traffic "HTTP.REQ.URL.CONTAINS(\"owa/auth/logon.asp\")" AAA_pol_OWA_sso_trafic
3. Bind the Traffic Policy to your LB vServer, not to the UG vServer!
bind lb vserver srv_cas_owa -policyName aaa_pol_OWA_sso_traffic -priority 100 -gotoPriorityExpression END -type REQUEST
4. At the LB vServer for OWA set the Authentication Options to:
5. It Works :)
Best regard
Frank
-
With normal Content Switching everything is fine.
By the way, I've removed
<add key="LogonSettings.SignOutKind" value="LegacyLogOff" />
in owa/web.config to bring the Logoff page back. :)
Yes, with normal CS its fine. But with UG not..
Thanks for the Logoff Know-How :)
Can anybody help us with the UG Issue ?
-
Same problem with v11.0.64.34. The Content-Part doesn't load.
Hi,
I've taken a closer look on that. The NetScaler is manipulationg the URLs:
The Netscaler places an string like "*/cpvn/XXXXXXXXXXXX" after "/owa/#path=" in the URL.
When you manually delete this string -> "*/owa/#path=/mail", the Content-part is loading.
So, why does the NetScaler this, and how can we stopp it ?
-
Good Morning,
I have successfully configured the Unified Gateway with OWA 2016 and SSO.
But when the User opens OWA, the Content of the Site is Missing (see Attach).
With ECP there are no problems.
When I open the OWA directly on the Exchange, everything is fine.
My config is: Unified gateway -> Loadbalancer vServer -> 2x Exchange 2016 Server
Can anyone please help me to troubleshooting this Issue ?
Kind regards
Frank Loeppert
NetScaler Unified Gateway and Exchange OWA 2016 Problem
in Core ADC use cases
Posted
I got it ! :-)
Here is the Solution:
1. Configure your App in UG as Intranet Application:
2. Create your Traffic and Form SSO Profiles and Policies at Security->AAA->Policys like this:
add tm formSSOAction AAA_profile_OWA_sso_form -actionURL "/owa/auth.owa" -userField username -passwdField password -ssoSuccessRule "HTTP.RES.SET_COOKIE.COOKIE(\"cadata\").VALUE(\"cadata\").LENGTH.GT(70)" -r
add tm trafficAction AAA_pol_OWA_sso_trafic -appTimeout 1 -SSO ON -formSSOAction AAA_profile_OWA_sso_form -persistentCookie OFF -InitiateLogout OFF -kcdAccount NONE
add tm trafficPolicy aaa_pol_OWA_sso_traffic "HTTP.REQ.URL.CONTAINS(\"owa/auth/logon.asp\")" AAA_pol_OWA_sso_trafic
3. Bind the Traffic Policy to your LB vServer, not to the UG vServer!
bind lb vserver srv_cas_owa -policyName aaa_pol_OWA_sso_traffic -priority 100 -gotoPriorityExpression END -type REQUEST
4. At the LB vServer for OWA set the Authentication Options to:
5. It Works :)
Best regard
Frank