Our the exchange team says the bearer header would be used by the outlook client and this is required for hybrid authentication with o365 to work. Currently they use on prem authentication with bigip apm.
This bearer auth should be sent to the exchange server but seems apm just doesn't as I don't see the POST request with the bearer header on the f5 server side pcap.
This f5 kb says, using the irule mentioned should fix the problem by bypassing apm - https://support.f5.com/csp/article/K34862994
As seen here on fiddler, the response is still with an NTLM auth header from apm.
https://i.imgur.com/EjxM0Ni.png
And I don't see any post towards the exchange when filtering for it.
No comments:
Post a Comment