Anonymous_User Absent Member.
Absent Member.
466 views

NAM 3.2 (single box), Exchange 2010 WebAccess and Activesync


I'm running a fresh install of NAM 3.2 Appliance (3.2.1-57 according to
the Dashboard, single box) and we're in the process of migrating
Groupwise to Exchange 2010.

I'm trying to get Outlook Web Access (OWA) and Exchange Activesync (EAS)
working through NAM. The NAM manual has information on OWA, but it looks
like this is for an older version of Exchange. I managed to get it
working using a form fill, combining the information from the manual
with my own digging through html source for the OWA login page. However,
after logging in OWA seems to function only half, with occasional popups
that break the interface and errors about notifications not being
displayed.

Then there's Activesync, on which I haven't been able to find much
information at all.

Has anyone managed to get this working properly? I would love some
pointers to get me going in the right direction. I don't have a lot of
NAM experience, so that doesn't help the troubleshooting efforts either.


--
andreboogaards
------------------------------------------------------------------------
andreboogaards's Profile: https://forums.netiq.com/member.php?userid=3259
View this thread: https://forums.netiq.com/showthread.php?t=46203

0 Likes
4 Replies
Anonymous_User Absent Member.
Absent Member.

Re: NAM 3.2 (single box), Exchange 2010 WebAccess and Activesync

andreboogaards,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

Has your issue been resolved? If not, you might try one of the following options:

- Visit http://www.netiq.com/support and search the knowledgebase and/or check all
the other support options available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.netiq.com)

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.netiq.com/faq.php

If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your NetIQ Forums Team
http://forums.netiq.com


0 Likes
dssuski Absent Member.
Absent Member.

Re: NAM 3.2 (single box), Exchange 2010 WebAccess and Activesync

On 11/20/2012 6:14 AM, andreboogaards wrote:
>
> I'm running a fresh install of NAM 3.2 Appliance (3.2.1-57 according to
> the Dashboard, single box) and we're in the process of migrating
> Groupwise to Exchange 2010.
>
> I'm trying to get Outlook Web Access (OWA) and Exchange Activesync (EAS)
> working through NAM. The NAM manual has information on OWA, but it looks
> like this is for an older version of Exchange. I managed to get it
> working using a form fill, combining the information from the manual
> with my own digging through html source for the OWA login page. However,
> after logging in OWA seems to function only half, with occasional popups
> that break the interface and errors about notifications not being
> displayed.
>
> Then there's Activesync, on which I haven't been able to find much
> information at all.
>
> Has anyone managed to get this working properly? I would love some
> pointers to get me going in the right direction. I don't have a lot of
> NAM experience, so that doesn't help the troubleshooting efforts either.
>
>

I know this is an old post but in case anyone else is trying to do this,
I think the problem lies with the redirection that occurs when
authenticating. Without protection works fine, so I think the only
option is opening only the Activesync directory and requiring certs from
Exchange.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: NAM 3.2 (single box), Exchange 2010 WebAccess and Activesync


Hi!

There are 2 approaches for OWA:
- FormFill --> see http://www.novell.com/support/kb/doc.php?id=7006961
- Indentity Injection --> enable Basic Auth on IIS for /owa and /ecp
and set your ADS domain in the "Default Domain" field
Both are working in my installations, Identity Injection is the
preferred way, because there are no issues wich changing login pages.
Make sure, that you add the urls /owa/* and /ecp/* to your protected
resource!

I only got Active Sync behind NAM working, when it was a public
ressource. I´ve also played with none-redirected logins but without
success. As far as i´ve figured out, it is an username issue: ActiveSync
clients usually send the username in the format DOMAIN\USER and NAM
can´t successfully perform an LDAP bind with usernames in that format.

regards,
Thomas


--
reibenwein
------------------------------------------------------------------------
reibenwein's Profile: https://forums.netiq.com/member.php?userid=1382
View this thread: https://forums.netiq.com/showthread.php?t=46203

0 Likes
dssuski Absent Member.
Absent Member.

Re: NAM 3.2 (single box), Exchange 2010 WebAccess and Activesync

FYI, was finally able to get Activesync working using v3.2 of the Access
Gateway service. Thomas you were exactly right about the non-redirected
logon so thanks for pointing me down that road. But, as I don't know
which version you are running, I will say this, it will not function the
same way running LAG's at 3.1.427 - maybe that was causing your trouble?

We are currently logging in using username/password and Acc Mgr is
grabbing the userprincipalname and password and is pushing back to
Exchange while protecting the path /Microsoft-Server-ActiveSync/*

Did have to play with the authentication timeouts and also some of the
advanced options. iPhones were throwing errors that it couldn't connect
to the mail server when bouncing between wifi providers or going between
3G and wiFi. I'm not sure if all of these are needed but these are the
options I'm using and have not had any trouble since:

NAGGlobalOptions NAGErrorOnIPMismatch=off
NAGHostOptions mangleCookies=on
NAGWSMangleCookiePrefix AGMANGLE

These are also set, but doubt thay have any impact on the Activesync proxy:
NAGGlobalOptions InPlaceSilent
NAGGlobalOptions FlushUserCache=on

Hope this is useful to someone.


On 1/4/2013 6:24 AM, reibenwein wrote:
>
> Hi!
>
> There are 2 approaches for OWA:
> - FormFill --> see http://www.novell.com/support/kb/doc.php?id=7006961
> - Indentity Injection --> enable Basic Auth on IIS for /owa and /ecp
> and set your ADS domain in the "Default Domain" field
> Both are working in my installations, Identity Injection is the
> preferred way, because there are no issues wich changing login pages.
> Make sure, that you add the urls /owa/* and /ecp/* to your protected
> resource!
>
> I only got Active Sync behind NAM working, when it was a public
> ressource. I�ve also played with none-redirected logins but without
> success. As far as i�ve figured out, it is an username issue: ActiveSync
> clients usually send the username in the format DOMAIN\USER and NAM
> can�t successfully perform an LDAP bind with usernames in that format.
>
> regards,
> Thomas
>
>


0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.