Welcome! Log In Create A New Profile

Advanced

RP Nginx and Outlook Anywhere with NTLM Authentication

Posted by Patrice ROUX 
Forum List Message List New Topic
Patrice ROUX
RP Nginx and Outlook Anywhere with NTLM Authentication
April 14, 2016 04:27AM
Hi everybody,

I am currently migrating a reverse proxy ISA server to a Nginx proxy.

Everything is ok except the part outlook anywhere ...

With ISA Server, there are currently 100 users outlook anywhere with NTLM authentication configured on the client. On my ISA Server, authentication is at "No delegation, but client may authenticate directly"

I want to put on my RP nginx, a "transparent" mode allowing me to make my Exchange server authentication lying behind my RP. I can not make this part.

Can you help me or advise me?

Below, my config file for Part RPC over https.

Thank you in advance,


server {

listen 443 ssl;
server_name mail.example.com;
server_name mail2.example;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_certificate /etc/ssl/certs/example.com.crt;
ssl_certificate_key /etc/ssl/certs/example.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;

proxy_http_version 1.1;
proxy_read_timeout 3h;
proxy_pass_header Date;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "";

client_body_buffer_size 1024k;
proxy_buffering off;

location / { return 301 https://mail.example.com/owa;}

location /owa { proxy_pass https://mail.local/owa;include /etc/nginx/naxsi/naxsi_mail.rules;include /etc/nginx/naxsi_whitelist/mail-whitelist.rules;more_set_headers -s 401 'WWW-Authenticate: Basic';more_set_input_headers 'Authorization: $http_authorization';proxy_set_header Connection "Keep-Alive"; proxy_pass_request_headers on; proxy_buffering off;proxy_pass_header Authorization;}
location /Microsoft-Server-ActiveSync { proxy_pass https://mail.local/Microsoft-Server-ActiveSync;include /etc/nginx/naxsi/naxsi_mail.rules;include /etc/nginx/naxsi_whitelist/mail-whitelist.rules; }
location /rpc/rpcproxy.dll { proxy_pass http://mail.local/rpc/rpcproxy.dll;include /etc/nginx/naxsi/naxsi_mail.rules;include /etc/nginx/naxsi_whitelist/mailm-whitelist.rules;proxy_set_header Connection "Keep-Alive";proxy_pass_request_headers on; proxy_buffering off;client_max_body_size 2G;proxy_request_buffering off;more_set_headers -s 401 'WWW-Authenticate: Basic';proxy_redirect default;more_set_input_headers 'Authorization: $http_authorization';}
access_log on;
access_log /var/log/nginx/mail-access.log;
error_log /var/log/nginx/mail-error.log warn;
}
Reply Quote
Patrice ROUX
Re: RP Nginx and Outlook Anywhere with NTLM Authentication
April 14, 2016 04:27AM
All is good about Microsoft-serversync and OWA.
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 254
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready