Hey,
I am going to roll out a change to the os-caddy plugin that needs some testing.
I need somebody who runs os-caddy and an Exchange Server 2016 or higher and is currently reverse proxying it with os-caddy, and also uses an external Outlook 2016 or higher client. (Maybe I'm lucky xD)
There's this feature called NTLM transport in Caddy that is compiled in. In these PRs, I have implemented HTTP version and HTTP keepalive in order to see if they can replace NTLM in the future.
The NTLM module says, it is essentially doing HTTP "versions 1.1" and "keepalive off".
https://github.com/caddyserver/ntlm-transport
So, if anybody could test if these options will still make an Outlook 2016 or higher Client connect successfully to a reverse proxied Exchange Server, would be highly appreciated.
Instead of "NTLM", HTTP Version "HTTP1.1" and HTTP Keepalive "0" have to be chosen.
It works when Outlook has no authentication popup that won't go away.
I want to be able to decide if I can phase the NTLM module out or not.
PRs:
https://github.com/opnsense/plugins/pull/4072
https://github.com/opnsense/plugins/pull/4071
Thank you~
I was lucky and got my hands on Exchange 2019 and Outlook 2019 behind Caddy, and I could verify that the transport http_ntlm module is still needed. It can't be replicated with the transport http module. So, NTLM will stay indefinitely until it won't work anymore.