Exchange 2019 and NGINX

[itngo]

Hi,
following this Guide https://forum.opnsense.org/index.php?topic=21154.msg99523#msg99523
we get Exchange WAF up and running for Autodiscover and Outlook/MAPI very well.
However there stays one issue when we try to download OAB from Clients.

Wenn we switch DNS back to our Sophos UTM-WAF the issue is gone.
There is nothing logged in nginx-error-log or web-error-log. Just additional 401 responses.

Maybe someone had this fixed already?

[Fright]

hi
nginx itself still not support ntlm auth (for free) 
did you try to apply the "autodiscover trick" to OAB location?
is basic auth is enabled for OAB on Exch?

*since https://forum.opnsense.org/index.php?topic=21154.msg99523#msg99523 location hook is added to the plugin. http hook will be there with next plugin ver.  and nginx is built with headers_more module. so you can do the same with less directives 

[itngo]

Hi,
yes we made the "autodiscover trick" for all locations/folders and also set Basic-Auth on Exchange.
But the issue with OAB still persists....

[Fright]

Hi
hm, can you check what auth type is set in server 401 response please?

[itngo]

forget it. Exchange Admin missed to enable OAB Web distribution.
Exchange Powershell -> Get-OfflineAddressBook | Set-OfflineAddressBook  -GlobalWebDistributionEnabled $true
fixed it.

Outlook through UTM was working, cause test client was also "internal" and might have talked by RPC to the Server....
So call this a non existent issue which is fixed now.

Thank you!

[Fright]

great!