Quantcast
Channel: Nginx Forum - How to...
Viewing all articles
Browse latest Browse all 4759

RP Nginx and Outlook Anywhere with NTLM Authentication

$
0
0
Hi everybody,

I am currently migrating a reverse proxy ISA server to a Nginx proxy.

Everything is ok except the part outlook anywhere ...

With ISA Server, there are currently 100 users outlook anywhere with NTLM authentication configured on the client. On my ISA Server, authentication is at "No delegation, but client may authenticate directly"

I want to put on my RP nginx, a "transparent" mode allowing me to make my Exchange server authentication lying behind my RP. I can not make this part.

Can you help me or advise me?

Below, my config file for Part RPC over https.

Thank you in advance,


server {

listen 443 ssl;
server_name mail.example.com;
server_name mail2.example;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_certificate /etc/ssl/certs/example.com.crt;
ssl_certificate_key /etc/ssl/certs/example.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;

proxy_http_version 1.1;
proxy_read_timeout 3h;
proxy_pass_header Date;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "";

client_body_buffer_size 1024k;
proxy_buffering off;

location / { return 301 https://mail.example.com/owa;}

location /owa { proxy_pass https://mail.local/owa;include /etc/nginx/naxsi/naxsi_mail.rules;include /etc/nginx/naxsi_whitelist/mail-whitelist.rules;more_set_headers -s 401 'WWW-Authenticate: Basic';more_set_input_headers 'Authorization: $http_authorization';proxy_set_header Connection "Keep-Alive"; proxy_pass_request_headers on; proxy_buffering off;proxy_pass_header Authorization;}
location /Microsoft-Server-ActiveSync { proxy_pass https://mail.local/Microsoft-Server-ActiveSync;include /etc/nginx/naxsi/naxsi_mail.rules;include /etc/nginx/naxsi_whitelist/mail-whitelist.rules; }
location /rpc/rpcproxy.dll { proxy_pass http://mail.local/rpc/rpcproxy.dll;include /etc/nginx/naxsi/naxsi_mail.rules;include /etc/nginx/naxsi_whitelist/mailm-whitelist.rules;proxy_set_header Connection "Keep-Alive";proxy_pass_request_headers on; proxy_buffering off;client_max_body_size 2G;proxy_request_buffering off;more_set_headers -s 401 'WWW-Authenticate: Basic';proxy_redirect default;more_set_input_headers 'Authorization: $http_authorization';}
access_log on;
access_log /var/log/nginx/mail-access.log;
error_log /var/log/nginx/mail-error.log warn;
}

Viewing all articles
Browse latest Browse all 4759

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>