Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

F5 webmail exchange 2016 - "Access policy evaluation is already in progress for your current session."

We recently moved over to outlook 2016. Users that are on 2010 connect fine and never have an issue. the new users that have moved over to 2016 mailboxes get the error message above in the title. When they connect, they get the following addons to their URL:

  • ?bO=1
  • sessiondata.ashx#appcacheclient=1&acver=15.1.1591.8&crr=1

I have tried irules from the following devcentral questions and answers with no success:

If i have users open a browser in "InPrivate Browsing" or "Incognito" mode, they don't get the error. I have also tried the windows_10_anniversary_fix as well as all the irules on page 76 of the iapp deployment guide for exchange 2016.

Deployment guide stuff i tested and doesn't work:

when HTTP_REQUEST {

if { [HTTP::cookie exists "IsClientAppCacheEnabled"] } {

HTTP::cookie "IsClientAppCacheEnabled" False

}

}

and tried this:

when HTTP_REQUEST {

if { [HTTP::cookie exists "IsClientAppCacheEnabled"] } {

HTTP::cookie remove "IsClientAppCacheEnabled"

HTTP::cookie insert name "IsClientAppCacheEnabled" value False

}

}

I have a ticket open with F5 but they are saying oh just check the guide. not helpful. Hoping someone from the community can help me. thanks in advance!

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi,

This preload issue could be solved with this irule:

when ACCESS_SESSION_STARTED {
    set landinguri [ACCESS::session data get session.server.landinguri]
    switch -glob $landinguri {
        "/owa/plt1.ashx?*" -
        "/owa/sessiondata.ashx?appcacheclient=1" -
        "/owa/userspecificresourceinjector.ashx?*&appcacheclient=1*" -
        "/owa/manifests/appCacheManifestHandler.ashx?owamanifest=1" {
            ACCESS::respond 403 -version "1.1" noserver "Connection" "Close"
            ACCESS::session remove
            return
        }
    }
}

Cheers,

Kees

0
Comments on this Answer
Comment made 1 week ago by Rosieodonell 367

Yah I tried this code before from the link above (Stanislan Piron above). It didn't work for me.

0
Comment made 1 week ago by Kees van den Bos 767

Strange, I use both irules without any issues (they work for me). (sorry, forgot to read the links in your question)

0
Comment made 1 week ago by Rosieodonell 367

What type of authentication are you using? kerberos or forms?

0
Comment made 1 week ago by Kees van den Bos 767

Formbased.

0