Forum Discussion

Rabbit23_116296's avatar
Rabbit23_116296
Icon for Nimbostratus rankNimbostratus
Jan 27, 2014

Exchange 2010 SCOM monitoring broken by Access Policy Manager

We use APM internally for the service that only service that needs it, EWS (Exchange Web Services). SCOM uses built-in exchange cmdlets for testing availability of web services. They fail with a 401 unauthorized, it is probably the way the cmdlet was built and that it is receiving responses it does not expect, thus it fails...

 

I am trying to disable the APM for certain IP addresses but it doesn't seem to cut it: when HTTP_REQUEST { switch -glob [IP::client_addr] { "10.196.170." - "10.186.168." - "10.196.68." - "10.196.168." { ACCESS::disable log local0.notice "Disabled APM for [IP::client_addr]" } default { ACCESS::enable } } }

 

This does disable the APM but if I get challenged it does not accept my credentials. Anyone with any ideas?

 

microsoft

3 Replies

Sort By
  • mikeshimkus_111's avatar
    mikeshimkus_111
    Historic F5 Account
    Jan 27, 2014

    Hi, if you use the hosts file to bypass BIG-IP and point SCOM directly at the CAS server, does it still fail?

     

    I would remove ACCESS::enable from your default case. It's already enabled by default if you have the APM profile attached to the virtual server.

     

    Mike

     

  • Rabbit23_116296's avatar
    Rabbit23_116296
    Icon for Nimbostratus rankNimbostratus
    Jan 27, 2014

    Thanks. Yes if I point to the ip or nlb address of the CAS server then there's no problem. Ultimately id like these cmdlets to work through the f5.

     

  • mikeshimkus_111's avatar
    mikeshimkus_111
    Historic F5 Account
    Jan 27, 2014

    I'd be curious to see the output of /var/log/apm with APM debugging turned up.

     

    And maybe a traffic capture between the client>APM>CAS.