Forum Discussion

TJ_Vreugdenhil's avatar
Dec 30, 2014

restrict OWA APM by using AD security groups

I have a working Exchange 2013 OWA APM configuration. I would like to add the ability to restrict OWA by using Active Directory security groups. "EXCH_OWA" is the name of the distribution list.

 

Below is my VPE.

 

4 Replies

  • mikeshimkus_111's avatar
    mikeshimkus_111
    Historic F5 Account

    Grayson is correct. Also, since you're using the iApp, you could choose the option to "restrict EAC access by group membership", disable strictness on the iApp, and modify the EAC URL check and AD query policy events to match /owa and EXCH_OWA instead.

     

  • This worked great for user attribute. However, do you guys know how to match on a AD Security Group in the APM instead of just a user attribute?

     

    Thanks!

     

    • Grayson_149410's avatar
      Grayson_149410
      Icon for Nimbostratus rankNimbostratus
      Can you give some more info on what you are trying to do? Not sure I understand and fill like some details are missing.
  • For example this is how it looks in AD:

     

     

    VDI-regionA

     

    VDI-regionB

     

    But then running a APM debug I don't see these Security Group names above, all I see is the user attributes - example: CN=VDI_TEST,OU=VDI Groups,OU=Security Groups | CN=VDI Support

     

    These user attributes are more global and not a specific as the user groups in the image above.

     

    Thanks!