This guide assumes an SSO Domain is configured on the LoadMaster. For more information and steps for setting up an SSO Domain, refer to the Edge Security Pack (ESP) Feature Description.

  1. Click View/Modify Services in the left-hand navigation.

  2. Click Modify for the Exchange 2019 HTTPS Offloaded with ESP Virtual Service on port 443 (or the Exchange 2019 HTTPS Reencrypted with ESP if that was selected during the creation).
  3. Expand the SubVSs section.
  4. For each SubVS the following fields must be configured. Click the set button next to each field entered.
SubVS Name Pre-Authorization Excluded Directories Allowed Virtual Hosts Logoff String User Password Form
Authentication Proxy n/a Required n/a n/a
ActiveSync n/a Required n/a n/a
API n/a n/a n/a n/a
Autodiscover n/a Required n/a n/a
ECP n/a Required n/a n/a
EWS n/a Required n/a n/a
MAPI n/a Required n/a n/a
OAB n/a Required n/a n/a
OWA /owa/<guid@smtpdomain>*1 Required /owa/logoff.owa https://<Exchange URL> /owa/auth/expiredpassword.aspx?url=/owa/auth.owa
PowerShell n/a Required n/a n/a
RPC n/a Required n/a n/a

Note: 1GUID is unique to each Exchange deployment. To find the correct GUID, run the following command on the Exchange Server: Get-Mailbox -Arbitration | where {$_.PersistedCapabilities -like “OrganizationCapabilityClientExtensions”} | fl exchangeGUID, primarysmtpaddressThe Logoff String must be set to /owa/logoff.owa in the OWA SubVS. In a customized environment, if the OWA logoff string has been changed, the modified logoff string must be entered in the Logoff String text box.The SSO Greeting Message field accepts HTML code, so the users can insert their own image if desired. The grave accent character ( ` ) is not supported. If this character is entered in the SSO Greeting Message, the character will not display in the output, for example, a`b`c becomes abc.