This guide assumes an SSO Domain is configured on the LoadMaster. For more information and steps for setting up an SSO Domain, refer to the Edge Security Pack (ESP) Feature Description.

  1. Click View/Modify Services (under Virtual Services) in the left-hand navigation.
  2. Click Modify for the Exchange 2019 HTTPS Offload with ESP and WAF Virtual Service on port 443 (or the Exchange 2019 HTTPS Reencrypted with ESP and WAF if that was selected during creation).
  3. Expand the SubVSs section.
  4. For each SubVS the following fields must be configured. Click the set button next to each field entered.
SubVS Name Pre-Authorization Excluded Directories Logoff String User Password Form
Authentication Proxy /api /autodiscover/autodiscover.svc /autodiscover/autodiscover.json /autodiscover/autodiscover.svc/wssecurity /ews/exchange.asmx/wssecurity /ews/exchange.asmx /ews/mrsproxy.svc n/a n/a
ActiveSync n/a n/a n/a
API n/a n/a n/a
Autodiscover n/a n/a n/a
ECP n/a n/a n/a
EWS n/a n/a n/a
MAPI n/a n/a n/a
OAB n/a n/a n/a
OWA /owa/<guid@smtpdomain>*1 /owa/logoff.owa
PowerShell n/a n/a n/a
RPC n/a n/a n/a

Note: 1GUID is unique to each Exchange deployment. To find the correct GUID, run the following command on the Exchange Server: Get-Mailbox -Arbitration | where {$_.PersistedCapabilities -like “OrganizationCapabilityClientExtensions”} | fl exchangeGUID, primarysmtpaddressThe Logoff String must be set to /owa/logoff.owa in the OWA SubVS. In a customized environment, if the OWA logoff string has been changed, the modified logoff string must be entered in the Logoff String text box.The SSO Greeting Message field accepts HTML code, so the users can insert their own image if desired. The grave accent character ( ` ) is not supported. If this character is entered in the SSO Greeting Message, the character will not display in the output, for example, a`b`c becomes abc.