cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Intelligent Application Gateway (IAG) block OWA

Go to solution
Tonaco_pt
Moderator
Moderator
Partner    VIP    Accredited

‎09-07-2012 03:43 AM

Hi all,

The team that manage the IAG send my the following event:

 

Severity    Warning
Time   09-05-2012 11:08
ID   45
Category   Security
Trunk   atinternet (S)
Description   Request failed, URL rejected by URL Inspection rule. Trunk: atinternet; Secure=1; Application Name: OWA; Application Type: OWA2003SP1; Rule: OWA2003SP1_Rule3; Parameter: cmd; Value: EVSettings; Failure reason: Parameter value failed 'Value' check; Source IP: #,#,#,#; Method: GET; URL: /exchange/user/?cmd=EVSettings.

When this event appears the user can´t forward/reply/delete an owa message, the ask for our help because all the seach indicate an Enterprise vault problem "/?cmd=EVSettings".

My question is:
Why does some users not belonging to an provisioning Group get this event.
Is there any information that would help us configure the IAG to access the enterprise vault with out problem?

I will like to thanks you in advance, I don´t know anything about IAG and this problem migth not have anything to do with EV.

Exchange 2003 SP2/Enterprise Vault 9.0.3

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Andrew_G_
Level 5
Employee Accredited

‎09-07-2012 09:56 AM

The OWA extensions are active for every user, that request is to determine whether the user is enabled or not and show (or not) the Enterprise Vault functionality.

 

Similarly if the non-enabled user logs into Outlook with the add-in installed, they will not see Enterprise Vault functionality, but the add-in is running.

View solution in original post

0 Kudos
8 REPLIES 8

Go to solution
Nups
Level 4
Employee Certified

‎09-07-2012 04:01 AM

Hi Tonaco.pt,

 

If I understand the issue correctly you are not able to access the vaulted items from OWA and I believe with outlook the affected users are able to access the items without issues.

Kindly confirm if there were any changes done to the Exhange backend servers(addition/modification of the stores) after running the EV OWA setup on backend severs ?

 

0 Kudos

Go to solution
TonySterling
Moderator
Moderator
Partner    VIP    Accredited Certified

‎09-07-2012 05:50 AM

You said these users don't belong to a provisiong group, are they still enabled? 

 

0 Kudos

Go to solution
Tonaco_pt
Moderator
Moderator
Partner    VIP    Accredited

‎09-07-2012 06:56 AM

No they are not enable.

0 Kudos

Go to solution
Tonaco_pt
Moderator
Moderator
Partner    VIP    Accredited

‎09-07-2012 07:12 AM

I did not explain my self correctly, the user are not enable, they don´t belong to any provisioning group, they are not trying to access any vault archive. But they still get that event message

0 Kudos

Go to solution
Andrew_G_
Level 5
Employee Accredited

‎09-07-2012 09:01 AM

That is a valid Enterprise Vault request. Have you seen this article?

http://www.symantec.com/business/support/index?page=content&id=TECH53414

0 Kudos

Go to solution
Tonaco_pt
Moderator
Moderator
Partner    VIP    Accredited

‎09-07-2012 09:15 AM

But why does a Non Vault User, gets this request?

The user in is workstation in the local domain does not have Enterprise Vault (EV) Outlook Web Access (OWA) button.

0 Kudos

Go to solution
Andrew_G_
Level 5
Employee Accredited

‎09-07-2012 09:56 AM

The OWA extensions are active for every user, that request is to determine whether the user is enabled or not and show (or not) the Enterprise Vault functionality.

 

Similarly if the non-enabled user logs into Outlook with the add-in installed, they will not see Enterprise Vault functionality, but the add-in is running.

0 Kudos

Go to solution
Tonaco_pt
Moderator
Moderator
Partner    VIP    Accredited

‎09-07-2012 02:42 PM

If I understand you correct If my Front-end server has the Enterprise Vault OWA Extensions install the request "/exchange/user/?cmd=EVSettings" is always send. I have to authorize the URL in the IAG.

Thank all for your help. 

0 Kudos