How to configure HAProxy for OWA with Form Based Authentication?

A

Alexander2018-08-15 16:17:26

HAproxy

Alexander, 2018-08-15 16:17:26

Good day.
There is such a problem - I want to throw OWA out with Form Based Authentication. Outside 443 / tcp port is HAproxy as a reverse proxy, but when trying to access OWA, instead of prompting to enter a login / password, the browser gives an error "Server not found", redirecting to the name of the physical server, instead of the domain name. Somewhat crookedly described, but the point is that if you enter https://mail.company.com, it will try to find the authentication form at:
https://severname/owa/auth/logon.aspx?url=https:/ /...
although I would have expected to see:
https://mail.company.com/owa/auth/logon.aspx...
Inside the network, without HAProxy, everything works as expected. In which direction should you look?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

akelsey, 2018-08-18
@akelsey

Without a configuration it will be difficult to help you with anything, in fact it should look like this:

frontend exch
        bind :443 name https tcp-ut 30s
        default_backend exch-be

backend exch-be
        balance leastconn
        stick on src 
        option tcp-check
  stick-table type ip size 1m expire 2h
        server exh-cmb1 10.10.10.111 weight 1 check port 135 inter 2s rise 2 fall 3 on-marked-down shutdown-sessions
        server exh-cmb2 10.10.10.112 weight 1 check port 135 inter 2s rise 2 fall 3 on-marked-down shutdown-sessions

Of course, mail.company.com should resolve from the outside to the haproxy external address.
And haproxy had access to servers. your own phrase

Okay, I got around the problem a bit by adding a server directive to the backend like this:
server mail.company.com mail.company.com:443 ssl verify none check

I don’t understand at all, did you set the same record to both nodes? and why are you writing the port in the backend?