Restrict access to the Outlook Anywhere mapping

To secure the back-end server, the Outlook Anywhere mapping has to be restricted to authenticated users only.

Procedure-related prerequisites

  • Configuration takes place in Airlock Gateway.
  • You need to be logged in as admin in the Airlock Gateway Configuration Center.

Instruction

  • 1.
    Go to: Application Firewall >> Reverse Proxy.
  • 2.
    Edit all the mappings listed below and apply the changes described underneath:
    • -
      Exchange Autodiscover
    • -
      Exchange EWS
    • -
      Exchange MAPI
    • -
      Exchange OAB
    • -
      Exchange Outlook Anywhere
  • 3.
    Change to the Access tab.
  • 4.
    Enter the role under Access restrictions >> Restricted to Roles.
    • Restricted to Roles: exchange

    This role is set by Airlock IAM after successful authentication.

  • 5.
    Select Authentication flow One-Shot.
  • 6.
    Configure Denied access URL to /auth/login-oneshot
  • 7.
    Under Credential Propagation >> SSO credential propagation, select Basic-Auth.
  • 8.
    Enable the checkbox Credential mandatory.