Junction configuration

Edit online

To use WebSEAL as a reverse proxy for RPC over HTTP requests between Outlook and Exchange, you must use a transparent path junction or a virtual host junction. When issuing an RPC over HTTP request, the Outlook client tries to access the URI /rpc/rpcproxy.dll on the junctioned IIS server that is configured to communicate with the Exchange server.

To authenticate the user to WebSEAL and the Exchange server, you must use the -b ignore parameter when creating the junction. This parameter ensures that the BA header used by WebSEAL for authentication is also used to authenticate to the IIS server that communicates with the Exchange server. For more details, see Authentication limitations.

You must use an SSL junction for this configuration; Outlook does not support HTTP when using BA authentication.

Transparent path junctions

The following command illustrates how to create a transparent path junction:

server task instance_name-webseald-host_name create -t ssl 
-h exchange_host -p exchange_port -b ignore -x /rpc

where:

instance_name-webseald-host_name: Specifies the full server name of the installed WebSEAL instance. You must specify this full server name in the exact format as displayed in the output of the server list command.
exchange_host: Specifies the DNS host name or IP address of the Exchange server.
exchange_port: Specifies the TCP port of the Exchange server. The default value is 80 for TCP junctions and 443 for SSL junctions.

Virtual host junctions

The following command illustrates how to create a virtual host junction:

server task instance_name-webseald-host_name virtualhost create -t ssl 
-h exchange_host -p exchange_port -v virtual_host -b ignore exchange

where:

instance_name-webseald-host_name: Specifies the full server name of the installed WebSEAL instance. You must specify this full server name in the exact format as displayed in the output of the server list command.
exchange_host: Specifies the DNS host name or IP address of the Exchange server.
exchange_port: Specifies the TCP port of the Exchange server. The default value is 80 for TCP junctions and 443 for SSL junctions.
virtual_host: Specifies the value of the Host header of the request sent to the Exchange server.