Monday, May 2, 2016

NetScaler VPX - load balance Exchange - Part 7 (URL rewrite - OWA example)

We can use the NetScaler "rewrite" feature to simplify the URL the end-user must enter to access the resource in question. In this blog post, I'll use Outlook Web App (OWA) as an example. Without URL rewriting, the user might enter the following type of URL to access OWA:

With the rewrite feature, we could simplify the URL so the user would only have to enter:

It may be possible to simplify the URL even more but I will limit my presentation to the example above (having the NetScaler add "/owa" for the user).

Indeed, we could facilitate matters for the users by other means. We could add a shortcut to their desktop with the URL to OWA or add a favorite to Internet Explorer, manually or with Group Policy (or a similar tool).

Even so, users may have to enter the URL for OWA themselves at some point and management may dictate that this process be simplified to a greater or lesser extent. It is in such a context that URL rewriting at the NetScaler would be implemented.


First, I will enable the "Rewrite" feature in the NetScaler system settings. We enter the IP address of the web-based management interface, login, and navigate to this section:

And check the Rewrite feature:

Now we can configure the feature. This process has three steps:
  • Create a Rewrite Action.
  • Create a Rewrite Policy (and link the Action to the Policy).
  • Bind the Rewrite Policy to the virtual server in question. In our case, that would be lb_vs_OWA.

In the AppExpert section of the web-based management interface, we go to the following section and click on Add:

NetScaler > AppExpert > Rewrite > Rewrite Actions

We name the Rewrite Action ("rw_act_OWA" for example) and select the rewrite type "REPLACE":

To the right of the screen (continued from the screenshot above), click on "Expression Editor":

Click on "Select" and then select the options illustrated in the screenshots below:

The result should be:


Click on "Done"

Back at the "Create Rewrite Action" page, we should enter "/owa" in the expression section (The Expression Editor is not necessary here - or even above if you know enough to enter the expressions directly):

We click on "Create" (above) and should have what follows for the Rewrite Action:

Next, we will create a Rewrite Policy that will include the Rewrite Action defined above (and later we will bind the Rewrite Policy to the OWA virtual server - lb_vs_OWA). We navigate to this section of the NetScaler management interface (and click on "Add"):

NetScaler > AppExpert > Rewrite > Rewrite Policies

We name the Rewrite Policy ("rw_pol_OWA" for example) and then browse to the rewrite action (rw_act_OWA) that I created in the previous step:

As for the Rewrite Action, I will open the Expression Editor (continuation of the screenshot above but further to the right)...

And enter the following:


Once finished, we click on "Done":

Contrary to the creation of a Rewrite Action, we do not need to add text to the Rewrite Policy. We can simply click on "Create":

This should be the result:

At this point, we have a Rewrite Policy with an associated Rewrite Action.

The last step consists in binding the Rewrite Policy to the virtual server, in this case the OWA virtual server (lb_vs_OWA).

We leave the AppExpert section of the mangement interface and go to the properties of the OWA virtual server (highlight the virtual server and click on "Edit") at this location:

NetScaler > Traffic Management > Load Balancing > Virtual Servers

In the menu to the right, click on "Policies" (yes, we will find the Rewrite Policy we just created and bind it to the virtual server):

Now the Policies section is in the column to the left. Click on the plus sign to bind the Rewrite Policy to the virtual server:

We choose the policy type: "Rewrite" and "Request" (think of the REQ in the expressions created above - referring to requests for OWA):

Next, I browse to add the Rewrite Policy...

I check the "rw_pol_OWA" policy and click on "Select":

I then click on "Bind":

Click on "Done" (etc.) as needed to close the properties of the virtual server and remember to save the running configuration (floppy icon in upper right-hand corner).


Does the URL rewrite function?

I enter the incomplete URL in Internet Explorer (without /owa)...

And the NetScaler adds "/owa" as configured:

Note: in a previous blog post, we enabled what is known as "integrated Windows authentication" which allows us to open OWA with the credentials used to open a network session on the client machine. In other words, we do not have to re-enter credentials and are taken directly to our mailbox via the web interface.

No comments:

Post a Comment