<div><br><div class="gmail_quote"><div dir="auto">On Fri, Jan 19, 2018 at 7:14 AM Jason Whittington <<a href="mailto:Jason.Whittington@equifax.com">Jason.Whittington@equifax.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I haven’t done it for sharepoint but I have done it for TFS.  If I had to guess you are probably being bitten by NTLM.<br>
<br>
NTLM authentication authenticates connections instead of requests, and this is somewhat contradicts HTTP protocol, which is expected to be stateless. As a result it doesn't generally work though proxies, including nginx.<br>
<br>
NGINX can support it though, you need to use the "ntlm" directive. Below is an [stripped down] example of how I have it set up in front of TFS.  I would think Sharepoint would be very similar.  This has worked very reliably for like a year.<br>
<br>
upstream MyNtlmService {<br>
        zone backend;<br>
        server <a href="http://192.168.0.1:8080" rel="noreferrer" target="_blank">192.168.0.1:8080</a>;<br>
        server <a href="http://192.168.0.2:8080" rel="noreferrer" target="_blank">192.168.0.2:8080</a>;<br>
        #See <a href="http://stackoverflow.com/questions/10395807/nginx-close-upstream-connection-after-request" rel="noreferrer" target="_blank">http://stackoverflow.com/questions/10395807/nginx-close-upstream-connection-after-request</a><br>
        keepalive 64;<br>
        #See <a href="http://nginx.org/en/docs/http/ngx_http_upstream_module.html#ntlm" rel="noreferrer" target="_blank">http://nginx.org/en/docs/http/ngx_http_upstream_module.html#ntlm</a><br>
        ntlm;<br>
}<br>
    server {<br>
        listen 80;<br>
<br>
        location / {<br>
            proxy_read_timeout 60s;<br>
            #<a href="http://stackoverflow.com/questions/21284935/nginx-reverse-proxy-with-windows-authentication-that-uses-ntlm" rel="noreferrer" target="_blank">http://stackoverflow.com/questions/21284935/nginx-reverse-proxy-with-windows-authentication-that-uses-ntlm</a><br>
            proxy_http_version 1.1;<br>
            proxy_set_header Connection "";<br>
<br>
            proxy_pass http:// MyNtlmService /;<br>
        }<br>
    }<br>
<br>
<br>
Jason<br>
<br>
<br>
-----Original Message-----<br>
From: nginx [mailto:<a href="mailto:nginx-bounces@nginx.org" target="_blank">nginx-bounces@nginx.org</a>] On Behalf Of blason<br>
Sent: Friday, January 19, 2018 12:18 AM<br>
To: <a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
Subject: [IE] Re: Has anyone implemented Nginx as a reverse proxy with Microsoft Sharepoint?<br>
<br>
Wow man!! Thanks I am struggling with configuration as Subsites does not show anything it shows blank page i.e only for blank page while Front page gets open successfully.<br>
<br>
Posted at Nginx Forum: <a href="https://forum.nginx.org/read.php?2,278193,278195#msg-278195" rel="noreferrer" target="_blank">https://forum.nginx.org/read.php?2,278193,278195#msg-278195</a><br>
<br>
_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx</a><br>
<br>
This message contains proprietary information from Equifax which may be confidential. If you are not an intended recipient, please refrain from any disclosure, copying, distribution or use of this information and note that such actions are prohibited. If you have received this transmission in error, please notify by e-mail <a href="mailto:postmaster@equifax.com" target="_blank">postmaster@equifax.com</a>. Equifax® is a registered trademark of Equifax Inc. All rights reserved.<br>
_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx</a></blockquote><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto">Yep, the problem is/will be ntlm. Try what Jason mentioned, and you can drop me an email if you like off-list - pchychi . At . Gmail</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank"></a></blockquote></div></div><div dir="ltr">-- <br></div><div class="gmail_signature" data-smartmail="gmail_signature">Payam Tarverdyan Chychi<br>Network Security Specialist / Network Engineer</div>