Hello
I am fighting with that issues since months.
Every day my IIS service (application pool) is failing due to (obviously) a very large number of EWS connections made by some Mac users.
As a result I have to "IISreset" my servers because some features disappear in OWA (mostly ECP, options, etc...) daily...
I already set up restrictive throttling policies months ago in our environment and applied it on mailboxes that are accessed through these Mac. But that did not prevent these Mac users to "kill" application pools.
I know one "mitigation" would be to force Application Pool recycling but this is more a "workaround" than a solution.
Some information:
- Environment is running Exchange 2010 SP3 RU17 + Exchange 2013 CU20,
- No way to identify a "bad pattern" in Mac User-Agent connecting to IIS (no "old" versions of Mac OSX for instance),
- When failing, IIS logs usually show a terrific number of EWS connections made in a couple of hours.
Last time ONE Mac made more than 2.9 millions of EWS requests in a couple of hours... killing/flooding IIS application pool - All this mailboxes are using a throttling policy that tries to "limit" the number of EWS connections that can be made (details shown below).
- An external F5 load balancer balances the traffic between Exchange servers.
If a setting can be changed on thee F5 I will do it if you get an idea.
I have no way to "manage" these Mac computers as they do not belong to the company. So the solution must be found with my architecture.
I accept any advice.
Thanks
Florent
PS: Here is "EWS" related settings in the Throttling Policy applied to these mailboxes:
EWSMaxConcurrency : 27EWSPercentTimeInAD : 10
EWSPercentTimeInCAS : 10
EWSPercentTimeInMailboxRPC : 10
EWSMaxSubscriptions : 20
EWSFastSearchTimeoutInSeconds : 30
EWSFindCountLimit : 500