Hi Mark, to disable APM you'd want to use ACCESS::disable in your iRule. However, it sounds like you want to use SSO for requests from Outlook to Enterprise Vault instead, correct? That would avoid poking a hole in your APM deployment.
You may be able to get away with simply invoking the forms SSO for those requests. For example, try modifying the "_select_sso" iRule to include that URI. It's possible you may need to adjust the forms SSO object a bit as well to make this work (I've no way to test it here):
when ACCESS_ACL_ALLOWED {
set req_uri [string tolower [HTTP::uri]]
if { $req_uri contains "/owa/auth" || $req_uri contains "/enterprisevault" } {
WEBSSO::select [set foo /Common/exchange.app/exch_form_basedv2_sso]
}
unset req_uri
}