The "Microsoft Lync" application allows users and contacts to configure their own 'display picture' by linking to external URLs.
When you load Microsoft Lync, it will attempt to contact these external URLs to download the contact pictures configured by your contacts.
During this process, Microsoft Lync fails to authenticate with the ProxySG and so the images fail to download.
This KB is only relevant to users who specify a display image via an external URL and where policy, such as authentication, is causing these external images to fail load.
The "user-agent" provided by Microsoft Lync to download these external images during this process is the same as Internet Explorer, with the additional value "Placeware RPC 1.0".
User-Agent: Mozilla/4.0 (compatible ; MSIE 7.0.5730.13 ; Microsoft Windows XP Professional Service Pack 3 ; Placeware RPC 1.0)
Creating the following CPL policy will allow the Microsoft Lync application to bypass authentication and therefore allow this process to complete:
request.header.User-Agent="Placeware RPC 1.0" authenticate(no)
If you are unfamiliar with CPL policy, you can create the same policy in the Visual Policy Manager (VPM) by following the instructions below:
1) Load the VPM and add a new rule to your Web Authentication Layer. Make sure this rule is above your current authentication rule so that it is evaluated first.
2) Create a new "Request Header" source object (New --> Request Header):
3) Enter the following details:
4) Set the Action to Do Not Authenticate.
Your policy should now look similar to below: