I do a role restriction based on brower id strings. Users trying to use the Outlook Plugin are getting a no role error when trying to launch the plugin. I need to know what the Browser ID string is for the Plugin/Client so that it will pass the restriction.
I got around the issue by changing my Restriction Policy. My goal is that users who can run Pulse client get a role that enables them to. All other clients get a role with network connect. My rule was Basically if your browser string was *Win* or *Mac* then you get the role with Pulse. The other role had the usual suspects matching their Browser strings explicitly. Changing that role restriction to match all browser strings let the Outlook Plugin authenticate.