Set Up User Authentication

You can authenticate Chat Service users using either of these two methods:

• Chat Service clear-text authentication.  With Chat Service clear-text authentication, users are authenticated by their unencrypted chat client password, which is sent to the server by way of the Pass command. This is the least secure method of authenticating users.
• Microsoft Windows 2000 Security Service Provider Interface (SSPI).  The SSPI allows an application to use various security models available on a computer or network without changing the interface to the security system. A security provider is contained in a dynamic-link library (DLL) that implements the SSPI by making one or more security packages available to applications. Each security package provides mappings between an application's SSPI function calls and an actual security model's functions.

  The chat client begins authentication with the server using the Auth command. User credentials are encrypted and sent over to the server.

To use Chat Service clear-text authentication:

1. Start System Manager
   On the Start menu, point to Programs, point to Microsoft Exchange, and then click System Manager.
2. Navigate to the Chat Community where you want to authenticate users using clear-text authentication.

   Chat Communities

   1. Chat_community_name
3. Right-click the chat community name, and then click Properties.
4. On the community's Authentication tab, clear the Anonymous access check box, and then select the Basic Authentication check box.
5. Type the Windows 2000 Default domain name if necessary. If you do not specify a domain, the domain to which the server belongs (the local domain) is used.

To use Microsoft Windows 2000 Security Service Provider Interface (SSPI) authentication:

Note   These steps install the SSPI package on one server only and should be repeated on each server as needed.

1. Configure your security package to conform to the SSPI model.
   • Open the registry using either REGEDIT or REGEDT32.
   • Follow the path to: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders
   • Locate the REG_SZ value called SecurityProviders. Here you find a list of security provider DLLs, separated by commas.
   • Add YourSecurityProvider.dll to this list.
   • Restart the chat service. The server will read the registry value and load YourSecurityProvider.dll.
2. Start System Manager
   On the Start menu, point to Programs, point to Microsoft Exchange, and then click System Manager.
3. Navigate to the Chat Community where you want to authenticate users using the SSPI package.

   Chat Communities

   1. Chat_community_name
4. Right-click the chat community name, and then click Properties.
5. On the community's Authentication tab, clear the Anonymous access check box, and then select the Windows Security Package check box.

Note   In order to begin authentication, the SSPI package on the server must be compatible with the chat client. The SSPI package that your server supports is reported to the chat client using the Ircx or Isircx command.