Topic Last Modified: 2009-01-21

The Microsoft Exchange Server Best Practices Analyzer examines the security settings for the Public virtual directory on Exchange Server 2003-based computers. The tool examines these settings to determine whether Secure Sockets Layer (SSL) is configured on the Public virtual directory.

If the Analyzer detects that SSL is enabled, the tool generates a warning message. Having SSL enabled on the Public virtual directory interferes with free/busy public folder lookup requests.

Exchange provides access to public folders from Microsoft Office Outlook or from a Web browser or mobile device. To provide public folder access from Web browsers or mobile devices, Exchange uses the Public virtual directory in Internet Information Services (IIS).

Web client programs can use public folders to obtain free/busy information for Exchange calendars.

Users who are connected to Exchange 2003 mailboxes use public folders to access free/busy information.

To address this issue, modify the directory security settings on the Public virtual directory on the Exchange 2003 server to disable SSL.

To modify virtual directory permissions in Internet Information Services (IIS)
  1. Start Internet Information Services (IIS) Manager.

  2. Expand the server, expand Web Sites, expand Default Web Site, right-click Public, and then click Properties.

  3. Click the Directory Security tab, and then click Edit under Secure communications.

  4. Click to clear the Require secure channel (SSL) check box, and then click OK two times.

  5. At a command prompt, run the iisreset command to reset IIS.