Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Topic Last Modified: 2012-07-23

You can configure Windows Digest authentication for Outlook Web App in Microsoft Exchange Server 2010. Digest authentication transmits passwords over the network as a hash value for additional security. Digest authentication isn't fully secure if the user is unable to close the browser and end the browser process between sessions. This problem may occur if the user is using Outlook Web App on a kiosk. If the browser can't be closed, the user's credentials remain in the cache where the next user may be able to access them.

Note:
Digest authentication can be set only on Exchange 2010 virtual directories.

Looking for other management tasks related to security for Outlook Web App? Check out Managing Outlook Web App Security.

Use the EMC to configure Digest authentication for Outlook Web App

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Outlook Web App virtual directories" entry in the Client Access Permissions topic.

  1. In the console tree, locate the virtual directory that you want to configure to use Digest authentication by using the information in step 2 or step 3.

  2. Select Server Configuration, select Client Access, select the server hosting the Outlook Web App virtual directory, and then click the Outlook Web App tab.

  3. In the work pane, select the virtual directory that you want to configure to use Digest authentication, and then click Properties.

  4. Click the Authentication tab.

  5. Select Use one or more standard authentication methods.

  6. Select Digest authentication.

  7. Click OK.

Use the Shell to configure Digest authentication for Outlook Web App

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Outlook Web App virtual directories" entry in the Client Access Permissions topic.

This example configures Digest authentication on the default Outlook Web App virtual directory in the default Internet Information Services (IIS) Web site on the local Exchange server.

Copy Code 
Set-OwaVirtualDirectory -Identity "owa (Default Web Site)" -DigestAuthentication <$true|$false>

For more information about syntax and parameters, see Set-OwaVirtualDirectory.