Applies to: Exchange Server 2013

Topic Last Modified: 2013-02-19

Exchange Server 2013 automatically configures multiple Internet Information Services (IIS) virtual directories during installation. This topic contains information about the default IIS authentication settings and default Secure Sockets Layer (SSL) settings for the Client Access and Mailbox servers.

Client Access server

The following table lists the default settings on a stand-alone Exchange 2013 Client Access server.

Default Client Access server IIS authentication and SSL settings

Virtual directory Authentication method SSL settings Management method

Default website

  • Anonymous

  • Required

IIS management console

aspnet_client

  • Anonymous authentication

  • SSL required

  • Requires 128-bit encryption

IIS management console

Autodiscover

  • Anonymous authentication

  • Basic authentication

  • Windows authentication

  • SSL required

  • Requires 128-bit encryption

Exchange Management Shell (Shell)

ecp

  • Anonymous authentication

  • Basic authentication

  • SSL required

  • Requires 128-bit encryption

Exchange admin center (EAC) or Shell

EWS

  • Anonymous authentication

  • Windows authentication

  • SSL required

  • Requires 128-bit encryption

Shell

Microsoft-Server-ActiveSync

  • Basic authentication

  • SSL required

  • Requires 128-bit encryption

EAC or Shell

OAB

  • Windows authentication

  • Not required

EAC or Shell

owa

  • Basic authentication

  • SSL required

  • Requires 128-bit encryption

EAC or Shell

PowerShell

  • Anonymous authentication

  • Not required

Shell

Rpc

  • Basic authentication

  • Windows authentication

  • SSL required

  • Requires 128-bit encryption

Shell

RpcWithCert

By default, all authentication methods are disabled.

  • Required

 

Mailbox server

The following table lists the default settings on a stand-alone Exchange 2013 Mailbox server.

Default Mailbox server IIS authentication and SSL settings

Virtual directory Authentication method SSL settings Management method

Default website

  • Anonymous authentication

  • SSL required

  • Requires 128-bit encryption

This virtual directory can’t be configured by the user.

PowerShell

  • Anonymous authentication

  • Not required

Shell