Applies to: Exchange Server 2007 SP3, Exchange Server
2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2006-07-24
Use the Authentication tab to select the authentication method or methods that you want to use for Exchange ActiveSync.
Note: |
---|
The properties that you set in this dialog box will update the Internet Information Services (IIS) metabase. |
- Basic authentication (password is sent in clear text)
-
Select this check box if you want the mobile device to send the user name and password in clear text.
Important: Because passwords are sent in clear text with Basic authentication, you should configure Secure Sockets Layer (SSL) to encrypt data transferred between your mobile clients and the Exchange ActiveSync virtual directory.
- Client certificate authentication
-
- Select whether you want to ignore, accept, or require client
certificate authentication.
- Certificates can reside in the certificate store on a mobile
device or on a smart card. A certificate authentication method uses
the Extensible Authentication Protocol (EAP) and Transport Layer
Security (TLS) protocols. In EAP-TLS certificate authentication,
the client and the server prove their identities to each other. For
example, an Exchange ActiveSync client presents its user
certificate to the Client Access server, and the Client Access
server presents its computer certificate to the mobile device to
provide mutual authentication.
Note: Requiring client certificates will force you to configure SSL on the Web site that is hosting the Exchange ActiveSync virtual directory.
- Select whether you want to ignore, accept, or require client
certificate authentication.
Caution: |
---|
Anonymous access to the Exchange ActiveSync virtual directory should always be turned off. |