Set the Password Policy
Most companies will want to use Integrated Windows authentication for Instant Messaging. Integrated Windows authentication results in a seamless, automatic logon process for end-users (if logged into a Windows 2000 account, end-users do not need to furnish additional username and password credentials to use Exchange Instant Messaging). If you want to use Integrated Windows authentication, the Instant Messaging default authentication method, no further action is required.
If you need to authenticate through proxies, or if you are running Instant Messaging clients on other operating systems (such as UNIX), you may want to use Digest authentication instead. (Digest is based on the HTTP standard.) When using HTTP Digest to authenticate Instant Messaging users, the Instant Messaging security mechanism must be able to retrieve unencrypted user passwords from Active Directory. For this purpose, you must change the domain controller's password policy to store the passwords in a reversible, encrypted format.
Note Instant Messaging uses the same passwords as Windows 2000 Server. You reset user passwords from the Active Directory Users and Computers snap-in. For specific instructions, refer to the Windows 2000 online documentation.
To set the password policy:
Tip To propagate this change immediately throughout the domain, type the following command from a command prompt:
secedit/refreshpolicy MACHINE_POLICY
Related Topics
HTTP Digest Authentication