Kerberos authentication
From: Rob (Rob_at_discussions.microsoft.com)
Date: 11/18/04
- Next message: Silentsam: "Migrating from Exchange 2000 to 2003 with new hardware."
- Previous message: Mike Brown: "Exch 5.5 on BDC In-Place Upgrade to W2K?!?"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 18 Nov 2004 08:34:22 -0800
In the default exchange 2003 FE/BE configuration, kerberos is used for
authentication.
we have our FE in DMZ. we openedUDP/TCP 88 to our domain controllers.
we are seeing some warnings on FE:
Microsoft Exchange Server has detected that NTLM-based authentication is
presently being used between this server and server 'BE'. NTLM is still a
secure authentication mechanism and protects users' credentials. However,
this indicates that there may be a configuration issue preventing the use of
Kerberos authentication. If this condition persists, please verify that
server 'BE' is properly configured to use Kerberos authentication. After
applying any changes it may be necessary to restart Internet Information
Services on both the front-end and back-end servers.
my question is:
Do we nned to open port 88 UDP/TCP from DMZ to Back End server also?
I would greatly appreciate any help,
thanks,
Rob
- Next message: Silentsam: "Migrating from Exchange 2000 to 2003 with new hardware."
- Previous message: Mike Brown: "Exch 5.5 on BDC In-Place Upgrade to W2K?!?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
