Re: Security and Outlook over HTTP

You're welcome!

Gregg Hill



"Gus" <Gus@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:57A8A73A-1473-4682-ABE1-F8832208F2FD@xxxxxxxxxxxxxxxx
I misunderstood his suggestion and I thought he meant to change the
authentication on the server (default website). Thanks for clearing it
up.

Gus


"Gregg Hill" wrote:

Gus,

The only non-standard step you did was to choose NTLM vs. Basic
authentication. You must have missed Frank's post, because that is what
Frank told you to do back on 3/19/06 at 1:45PM.

The text below is quoted from Frank's post.

"Hi Gabriel and Gus

Actually there is a workaround. Instead of Basic Authentication use NTLM
Authentication. This will work if using SBS Standard but will not work if
using ISA or certain other Firewalls. See
http://www.microsoft.com/technet/prodtechnol/exchange/guides/E2k3RPCHTTPDep/179dce5a-00d2-40d9-933d-d7b88e40c513.mspx?mfr=true";

Gregg Hill





"Gus" <Gus@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E3F9D39E-AA14-40CF-9098-7F0C48F7F0F8@xxxxxxxxxxxxxxxx
I finally was able to remove the dialog box requesting the
username/id/password. My laptop belongs to the domain so I'm assuming
that
it is using my laptop's security instead. The instructions to set it
up
is
as follows:

Configure the computer for RPC over HTTP

Click Start, and then click Control Panel.
If you are viewing Control Panel in the default Category view, switch
to
Classic view, and then double-click Mail.
If you are viewing Control Panel in Classic view, double-click Mail.
In the Mail Setup dialog box, click E-mail accounts, click View or
change
existing e-mail accounts, and then click Next.
In the E-mail accounts dialog box, click Microsoft Exchange Server, and
then
click Change.
In the Microsoft Exchange Server box, type the local name of the
Exchange
server:

servername.domainname.local


In the User Name box, type the user name that you use to log on to the
Remote Web Workplace. Do not click Check Name.

In the Exchange Server settings page, click More Settings.
On the Connection tab, under Exchange over the Internet, select Connect
to
my Exchange mailbox using HTTP, and then click Exchange Proxy Settings.
The
Exchange Proxy Settings dialog box appears.
Under Use this URL to connect to my proxy server for Exchange, type the
following URL:
yourexternalwebsitename.com

Select Connect using SSL only, and then select Mutually authenticate
the
session when connecting with SSL.
In the Principal name for proxy server box, type the following text:
msstd:youexternalwebsitename.com

Select On slow networks, connect using HTTP first, then connect using
TCP/IP.
Under Proxy authentication settings, select NTLM Authentication.
Click OK, and then click OK again. Click Next, and then click Finish.
Click
Close.
In the Mail dialog box, if Always use this profile is selected, choose
the
newly configured profile.

Hope it works for you...


"Gus" wrote:

thank you!! One final question, currently when outlook first tries to
connect to the "https", a dialog box appears asking me for my
username/id/domain...is there a way to have it use the
username/id/domain
of
the client?

"Owen Williams" wrote:

Gus:

Outlook uses RPC over HTTPS (not HTTP). The security is the same as
you
would get with a secure web page, one who's address begins with
HTTPS
and has the lock in the lower-right corner of the browser window.
This
level of security, with 128-bit encryption, is considered acceptable
for
most Internet uses, including exchanging personal information
(assuming
legitimate web sites, of course!) and high-value financial
transactions.

Basic authentication (clear-text) is OK in this case because the
userID
and password are being sent over an encrypted channel (HTTPS) to the
small business server and Exchange.

-- Owen Williams

In article <C3521E61-6552-4EA1-B2FB-77580D744AD8@xxxxxxxxxxxxx>,
Gus@xxxxxxxxxxxxxxxxxxxxxxxxx says...
How security is accessing our mail over the internet (HTTP) with
Outlook. I
set it up using the articles posting on the newsgroup but I'm a
bit
concern
with the security. I'm specifically concerned with the fact that
one
of the
articles had me set the security with basic authentication (sent
as
text). I
also know that the article also mentioned to set 128-bit
encryption....does
this protection "overrides" the basic authentication?

Also, I guess since the server asks me for ID/password/domain
should
I
safely assume that I'm secure?

Just concerned...any feedback would be appreciated.






.

Relevant Pages

  • RE: Unable to authenticate via SMTP to SBS2003
    ... an authentication issue is encountered. ... In Outlook Express, open the Properties window of the mail account and then ... How to Configure a POP3 Client Computer to Use Exchange as the SMTP Server ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS2k3 and activesync over the air
    ... Did you apply Exchange SP2 on your Small ... Business Server? ... Open IIS from the Server Management ... Click Edit under Authentication and ...
    (microsoft.public.windows.server.sbs)
  • Re: Need Help ActiveSync 4.2 + exchange 2003 sp2 on SBS 2003 premium sp1
    ... Here's a list of the errors that are known for Exchange ActiveSync - ... To enable Integrated Windows Authentication on the Exchange virtual ... Re-enable Kerberos on the Exchange server by following the ...
    (microsoft.public.pocketpc.activesync)
  • Re: OWA problem after renewal of SSL cert
    ... MVP - Exchange ... HTTPS to work again - if only on the LAN. ... server or on the Exchange server? ... However, I'm still w/out OWA ...
    (microsoft.public.exchange.admin)
  • Re: Client application cannot connect to server
    ... When I move to an actual device, i.e.,MotorolaQ, every aspect of the application work except for connecting to the server. ... Microsoft Exchange Server 2003 SP2 ... ISA Server as an advanced firewall in a workgroup in perimeter network ... Set up FBA or Basic authentication for Exchange ActiveSync, ...
    (microsoft.public.windowsce.app.development)