Re: NTLM and RPC/HTTPS
- From: Owen Williams [SBS MVP] <Owen@xxxxxxxxxxxxxxxxxx>
- Date: Mon, 9 Oct 2006 20:57:01 -0400
In article <452ABD28.7020402@xxxxxxxxxxxxxxxxxxxxxxx>,
adrian.marsh@xxxxxxxxxxxxxxxxxxxxxxx says...
At the moment, if my users want to use RPC/HTTPS, then I also have to
configure their clients with Basic Authentication. But the default is
NTLM... So this begs the question - which is more secure? And what
would I need to enable on SBS2003 to get NTLM to work by default?
Adrian:
I presume we are talking about "Outlook via the Internet" a.k.a. "RPC over
HTTPS".
The reason there are no security issues using Basic Authentication (password
sent in clear text) is that the Internet connection from the Outlook computer
to the SBS is itself encrypted: secure HTTP (HTTPS) over TCP port 443. This is
the same protocol browsers use to communicate securely with web sites, such as
for banking and credit card transactions.
I would not try to switch to NTLM. When you login to RWW, you will see a link
which gives you step-by-step instructions to setup RPC over HTTPS, customized
to your SBS configuration. Follow that EXACTLY and you will have a secure and
fully supported configuration.
-- Owen Williams [SBS MVP]
.
- Follow-Ups:
- Re: NTLM and RPC/HTTPS
- From: Adrian Marsh (NNTP)
- Re: NTLM and RPC/HTTPS
- References:
- NTLM and RPC/HTTPS
- From: Adrian Marsh (NNTP)
- NTLM and RPC/HTTPS
- Prev by Date: Re: SBS 2003 R2 - Backup Devices
- Next by Date: Re: Slow Network
- Previous by thread: NTLM and RPC/HTTPS
- Next by thread: Re: NTLM and RPC/HTTPS
- Index(es):
Relevant Pages
|
