Default Web Site (Front End)
|
Virtual directory
|
Default IIS
Authentication methods
|
SSL settings
|
Default authentication methods
Exchange Admin Center (EAC) |
AuthenticationMethods
Exchange Management Shell (EMS) |
|
|
Sites \ Default Web Site
|
As shown in Internet Information Services (IIS) Manager
|
Available through EAC
|
Internal
|
External
|
|
|
Autodiscover
|
• Anonymous
authentication
• Basic authentication • Windows authentication |
• SSL required
|
• Integrated
Windows authentication
• Basic authentication |
Basic, Ntlm,
WindowsIntegrated, WSSecurity, OAuth
|
Basic, Ntlm,
WindowsIntegrated, WSSecurity, OAuth
|
|
ECP (Exchange Control Panel)
|
• Anonymous authentication
• Basic authentication |
• SSL required
|
• Use-forms-based authentication
|
Basic, Fba
|
Fba
|
|
EWS (Exchange Web Services)
|
• Anonymous authentication
• Basic authentication |
• SSL required
|
• Integrated Windows authentication
|
Ntlm, WindowsIntegrated, WSSecurity,
OAuth
|
Ntlm, WindowsIntegrated, WSSecurity,
OAuth
|
|
Mapi
|
• Windows authentication
|
• SSL required
|
Not available in EAC
|
Ntlm, OAuth, Negotiate
|
Not configured
|
|
Microsoft-Server-Active-Sync
|
• Basic authentication
|
• SSL required
|
• Basic
authentication
• Ignore client certificate |
Not set *
All methods can be used. |
Not set *
All methods can be used. |
|
OAB (Offline Address Book)
|
• Windows authentication
|
None available
|
WindowsIntegrated, OAuth
|
WindowsIntegrated, OAuth
|
|
|
OWA (Outlook Web App)
|
• Basic authentication
|
• SSL required
|
•
Use-forms-based authentication
• Domain\user name |
Basic, Fba
|
Basic, Fba
|
|
OWA\Calendar
|
• Anonymous authentication
|
• Ignore client certificates
|
None available
|
||
|
OWA\Integrated
|
• Windows authentication
|
• SSL required
• Ignore client certificates |
None available
|
||
|
OWA\oma
(Outlook Mobile Access)
|
• Basic authentication
|
• Ignore client certificates
|
None available
|
||
|
PowerShell
|
• Windows authentication
|
• Not Required
|
None set
|
{}
|
{}
|
|
* The InternalAuthenticationMethods/ExternalAuthenticationMethods
parameter specifies the authentication methods supported by the server that
contains the virtual directory when access is requested from inside the
network firewall. If this parameter isn’t set, all authentication methods can
be used.
|
|||||
Aside from the above listed Virtual Directories, which you can find in
the EAC, you also have the following directories to manage through IIS or EMS:
|
Virtual directory
|
Authentication method
|
SSL settings
|
Management method
|
|
Default Website
|
• Anonymous authentication
|
• SSL required
|
IIS Management
Console*
This virtual directory can’t be configured by the user* |
|
aspnet_client
|
• Anonymous authentication
|
• SSL required
|
IIS management console
|
|
Rpc
|
• Basic authentication
• Windows authentication |
• SSL required
|
Exchange Management Shell (EMS)
|
|
* Indicates
difference between multirole and Mailbox role server. You can’t configure
this if the server only has the Mailbox role
|
|||
Exchange Back End Website
|
Virtual directory
|
IIS Default Authentication methods
|
IIS SSL settings
|
|
Exchange Back End
|
• Anonymous authentication
|
• SSL required
• Ignore client certificates |
|
Autodiscover
|
• Anonymous authentication
• Windows authentication |
• SSL required
• Ignore client certificates |
|
ecp
|
• Anonymous authentication
• Windows authentication |
• SSL required
• Ignore client certificates |
|
EWS
|
• Anonymous authentication
• Windows authentication |
• SSL required
• Ignore client certificates |
|
Exchange
|
• SSL required
• Ignore client certificates |
|
|
Exchweb
|
• SSL required
• Ignore client certificates |
|
|
mapi
|
• Anonymous authentication
|
• SSL required
• Ignore client certificates |
|
Microsoft-Server-ActiveSync
|
• Basic authentication
|
• SSL required
• Ignore client certificates |
|
OAB
|
• Windows authentication
|
• SSL required
• Ignore client certificates |
|
owa
|
• Anonymous authentication
• Windows authentication |
• SSL required
• Ignore client certificates |
|
owa\Calender
|
• Anonymous authentication
|
• Ignore client certificates
|
|
PopImap
|
• Anonymous authentication
|
• SSL required
• Ignore client certificates |
|
PowerShell
|
• Windows authentication
|
• SSL required
• Accept client certificates |
|
PowerShell-Proxy
|
|
• SSL required
• Ignore client certificates |
|
Public
|
• SSL required
• Ignore client certificates |
|
|
PushNotifications
|
• Anonymous authentication
• Windows authentication |
• SSL required
• Ignore client certificates |
|
Quarantine
|
• Anonymous authentication
|
• SSL required
• Ignore client certificates |
|
ReportingWebService
|
• Anonymous authentication
|
• SSL required
• Ignore client certificates |
|
Reports
|
• Anonymous authentication
|
• SSL required
• Ignore client certificates |
|
Rpc
|
• Windows authentication
|
• Ignore client certificates
|
|
RpcProxy
|
• Anonymous authentication
|
• SSL required
• Ignore client certificates |
|
RpcWithCert
|
• Windows authentication
|
• Ignore client certificates
|
|
Sync
|
|
• SSL required
• Ignore client certificates |
|
Ucc
|
• Anonymous authentication
|
• SSL required
• Ignore client certificates |
No comments:
Post a Comment