Re: [Fed-Talk] MS Mac Office 2008 and CAC-enabled WebMail
Re: [Fed-Talk] MS Mac Office 2008 and CAC-enabled WebMail
- Subject: Re: [Fed-Talk] MS Mac Office 2008 and CAC-enabled WebMail
- From: "Timothy J. Miller" <email@hidden>
- Date: Mon, 7 Jan 2008 08:54:49 -0600
Same issues, with the addition that Mail isn't using RPC/HTTPS; it
uses WebDAV, and WebDAV is often turned off in OWA deployments (even
internal ones).
Oh, and if your org has customized the OWA authN DLL (frex., to
prevent attachment d/l on non-corp-owned systems), you're *really*
hosed, since OWA WebDAV reliant apps (Mail.app & Evolution) rely on
the behavior of the default DLL.
-- Tim
On Jan 7, 2008, at 8:43 AM, Joel Esler wrote:
Can't Mail.app interface with exchange?
On Mon, Jan 07, 2008 at 08:22:30AM -0600, it looks like Timothy J.
Miller sent me:
On Jan 4, 2008, at 3:01 PM, Boyd Fletcher wrote:
that?s a real bummer. So we can?t use Entourage 2008 to access
DOD?s externally facing webmail servers that require CAC
authentication. I was hoping they used Apple?s TLS infrastructure
which supports CAC.
Should work fine in Safari. :)
CAC authN to OWA through Entourage uses Microsoft's RPC/HTTPS
protocol. However, the Windows RPC/HTTPS stack only supports
NTLMv2 or Kerberos authN, not PKI authN (this continues to be true
in Vista and Server 2008, BTW). If you
were to look at the RPC/HTTPS protocol from an external Outlook
client you'd see it using NTLMv2 cached credentials. If you could
get cached creds on OS X (Paul, does ADmitMAC f/CAC support cached
creds?) it should then work with
Entourage (assuming Entourage can wield cached creds on OS X).
This also presumes that the RPC/HTTPS connector is turned on in
your OWA implementation, which is not guaranteed.
-- Tim
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
-----
joel esler
828A A216 6D95 A6BB B386 54F3 ACE3 B833 5F51 4902
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden