Re: [Fed-Talk] Snow Leopard Mail Exchange integration a joke?
Re: [Fed-Talk] Snow Leopard Mail Exchange integration a joke?
- Subject: Re: [Fed-Talk] Snow Leopard Mail Exchange integration a joke?
- From: "Miller, Jason G. (MSFC-IS40)[LMIT - MSFC]" <email@hidden>
- Date: Tue, 8 Sep 2009 12:55:06 -0500
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] Snow Leopard Mail Exchange integration a joke?
Sorry, I should have elaborated further:
http://blogs.technet.com/amir/archive/2008/01/30/entourage-2008-new-features-part-ii.aspx
If you have access to a KDC, then yeah, kerberos should probably work
okie.
--Jason
---
Jason Miller
MCSE+Messaging, MCSA
NOMAD Chief Engineer
email@hidden
On Sep 8, 2009, at 11:06 AM, Timothy J. Miller wrote:
> And then there's this from the Exchange 2007 SDK documentation:
>
> http://msdn.microsoft.com/en-us/library/bb204050.aspx
>
> (Under "Security Criteria"):
>
> """
> Built-in Security Features
>
> Exchange Web Services can use NTLM, Kerberos, or Basic
> authentication. It is recommended that XML requests and responses be
> sent by means of SSL.
> """
>
> -- Tim
>
>
> On 9/8/2009 10:58 AM, Timothy J. Miller wrote:
>> On 9/8/2009 10:01 AM, Miller, Jason G. (MSFC-IS40)[LMIT - MSFC]
>> wrote:
>>> This is most likely not Apple's fault.
>>>
>>> In Exchange 2007, Client-Access Servers do not support kerberos (by
>>> design). They might support it in Exchange 2010. Another
>>> possibility
>>> is that ISA 2006 could front your CAS architecture to support
>>> kerberos
>>> and smart-card auth, but since ISA 2006 is still 32-bit, I probably
>>> wouldn't do that.
>>
>> http://technet.microsoft.com/en-us/library/bb124507.aspx
>>
>> """
>> Integrated Windows authentication
>>
>> Hashed when Integrated Windows authentication is used; Kerberos
>> ticket
>> when Kerberos is used. Integrated Windows authentication includes the
>> Kerberos and NTLM authentication methods.
>> """
>>
>> http://technet.microsoft.com/en-us/library/bb125207.aspx
>>
>> """
>> Integrated Windows authentication requires that users have a valid
>> Windows 2000 Server or Windows Server 2003 user account name and
>> password to access information. Users logged on to the local
>> network are
>> not prompted for their user names and passwords.
>> """
>>
>> Per the text for both pages under Integrated Windows Authentication
>> (MS-speke for SPNEGO, which is MS-speke for "negotiate either NTLM or
>> Kerberos), the Exchange 2007 CAS supports Kerberos for OWA too.
>>
>> -- Tim
>>
>
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden