Solved

How to improve security to my IIS and Exchange folders?

Posted on 2006-07-13
2
745 Views
Last Modified: 2012-06-21
Hi,

I have been modifying a lot of things and permissions trying to configure correctly OWA with SSL, OMA, and Microsoft-Active-Sync for PDAs, etc... Even I have modified some root properties today by error and obviously it affects of all the rest of the folders. I am worried about it and I would like to learn some basic "must to know" about this secure procedures. I would like to secure these folders of my IIS server.

I only want to allow OWA access (SSL), OMA Access (to one PDA without SSL support) I know that each service requires a default properties, but I would like to find a all-in-one, able and secure way... Anyone could help or recommend me a basic things to know about this? I have all these options but I am not sure at all if these are correct or huge unsecure...

/root default server: Anonymous and basic ONLY + SSL require
/exadmin: Integrated ONLY + SSL require
/exchange: Integrated and Basic ONLY + SSL require
/exchweb: Anonymous ONLY + SSL require
/Microsoft-Server-ActiveSync: Integrated and Basic ONLY (no SSL)
/OMA: Basic ONLY (no SSL)
/rpc: Integrated and Basic ONLY + SSL require (no SSL)
/rpcwithCert: Integrated and Basic ONLY + SSL require (no SSL)
/certcontrol: Integrated ONLY + SSL require
/certEnroll: Anonymous ONLY + SSL require
/certServ: Integrated ONLY + SSL require
/public: Integrated and Basic ONLY + SSL require
/asp_client

Any web info or recommendations? Thank you very much for this
0
Comment
Question by:isaacmateo
2 Comments
 
LVL 104

Accepted Solution

by:
Sembee earned 500 total points
ID: 17102117
If you have require SSL on the /exchange virtual directory then OMA/EAS will not work.
I don't tend to both with require SSL on any folder in the default web site.

Authentication settings look fine.
You could always reset the whole lot: http://support.microsoft.com/default.aspx?kbid=883380

Simon.
0
 

Author Comment

by:isaacmateo
ID: 17107080
Thanks again Simon. I tried the method 1 of your link and I am feeling better about our security
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Add a SafeSender to Exchange 6 25
Publishing OWA on TMG 2010 2 28
Error 450 sending internal mail 6 21
Exchange 2016 anti-spam 3 36
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now