Managing Active Directory does not always have to be complicated. If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why
Course Of The Month
7 days, 3 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Accepting Exchange 2010 ActiveSync Basic Authentication OR Certificate Based Authentication
Posted on 2013-11-29
Hey,
I would like to implement Exchange 2010 EAS Certificate Based Authentication along with still being able to use Basic Authentication. Reason being is we are testing CBA and a small subset of people will use it at first. When configure CBA, Certificates need to be set to accept or require in the EAS properties of the CAS server along with unchecking Basic Authentication which would prohibit EAS from accepting the basic usernames and passwords. What is the best way of me trying to accomplish having both authentication methods work? Would I need a second ActiveSync virtual directory, one with a URL pointing the virtual directory that accepts BASIC authenticaiton, and another URL pointing to a second virtual direction that accepts Certificates only?
I would like to implement Exchange 2010 EAS Certificate Based Authentication along with still being able to use Basic Authentication. Reason being is we are testing CBA and a small subset of people will use it at first. When configure CBA, Certificates need to be set to accept or require in the EAS properties of the CAS server along with unchecking Basic Authentication which would prohibit EAS from accepting the basic usernames and passwords. What is the best way of me trying to accomplish having both authentication methods work? Would I need a second ActiveSync virtual directory, one with a URL pointing the virtual directory that accepts BASIC authenticaiton, and another URL pointing to a second virtual direction that accepts Certificates only?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2-
2
4 Comments
Active today
That is probably the only way you can do it.
You can only ignore or accept client certificates.
You would need two web sites, two host names. The one with basic authentication should be left on the default web site.
However clients would need to be configured manually because you have no way of telling Exchange which clients use which address.
Simon.
You can only ignore or accept client certificates.
You would need two web sites, two host names. The one with basic authentication should be left on the default web site.
However clients would need to be configured manually because you have no way of telling Exchange which clients use which address.
Simon.
Ok, I just tried creating a second EAS website, but it yelled at me. I tried running:
New-ActiveSyncVirtualDirec
New-ActiveSyncVirtualDirec
I saw this listed: Only one Exchange ActiveSync virtual directory can exist in each Exchange ActiveSync website. Microsoft Site
Any ideas on adding a second eas instance on a computer that already has a first one?
New-ActiveSyncVirtualDirec
New-ActiveSyncVirtualDirec
I saw this listed: Only one Exchange ActiveSync virtual directory can exist in each Exchange ActiveSync website. Microsoft Site
Any ideas on adding a second eas instance on a computer that already has a first one?
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Suggested Solutions
| Title | # Comments | Views | Activity |
|---|---|---|---|
| script to trace the email in Office365 | 4 | 48 | |
| exchange 2013 | 10 | 34 | |
| Exchange Online Archive | 2 | 23 | |
| Other Techs Recommendations...What is the Best Archive Solution for Exchange | 5 | 14 |
This article explains how to install and use the NTBackup utility that comes with Windows Server.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center.
Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center.
Navigate to the Mail Flow >> Ac…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center.
Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center.
Navigate to the Mail Flow…
Suggested Courses
Course of the Month7 days, 3 hours left to enroll
732 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.