Welcome to ISAserver.org

OWA FBA and EAS with Certificate Auth using one single listener

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> OWA FBA and EAS with Certificate Auth using one single listener

Page: [1]

Message

<< Older Topic Newer Topic >>

OWA FBA and EAS with Certificate Auth using one single ... - 21.Oct.2009 9:50:28 AM

AndiG

Posts: 1
Joined: 21.Oct.2009
Status: offline

Hi,

I am running Exchange 2003, ISA Server 2006 with published OWA using FBA authenticating with Radius OTP.

I recently published Active Sync (EAS) and in fact this works pretty fine with the same FBA listener, cause ISA 2006 is falling back to basic authentification if necessary (if the client doesn't understand FBA). Unfortunately, every sync forces the mobile user to enter Username/Password, so this is not very comfortable way.

I'd rather like to use User Certificate Authentification but does this mean, I need to add a second listener and therefore a second, external IP at last? If I understand right, the listener for Certificate Authentification needs to be configured to use SSL-Clientauthentification?! If yes, is there an alternative way to configure FBA and Certificate Authentification using one single listener?

Greets,
Andreas

Post #: 1

Featured Links*

RE: OWA FBA and EAS with Certificate Auth using one sin... - 21.Oct.2009 12:14:44 PM

IanC

Posts: 338
Joined: 11.Jul.2007
From: UK
Status: offline

Hi Andreas,

No, you will need a separate listener for SSL Client Authentication. You will also have to configure Kerberos Constrained Delegation.

Regards

Ian

_____________________________

Ian Currie

nAppliance TMG/UAG Appliances - EMEA
www.surefront.co.uk

(in reply to AndiG)

Post #: 2