Server Configuration > Client Access Server > Exchange ActiveSync > Microsoft-Server-ActiveSync > Authentication Tab

Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007

Use the Authentication tab to select the authentication method or methods that you want to use for Exchange ActiveSync.

• Basic authentication (password is sent in clear text)
  Select this check box if you want the mobile device to send the user name and password in clear text.

  Important

  Because passwords are sent in clear text with Basic authentication, you should configure Secure Sockets Layer (SSL) to encrypt data transferred between your mobile clients and the Exchange ActiveSync virtual directory.

• Client certificate authentication

  • Select whether you want to ignore, accept, or require client certificate authentication.

  • Certificates can reside in the certificate store on a mobile device or on a smart card. A certificate authentication method uses the Extensible Authentication Protocol (EAP) and Transport Layer Security (TLS) protocols. In EAP-TLS certificate authentication, the client and the server prove their identities to each other. For example, an Exchange ActiveSync client presents its user certificate to the Client Access server, and the Client Access server presents its computer certificate to the mobile device to provide mutual authentication.

    Note

    Requiring client certificates will force you to configure SSL on the Web site that is hosting the Exchange ActiveSync virtual directory.