Export (0) Print
Expand All

Default Authentication Settings for Exchange-related Virtual Directories

 

Topic Last Modified: 2010-09-20

The installation of Microsoft Exchange Server 2007 automatically configures several Internet Information Services (IIS) virtual directories, as appropriate for the particular Exchange role or roles that are installed.

This topic discusses the default settings for the Exchange-related virtual directories. Specifically, this topic contains information about the default authentication settings and about the default SSL settings.

The following table lists the default settings on a stand-alone Exchange 2007 CAS server.

Default CAS server IIS authentication and SSL settings

Virtual directory Authentication method SSL settings Additional comments

Default Web Site

  • Anonymous authentication

  • SSL required

  • Require 128-bit encryption

The Enable HTTP Keep-Alives option should be enabled. This option is on the Web Site tab.

aspnet_client

  • Anonymous authentication

  • SSL required

  • Require 128-bit encryption

 

Autodiscover

  • Basic authentication

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Shell.

EWS

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

 

owa

  • Basic authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console.

Exchange

  • Basic authentication

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console.

Public

  • Basic authentication

  • Windows authentication

  • Not required

Authentication management should be performed by using the Exchange Management Console.

Exchweb

  • Basic authentication

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console.

OAB

  • Windows authentication

Not required

Authentication management should be performed by using the Exchange Management Console or the Exchange Management Shell.

UnifiedMessaging

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

 

Microsoft-Server-ActiveSync

  • Basic authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console or the Exchange Management Shell.

Rpc

  • Basic authentication

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

Outlook Anywhere requires this component. Authentication management should be performed by using the Exchange Management Shell.

RpcWithCert

By default, all authentication methods are disabled

SSL required

Authentication management should be performed by using the Exchange Management Shell.

The following table lists the default settings on a stand-alone Exchange 2007 Mailbox server.

Default Mailbox server IIS authentication and SSL settings

Virtual directory Authentication method SSL settings Additional comments

Default Web Site

Anonymous

Not required

 

Exadmin

  • Basic authentication

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

 

Exchange

  • Basic authentication

  • Windows authentication

Not required

Authentication management should be performed by using the Exchange Management Console or the Exchange Management Shell.

Public

  • Basic authentication

  • Windows authentication

Not required

Authentication management should be performed by using the Exchange Management Console or the Exchange Management Shell.

The following table lists the default Exchange 2007 IIS settings on a Windows SBS 2008-based server.

Default Exchange-related IIS authentication and SSL settings.

Virtual directory Authentication method SSL settings Additional comments

Default Web Site

  • Anonymous authentication

Not required

 

aspnet_client

  • Anonymous authentication

Not required

 

Autodiscover

  • Basic authentication

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Shell.

EWS

  • Basic authentication

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

 

Exadmin

  • Basic authentication

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

 

Exchange

  • Basic authentication

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console.

Exchweb

  • Basic authentication

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console.

Microsoft-Server-ActiveSync

  • Basic authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console or Exchange Management Shell.

OAB

  • Basic authentication

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console or the Exchange Management Shell.

owa

  • Basic authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console.

Public

  • Basic authentication

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console.

Rpc

  • Basic authentication

  • Windows authentication

Not required

Outlook Anywhere requires this component. Authentication management should be performed by using the Exchange Management Shell.

RpcWithCert

By default, all authentication methods are disabled

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Shell.

UnifiedMessaging

  • Windows authentication

  • SSL required

  • Require 128-bit encryption

 

The following table lists the default settings on a stand-alone Exchange 2007 CAS server.

Default CAS server IIS authentication and SSL settings

Virtual directory Authentication method SSL settings Additional comments

Default Web Site

Anonymous authentication

  • SSL required

  • Require 128-bit encryption

The Enable HTTP Keep-Alives option should be enabled. This option is on the Web Site tab.

aspnet_client

Anonymous authentication

  • SSL required

  • Require 128-bit encryption

 

Autodiscover

  • Anonymous authentication

  • Integrated Windows authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Shell.

EWS

Integrated Windows authentication

  • SSL required

  • Require 128-bit encryption

 

owa

Basic authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console.

Exchange

  • Basic authentication

  • Integrated Windows authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console.

Public

  • Basic authentication

  • Integrated Windows authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console.

Exchweb

  • Basic authentication

  • Integrated Windows authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console.

OAB

  • Integrated Windows authentication

Not required

Authentication management should be performed by using the Exchange Management Console or Exchange Management Shell.

UnifiedMessaging

  • Integrated Windows authentication

  • SSL required

  • Require 128-bit encryption

 

Microsoft-Server-ActiveSync

  • Basic authentication

  • SSL required

  • Require 128-bit encryption

Authentication management should be performed by using the Exchange Management Console or the Exchange Management Shell.

The following table lists the default settings on a stand-alone Exchange 2007 Mailbox server.

Default Mailbox server IIS authentication and SSL settings

Virtual directory Authentication method SSL settings Additional comments

Default Web Site

Anonymous

Not required

 

Exadmin

  • Basic authentication

  • Integrated Windows authentication

  • SSL required

  • Require 128-bit encryption

 

Exchange

  • Basic authentication

  • Integrated Windows authentication

Not required

Authentication management should be performed by using the Exchange Management Console or the Exchange Management Shell.

Public

  • Basic authentication

  • Integrated Windows authentication

Not required

Authentication management should be performed by using the Exchange Management Console or Exchange Management Shell.

For more information about how to reinstall IIS on a computer that is running Exchange 2007, see Microsoft Knowledge Base article 320202, How to remove and to reinstall IIS on a computer that is running Exchange Server.

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft