How to Verify ACE/Agent is Configured to Protect the Entire Web Server


Topic Last Modified: 2005-10-13

When deploying RSA SecureID in your organization, you must configure Internet Information Services (IIS) to protect the virtual directories that your users access when they use Exchange ActiveSync. Microsoft® Exchange Server 2003 uses the \Microsoft-Server-ActiveSync virtual directory.

This procedure shows you how to verify that the ACE/Agent is configured to protect the entire Web server. By default, the ACE/Agent is configured to protect the entire Web server.

This procedure is only one of a series of steps that you must perform when deploying RSA SecurID two-factor authentication. Before performing the steps in this procedure, see "How to Use RSA SecurID with Exchange ActiveSync" in the Exchange Server 2003 Client Access Guide.

If you do not want to protect the entire Web server with RSA SecurID, you configure the RSA ACE/Agent so that SecurID protects only Exchange ActiveSync. You may want to do this if you intend to enable additional services, such as Outlook Web Access and Outlook Mobile Access, on the same server without protecting those services with SecurID. For detailed steps for how to limit RSA SecurID authentication to Exchange ActiveSync, see How to Limit SecurID Authentication to the Microsoft-Exchange-ActiveSync Virtual Directory.

  1. In the Internet Information Services snap-in for MMC, right-click the default Web server and select Properties.

  2. Click the RSA SecurID tab, and verify that the Protect This Resource check box is selected.

For an overview of RSA SecureID, see "Configuring Exchange ActiveSync to Use RSA SecureID" in "Configuring Mobile Device Support" in the Exchange Server 2003 Client Access Guide.


Community Additions