How to Limit SecurID Authentication to the Microsoft-Exchange-ActiveSync Virtual Directory
Topic Last Modified: 2005-10-13
By default, the ACE/Agent is configured to protect the entire Web server. When deploying RSA SecurID in your organization, you can configure the front-end server so that RSA SecurID authentication is limited to Exchange ActiveSync.
This procedure is only one of a series of steps that you can perform when deploying RSA SecurID two-factor authentication. Before performing the steps in this procedure, see "How to Use RSA SecurID with Exchange ActiveSync" in the Exchange Server 2003 Client Access Guide.
To disable server-wide protection, in the Internet Information Services (IIS) snap-in, right-click the default Web server, and then click Properties.
Click the RSA SecurID tab, and then clear the Protect This Resource check box. (This step ensures that RSA SecurID is not enabled for the entire server, but rather only for the virtual roots that you specify.)
To enable protection for the virtual directories, in the IIS snap-in, right-click the Microsoft-Server-ActiveSync virtual directory, and then click Properties.
Select the RSA SecurID tab, and then select the Protect This Resource check box.
Note: If the check box is selected and shaded, this means that the virtual directory is inheriting its setting from the parent directory. Inspect the properties for the parent directory, and clear the Protect This Resource check box if you do not want the parent directory to be protected. Then, return to the child directory and make sure the check box is selected.