Anonymous Authentication Enabled for Virtual Directory
Topic Last Modified: 2009-08-18
The Microsoft Exchange Analyzer tool sends an anonymous HTTP request from the remote server to the URL being tested. If the request succeeds but anonymous access should not be allowed on this virtual directory, then the Exchange Remote Connectivity Analyzer tool displays the following error message.
"Anonymous authentication enabled for virtual directory."
Outlook Web Access, Exchange ActiveSync, Outlook Anywhere or RPC over HTTPS, Autodiscover and other Exchange Web Services including the Availability Service and Web-distributed Offline Address Books require specific authentication methods. If Anonymous access is allowed in lieu of, or in addition to, other required authentication methods, then your server isn't as secure from a security perspective and unexpected results can occur.
To resolve this issue, review the following documentation and confirm that the virtual directories on your Exchange server have the proper authentication methods enabled for each application or service.
To see a list of the default authentication methods for Exchange Server 2007 applications and services, see Default settings for Exchange-related virtual directories in Exchange Server 2007.
For information about the supported authentication methods available for managing Exchange applications hosted on an Exchange 2007 Client Access Server, see the following documentation on TechNet: Managing Client Access Security.
For more information about configuring authentication specific to Exchange 2007 Outlook Anywhere, see How to Configure Authentication for Outlook Anywhere.
For information about configuring authentication for Web applications on Exchange Server 2003 and Exchange 2000 Server, see Front-End and Back-End Server Topology Guide for Microsoft Exchange Server 2003 and Exchange 2000 Server.
The Exchange Remote Connectivity Analyzer is a new tool with limited documentation at this time. In an effort to improve the documentation for each of the errors you might receive, we would like to solicit additional information from the community. Please use the Community Content section below to post additional reasons why you failed at this point. If you need technical assistance, please create a post in the appropriate Exchange TechNet forum or contact support.