Client protocol management

Applies to: Exchange Server 2013

Management of the client protocols of Exchange ActiveSync, Outlook Web App, POP3, IMAP4, the Autodiscover service, Exchange Web Services, and the Availability service occurs in three different areas: the Exchange admin center (EAC), the Exchange Management Shell, and Internet Information Services (IIS) Manager. The settings that are managed in each location vary per client protocol.

Managing Outlook Web App settings

Most of the settings that affect which Outlook Web App features are available to users can be set on the Outlook Web App virtual directory or can be configured in an Outlook Web App mailbox policy. By using Outlook Web App mailbox policies, you can define the features available to individual users. Mailbox policy settings override virtual directory settings. For more information on managing Outlook Web App, see Outlook Web App.

Managing Exchange ActiveSync settings

In Exchange 2010, all client access protocols were implemented and managed on a single server role, the Client Access server role. Management of the protocols was performed on a single instance of IIS, there was a single virtual directory object in Active Directory for each client protocol, and a single set of cmdlets were used to configure the virtual directory.

In Exchange 2013, the client protocol management for Exchange ActiveSync is split between the Client Access server and the Mailbox server. Because of this architecture change, you can run different virtual directory management tasks on both the Client Access server and the Mailbox server. If these two servers aren't installed on the same physical computer, the parameters that you use with the virtual directory cmdlets will change based on the server role on which you are running them.

For more information about the architecture changes in Exchange 2013, see What's new in Exchange 2013.

There are two types of settings that can be applied to the Exchange ActiveSync virtual directory:

  • Settings applicable to the mailbox session

  • Settings applicable to the server and the virtual directory

The settings that are applicable to the mailbox session are user session settings. When a user connects to a Client Access server, the connection is proxied to the Mailbox server that contains the user's mailbox. A unique identifier of the virtual directory is included with the proxied request. The Mailbox server then retrieves the virtual directory settings from Active Directory and applies them to the session. The virtual directory settings are cached on the Mailbox server to improve performance.

If the connection is proxied to a different Active Directory site, the virtual directory settings will be loaded from the Client Access server in the same site as the Mailbox server, not from the Client Access server where the connection originated.

The following tables indicate which virtual directory settings can be managed on which servers. If you try to manage a particular setting on a server for which it isn't applicable, you will receive an error message indicating that the property you are trying to set is read-only for the server that you are operating on.

Exchange ActiveSync virtual directory settings on Client Access servers:

Setting Server
BadItemReportingEnabled Client Access
BasicAuthEnabled Client Access
ClientCertAuth Client Access
CompressionEnabled Client Access
ExternalAuthenticationMethods Client Access
ExternalURL Client Access
InternalAuthenticationMethods Client Access
InternalURL Client Access
MobileClientCertificateAuthorityURL Client Access
MobileClientCertificateProvisioningEnabled Client Access
MobileClientCertTemplateName Client Access
RemoteDocumentsActionForUnknownServers Client Access
RemoteDocumentsAllowedServers Client Access
RemoteDocumentsBlockedServers Client Access
RemoteDocumentsInternalDomainSuffixList Client Access
SendWatsonReport Client Access

Exchange ActiveSync virtual directory settings on Client Access and Mailbox servers:

Setting Server
ApplicationRoot Client Access and Mailbox
AppPoolID Client Access and Mailbox
MetabasePath Client Access and Mailbox
Name Client Access and Mailbox
Path Client Access and Mailbox
ProxySubVdir Client Access and Mailbox
VirtualDirectoryName Client Access and Mailbox
WebsiteName Client Access and Mailbox

Managing POP3 and IMAP4 settings

In Exchange 2013, the implementation of the POP3 and IMAP4 protocols has also been segmented between the Client Access and Mailbox server roles. Due to the new implementation, POP3 and IMAP4 connectivity are each managed by a service on the Client Access server, as well as by a service on the Mailbox server. The names of the services that run on the Client Access server are the same as the names that existed in Exchange 2010: Microsoft Exchange IMAP4 service and Microsoft Exchange POP3 service. The names of the two new services that run on the Mailbox server are the Microsoft Exchange IMAP4 Backend service and the Microsoft Exchange POP3 Backend service.

Consider the following as you manage POP3 and IMAP4 connectivity in your organization:

  • If you are running the Client Access server role and the Mailbox server role on the same computer, any changes you make to POP3 or IMAP4 settings are automatically applied to the correct POP3 and IMAP4 services.

  • If you are running the Client Access server role and the Mailbox server role on separate computers, you need to manage the settings on the computer that manages the setting you want to change.

Use the following tables indicate which POP/IMAP settings are each server role.

POP3 and IMAP4 settings on Client Access server:

Setting Server
AuthenticatedConnectionTimeout Client Access
Banner Client Access
ExternalConnectionSettings Client Access
InternalConnectionSettings Client Access
MaxCommandSize Client Access
MaxConnectionFromSingleIP Client Access
MaxConnections Client Access
MaxConnectionsPerUser Client Access
PreAuthenticatedConnectionTimeout Client Access
UnencryptedOrTLSBindings Client Access

POP3 and IMAP4 settings on Mailbox server:

Setting Server
CalendarItemRetrivalOption Mailbox
EnableExactRFC822Size Mailbox
MessageRetrievalSortOrder Mailbox
OWAServerURL Mailbox
ProxyTargetPort Mailbox
ShowHiddenFoldersEnabled Mailbox
SuppressReadReceipt Mailbox

POP3 and IMAP4 settings on Client Access and Mailbox servers:

Setting Server
X509CertificateName Client Access and Mailbox
EnforceCertificateErrors Client Access and Mailbox
LogFileLocation Client Access and Mailbox
LogFileRolloverSettings Client Access and Mailbox
LoginType Client Access and Mailbox
LogPerFileSizeQuota Client Access and Mailbox
ProotocolLogEnabled Client Access and Mailbox
Server Client Access and Mailbox
X509CertificateName Client Access and Mailbox