Authentication

Use the Authentication property page to specify methods of authentication that IMAP4 clients use when connecting to Microsoft Exchange Server. Authentication is the process the IMAP4 server uses to determine whether to grant the user permission to connect to the system. By default, Microsoft Exchange Server allows an IMAP4 client to connect using any of the supported authentication methods.

One method of authentication that you can specify is Secure Sockets Layer (SSL) encryption. SSL encrypts all data sent between clients and servers. To use SSL, Microsoft Internet Information Server (IIS) must be installed on the Microsoft Exchange Server computer before Microsoft Exchange Server is installed, and the Microsoft Exchange Server service account must be granted Administrator permissions for the local computer. In addition, you must complete the following procedure.

1. In IIS Key Manager, choose the IMAP4 icon.
2. Create a key request by choosing Create New Key from the Key menu and typing the required information.
3. Obtain a certificate from a Certificate Authority.
4. Under IMAP4, select the key request, and then choose Install Key Certificate from the Key menu.
5. Select the default server connection, or enter the server's Internet protocol (IP) address to bind the key to any inbound connection.
6. From the Servers menu, choose Commit Changes Now, and then choose OK to commit all the changes.

For more information about setting up SSL, see your IIS documentation.

Getting to the Authentication property page

1. In the Administrator window, choose a site or server, and then choose Protocols.
2. Double-click IMAP4 (Mail) Site Defaults to configure site IMAP4 defaults, or IMAP4 (Mail) Settings to configure a server's IMAP4 settings.
3. Select the Authentication tab.

Setting Authentication Methods

Use the Authentication property page to specify the authentication method an IMAP4 client uses to access information on the Microsoft Exchange Server computer. In order for an IMAP4 client to log on to the Microsoft Exchange Server computer, one of the authentication methods that the client supports must be enabled on the server. Check with your client's vendor if you are unsure of which authentication methods are available.

1. Select the Authentication tab.
2. In the Authentication box, select an authentication type.

Option	Description
Basic (Clear Text)	Enable authentication through an unencrypted user name and password. Most IMAP4 clients support this method.
Basic (Clear Text) using SSL	Use SSL protocol to encrypt clear text on port 993.
Windows NT Challenge/Response	Enable authentication through Windows NT network security and an encrypted password. This method is supported by Microsoft Outlook Express.
Windows NT Challenge/Response using SSL	Enable authentication using Windows NT network security to occur through an SSL-encrypted channel on port 993.
MCIS Membership System	Enable authentication using Windows NT network security to occur through the Microsoft Commercial Internet Server (MCIS) Membership System.

Note   With Windows NT Challenge/Response and Outlook Express, it is not possible to specify the name of the Microsoft Exchange Server mailbox you want to access. By default, Microsoft Exchange Server attempts to access the mailbox with the same name as the Windows NT user account that the user is logged on as. For example, if you are logged on as Domain\Suzanf, with Windows NT Challenge/Response enabled, Microsoft Exchange Server attempts to access the mailbox called Suzanf.