Authentication

Operations	<<	>>

Authentication

Use the Authentication property page to specify methods of authentication that LDAP clients use when connecting to Microsoft Exchange Server. Authentication is the process the LDAP server uses to determine whether to grant the user permission to connect to the system. By default, Microsoft Exchange Server allows an LDAP client to connect using any of the listed authentication methods.

One method of authentication that you can specify is Secure Sockets Layer (SSL) encryption. SSL encrypts all data sent between clients and servers. To use SSL, Microsoft Internet Information Server (IIS) must be installed on the Microsoft Exchange Server computer before Microsoft Exchange Server is installed, and the Microsoft Exchange Server service account must be granted Administrator permissions for the local computer. In addition, you must complete the following procedure.

In the Internet Information Server Key Manager, select the LDAP protocol icon.
Create a key request by choosing Create New Key from the Key menu and typing the required information.
Obtain a certificate from a Certificate Authority.
Select the key request under the LDAP protocol, and choose Install Key Certificate from the Key menu.
Select the default server connection, or enter the server's IP address to bind the key to any inbound connection.
From the Servers menu, choose Commit Changes Now, and choose OK to commit all the changes.

Getting to the Authentication property page

In the Administrator window, choose a site or server, and then choose Protocols.
Double-click LDAP (Directory) Site Defaults to configure site LDAP defaults, or LDAP (Directory) Settings to configure a server's LDAP settings.
Select the Authentication tab.

Setting Authentication Methods

Use the Authentication property page to specify the authentication method an LDAP client uses to access information on the Microsoft Exchange Server computer. In order for an LDAP client to log on to the Microsoft Exchange Server computer, one of the authentication methods that the client supports must be enabled on the server. Check with your client's vendor if you are unsure which authentication methods are available.

To use SSL encryption, IIS must be installed on the Microsoft Exchange Server computer.

Select the Authentication tab.
In the Authentication box, select an authentication type.

Option Description

Basic (Clear Text) Enable authentication through an unencrypted user name and password.

Basic (Clear Text) using SSL Enable authentication and all client/server communication to occur through an SSL-encrypted channel on port 636. SSL is a protocol that provides secure data communication using data encryption and decryption.

Windows NT Challenge/Response Enable authentication through Windows NT network security and an encrypted password.

Windows NT Challenge/Response using SSL Enable authentication using Windows NT network security to occur through an SSL-encrypted channel.

MCIS Membership System Enable authentication using Windows NT network security to occur through the Microsoft Commercial Internet Server (MCIS) Membership System.

Option	Description
Basic (Clear Text)	Enable authentication through an unencrypted user name and password.
Basic (Clear Text) using SSL	Enable authentication and all client/server communication to occur through an SSL-encrypted channel on port 636. SSL is a protocol that provides secure data communication using data encryption and decryption.
Windows NT Challenge/Response	Enable authentication through Windows NT network security and an encrypted password.
Windows NT Challenge/Response using SSL	Enable authentication using Windows NT network security to occur through an SSL-encrypted channel.
MCIS Membership System	Enable authentication using Windows NT network security to occur through the Microsoft Commercial Internet Server (MCIS) Membership System.