Anonymous Connections

You can specify whether LDAP users can connect to Microsoft Exchange Server anonymously. If users can't connect anonymously, they can't access Microsoft Exchange Server without a valid Windows NT user account and authentication by a Windows NT Server.

You can specify which directory attributes authenticated and anonymous users can view when accessing the directory. For example, you may not want to allow anonymous users to view the manager attribute of each user in the directory. Use the Attributes property page on the DS Site Configuration object to set which attributes are visible to anonymous and authenticated users. Anonymous users can view a subset of attributes visible to authenticated users.

Note   In order for an LDAP client to access the directory as an authenticated user, the user must provide valid Windows NT Server credentials in the following format: cn=username, cn=Windows NT domain. For example: cn=awilliams, cn=chicago. The user should also provide a password for the account. Microsoft Exchange Server also supports distinguished name representation of domain names, such as dc=domain, cn=username or cn=username, or dc=domain.

Getting to the Anonymous property page

1. In the Administrator window, choose a site or server, and then choose Protocols.
2. Double-click LDAP (Directory) Site Defaults to configure site LDAP defaults, or LDAP (Directory) Settings to configure a server's LDAP settings.
3. Select the Anonymous tab.

Setting Anonymous Access

Use the Anonymous property page to specify whether LDAP users can connect anonymously to Microsoft Exchange Server.

1. Select the Anonymous tab.
2. Select the Allow anonymous access check box.