none
TMG 2010 RSA Authentication on OWA and Basic Authentification on Active Sync

    Question

  • Hi all,

    I want to publish OWA 2010 over TMG 2010 with RSA Authentification. And the Activesync schould have Basic Authentification. Can we do this over the same URL/Listner (e.g. owa.company.com)?

    Regards Andres


    -- MCSE 2003 MCSA 2003 Messaging MCITP: Enterprise Administrator MCTS: Windows Server 2008 MCTS: Exchange Server 2007 Configuration MCTS: Microsoft SQL Server 2005 VCP - VMWare Certified Professional
    Wednesday, December 15, 2010 4:02 PM

Answers

All replies

  • Hi,

    no these two authentication methods are mutually excluded. You have to use two Listener


    regards Marc Grote aka Jens Baier - www.it-training-grote.de - www.forefront-tmg.de - www.nt-faq.de
    Wednesday, December 15, 2010 4:48 PM
  • Okay - thank's for the reply!

    Regards Andres


    -- MCSE 2003 MCSA 2003 Messaging MCITP: Enterprise Administrator MCTS: Windows Server 2008 MCTS: Exchange Server 2007 Configuration MCTS: Microsoft SQL Server 2005 VCP - VMWare Certified Professional
    Wednesday, December 15, 2010 11:13 PM
  • So what is the work around or solution for this? I'm having the same issue of publishing ActiveSync but without RSA auth.
    Monday, April 11, 2011 5:44 AM
  • Hi NetRage,

    The Solution is to have two Listners with diffrent urls.

    • owa.domain.tld (listner with RSA Authentifiaction)
    • eas.domain.tld (listner with Basic Authentification)

    Regards Andres


    -- MCSE 2003 MCSA 2003 Messaging MCITP: Enterprise Administrator MCTS: Windows Server 2008 MCTS: Exchange Server 2007 Configuration MCTS: Microsoft SQL Server 2005 VCP - VMWare Certified Professional
    Monday, April 11, 2011 6:40 PM
  • You could also have two listeners, share the same URL and just differentiate OWA/EAS using differenet paths statements ;)

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Wednesday, April 13, 2011 12:41 PM
  • So what is the work around or solution for this? I'm having the same issue of publishing ActiveSync but without RSA auth.


    If you are not using RSA SecurID, both OWA and ActiveSync can share the same listener (URL too). The listener will use FBA for OWA and then fallback to basic for ActiveSync...

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Wednesday, April 13, 2011 12:42 PM