locked
Communicator 2007 R2 and EWS published by UAG RRS feed

  • Question

  • Hi all.

    We recently moved from Exchange 2007 published with ISA 2006 to Exchange 2010 published with UAG. Since the move we're getting authentication prompts from Communicator 2007 R2 when it tries to access EWS. My research suggests this is happening because Communicator is hard coded for NTLM. http://blogs.msdn.com/scottos/archive/2008/10/16/why-is-communicator-prompting-me-for-credentials.aspx

    I solved this before in ISA server by not having it pre-authenticate and changing the order of the authentication provider on the Exchange 2007 server. Is it possible to change this order in UAG?

    Regards,

    Nóri

     

    Monday, April 26, 2010 10:45 AM

Answers

  • I'm afraid this is not possible with UAG.
    Ben Ari
    Microsoft CSS IAG Support
    Sammamish, WA
    • Marked as answer by Erez Benari Wednesday, May 12, 2010 7:03 PM
    Wednesday, May 12, 2010 7:03 PM

All replies

  • I have actually seem this with ISA too; the solution involved forcing NTLM on the external listener, but not sure for UAG yet... 

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    • Proposed as answer by Erez Benari Tuesday, April 27, 2010 11:40 PM
    • Unproposed as answer by Nóri Tuesday, April 27, 2010 11:43 PM
    Monday, April 26, 2010 12:58 PM
  • I'm afraid this is not possible with UAG.
    Ben Ari
    Microsoft CSS IAG Support
    Sammamish, WA
    • Marked as answer by Erez Benari Wednesday, May 12, 2010 7:03 PM
    Wednesday, May 12, 2010 7:03 PM
  • I have to say I find it odd that EWS can't be published with UAG in a way that works with Communicator. I can also say that Exchange publishing is nowhere nearly as easy as hyped by Microsoft. The UI is quite bad and the documentation is lacking. I know I'll be switching this publishing back to TMG when I've upgraded from ISA. For example, logging in ISA/TMG is so much better than in UAG and allows you to troubleshoot issues much more easily.

    I eventually just made all the non-OWA/ActiveSync traffic go through the DirectAccess tunnel. DirectAccess is probably the only feature I'll use in UAG. It's absolutely brilliant.

    Kveðja,

    Nóri

    Friday, May 21, 2010 3:39 PM