Hi everyone,

I need to install a third part tool, that requires to add NTLM authentication (for now, I have only "Negotiate") to RPC Authentications method in IIS Exchange Server 2013.

I'm concerned about security issue that this operation can brought with, or other issues about authentication with Outlook Anywhere or any other task with outlook.

The cmdlet is this one:

 Set-OutlookAnywhere -Identity:"<name-of-your-server>\Rpc (Default Web Site)" IISAuthenticationMethods: Negotiate, ntlm

Can anyone give me some infos about this topic? Someone have already experienced security issues with a scenario like this?

Thanks

The -IISAuthenticationMethods parameter does not support Negotiate anyway. You can only use Basic or NTLM.

https://technet.microsoft.com/en-us/library/bb123545(v=exchg.150).aspx

• Edited by Li Zhen 17 hours 18 minutes ago

Sorry, but in the configuration guide of the tool it seems to be possible: http://www.codetwo.com/kb/setting-up-the-iis-for-exchange-sync/

It is possible that is a wrong configuration guide? The SwHouse is quite popular and well reviewed...

The -IISAuthenticationMethods parameter does not support Negotiate anyway. You can only use Basic or NTLM.

https://technet.microsoft.com/en-us/library/bb123545(v=exchg.150).aspx

• Edited by Li Zhen Wednesday, July 15, 2015 2:09 PM

Hi,

It is ok to enable NTLM and Negotiate for IISAuthenticationMethods for Exchange 2013. Please run the command your posted in EMS. Also remember to restart IIS service by running IISReset from a command prompt window to apply the changes.

Regards,

Hi Liang,

thank you for your reply. I'm relieved that enabling NTLM will not bring issues about functionalities in Exchange 2013.

About security? Will it be more exposed to attack from outside or something about I have to be concerned of?