Strict Standards: Non-static method Settings::setHostName() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\AutoConfig.php on line 20

Strict Standards: Non-static method Settings::addHostAlias() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\AutoConfig.php on line 22

Strict Standards: Non-static method Settings::setSiteRoot() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\AutoConfig.php on line 28

Strict Standards: Non-static method Settings::setDsn() should not be called statically in C:\website\www.networksteve.com\exchange\_site\Config.php on line 16

Strict Standards: Non-static method Settings::setTitle() should not be called statically in C:\website\www.networksteve.com\exchange\_site\Config.php on line 19

Strict Standards: Non-static method Settings::setDescription() should not be called statically in C:\website\www.networksteve.com\exchange\_site\Config.php on line 20

Strict Standards: Non-static method Settings::setSiteRoot() should not be called statically in C:\website\www.networksteve.com\exchange\_site\Config.php on line 24

Strict Standards: Non-static method Settings::setShowDeleted() should not be called statically in C:\website\www.networksteve.com\exchange\_site\Config.php on line 31

Strict Standards: Non-static method Settings::setRecentTopicsDuration() should not be called statically in C:\website\www.networksteve.com\exchange\_site\Config.php on line 36

Strict Standards: Non-static method Settings::test() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Init.php on line 28

Strict Standards: Non-static method Skin::test() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Init.php on line 29

Strict Standards: Non-static method Settings::getSkin() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Skin.php on line 102

Strict Standards: Non-static method Settings::getSiteRoot() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Init.php on line 32

Strict Standards: Non-static method Settings::getDsn() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Init.php on line 35

Strict Standards: Non-static method Form::field() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Init.php on line 39

Strict Standards: Non-static method Form::fieldExists() should not be called statically, assuming $this from incompatible context in C:\website\www.networksteve.com\exchange\_lib\Entity\User.php on line 92

Strict Standards: Non-static method Form::fieldExists() should not be called statically in C:\website\www.networksteve.com\exchange\topic.php on line 15

Strict Standards: Non-static method Form::field() should not be called statically in C:\website\www.networksteve.com\exchange\topic.php on line 17

Strict Standards: Non-static method Settings::getShowDeleted() should not be called statically, assuming $this from incompatible context in C:\website\www.networksteve.com\exchange\_lib\Entity\Topic.php on line 138

Strict Standards: Non-static method Entity_Post::queryPosts() should not be called statically in C:\website\www.networksteve.com\exchange\topic.php on line 21

Strict Standards: Non-static method Settings::getShowDeleted() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Entity\Post.php on line 111

Strict Standards: Non-static method Skin::showHeader() should not be called statically in C:\website\www.networksteve.com\exchange\topic.php on line 23

Strict Standards: Non-static method Skin::includeFile() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Skin.php on line 46

Strict Standards: Non-static method Settings::getSkin() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Skin.php on line 91
Does Outlook Anywhere Support Kerberos RPC Auth? (Network Steve Forum)
Does Outlook Anywhere Support Kerberos RPC Auth?
I have a simple lab setup in which my requirement is to get Outlook Anywhere traffic using Kerberos authentication for the RPC auth. HTTP (proxy) auth level can be either Basic or NTLM, doesn't matter. I'm trying to figure out if this deployment is even possible, as it doesn't appear to be from my testing. Regardless of my Proxy Auth settings (Basic or NTLM) or my RPC Auth settings (Kerberos, Negotiate), I'm ALWAYS seeing NTLM Authentication used for RPC. If I just use standard TCP rather than HTTP, Kerberos works fine. So Kerberos is at least possible. I see LDAP traffic, and even some requests to get krbtgt tickets, which implies it should be possible at least for an internal client like mine. This technet blog implies that OA doesn't do Kerberos ever: http://blogs.technet.com/b/exchange/archive/2011/04/15/recommendation-enabling-kerberos-authentication-for-mapi-clients.aspx But if you try to enable it, Outlook comes up with this message (which implies that you can inside a firewall, I have no firewall): “Kerberos has been specified as the protocol for network authentication. When connection to your Microsoft Exchange mailbox using HTTP, Kerberos authentication can only be used if you are connecting inside a firewall. If you connect from outside a firewall, NTLM authentication will be used.” Can Outlook Anywhere do Kerberos RPC Auth and if it can, what is required to get it working? It seems many people on here have had problems with this giving multiple password prompt and they just changed the setting to use NTLM RPC Auth instead of Kerberos. This isn't acceptable for me as my requirement is using Kerberos for RPC. Thanks for any help.
May 23rd, 2011 10:11pm

The answer is YES, But read the article before you opt for it. http://technet.microsoft.com/en-us/library/bb331973.aspx http://blogs.technet.com/b/exchange/archive/2011/04/15/recommendation-enabling-kerberos-authentication-for-mapi-clients.aspx Cheers, Gulab | MCTS-MCITP Messaging: 2010 | MCTS-MCITP Messaging: 2007 | MCC 2011 | Skype: Gulab.Mallah | Blog: www.ExchangeRanger.blogspot.com
Free Windows Admin Tool Kit Click here and download it now
May 24th, 2011 10:18am

Hey Gulab, Thanks for the response, but I don't see what in those articles indicates it's possible to use Kerberos Auth for the RPC channel of RPC-over-HTTP. The first article addresses the HTTP auth level of RPC-over-HTTP (Basic, NTLM), but not the RPC auth. The blog indicates no, but is not diffinitive. Again, I'm not concerned with the HTTP auth, just the RPC auth. Thanks, Lee
June 7th, 2011 4:23pm

Check this article by Henrik, its so amazing and awesome, you should read it http://www.msexchange.org/articles_tutorials/exchange-server-2010/management-administration/enabling-kerberos-authentication-mapi-clients-connecting-exchange-2010-sp1.html Gulab | MCITP: Exchange 2010-2007 | Skype: Gulab.Mallah | Blog: www.ExchangeRanger.blogspot.com
Free Windows Admin Tool Kit Click here and download it now
June 7th, 2011 5:04pm


Strict Standards: Non-static method Settings::getRecentTopicsLimit() should not be called statically, assuming $this from incompatible context in C:\website\www.networksteve.com\exchange\_lib\Entity\Topic.php on line 120

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics

Strict Standards: Non-static method Skin::showFooter() should not be called statically in C:\website\www.networksteve.com\exchange\topic.php on line 121

Strict Standards: Non-static method Skin::includeFile() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Skin.php on line 56

Strict Standards: Non-static method Settings::getSkin() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Skin.php on line 91