Menu

Configure the Exchange server

To configure the Exchange server by authenticating the users on the devices with Exchange ActiveSync, additional settings are required for Certificate Authentication (CA), SSL, and client certificates.

Enabling Certificate Authentication (CA)

Active Directory Client Certificate Authentication must be enabled to configure Certificate Authentication.

To configure Certificate Authentication (CA), complete the following steps:

1. On your desktop, click Start > Run.

2. Type inetmgr, and then click OK to open the Internet Information Services (IIS) Manager.

  • Alternately, on your desktop, you can click Start > Programs or All Programs > Administrative Tools > Internet Information Services (IIS) Manager to open the Internet Information Services (IIS) Manager.

3. In the Connections node, select the name of your web server, and then double-click Authentication in the “IIS” section.

4. Double-click Active Directory Client Certificate Authentication, and then click Enable in the “Actions” window.

Enabling SSL

After enabling Active Directory Client Certificate Authentication, the SSL must be enabled to use Active Directory Client Certificate Authentication.

To enable SSL, complete the following steps:

1. On your desktop, click Start > Run.

2. Type inetmgr, and then click OK to open the Internet Information Services (IIS) Manager.

  • Alternately, on your desktop, you can click Start > Programs or All Programs > Administrative Tools > Internet Information Services (IIS) Manager to open the Internet Information Services (IIS) Manager.

3. In the Connections node, select Microsoft-Server-ActiveSync under Default Web Site, and then double-click SSL Settings in the “IIS” section.

4. Click the checkbox next to Require SSL, and then click Require under Client certificates.

5. Click Apply in the “Actions” window.

Configuring client certificate mapping

Configure client certificate mapping after enabling Certificate Authentication and applying SSL.

To configure client certificate mapping, complete the following steps:

1. On your desktop, click Start > Run.

2. Type inetmgr, and then click OK to open the Internet Information Services (IIS) Manager.

  • Alternately, on your desktop, you can click Start > Programs or All Programs > Administrative Tools > Internet Information Services (IIS) Manager to open the Internet Information Services (IIS) Manager.

3. In the Connections node, select Microsoft-Server-ActiveSync under Default Web Site, and then double-click Configuration Editor in the “IIS” section.

4. From the Section drop-down menu, navigate to system.webServer/security/authentication.

5. Select True in the “enabled” section, and then click Apply in the “Actions” window.