Q. How can I enable forms-based authentication for an Exchange Server 2003 server that hosts Microsoft Outlook Web Access (OWA)?

A. After you enable Secure Sockets Layer (SSL) on a Microsoft Internet Information Services 5.0 (IIS) server (as I described in the FAQ "How can I obtain a certificate so that I can enable Secure Sockets Layer (SSL) on my Microsoft Internet Information Services 5.0 (IIS) server?"), you can enable forms-based authentication on the server by performing these steps:

  1. Start the Exchange System Manager (ESM) utility (click Start, Programs, Microsoft Exchange, System Manager).
  2. Navigate to the OWA server (Administrator Groups, &ltAdministrative group name&gt, Servers, &ltServer name&gt).
  3. Expand Protocols and expand HTTP.
  4. Right-click the HTTP virtual server and click Properties.
  5. Click the Settings tab of the displayed dialog box.
  6. Select the "Enable Forms Based Authentication" check box and click OK.

If you want to stop non-SSL connections to your Exchange server, you can modify the Exchange virtual directory through the Microsoft Management Console (MMC) IIS snap-in as follows:

  1. Access the Exchange virtual directory's Properties page.
  2. Click the Directory Security tab.
  3. Click Edit, and in the Secure Communication section, select the "Require secure channel (SSL)" check box.
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.