Personalization Page Only Supports Basic Authentication (298049)


The information in this article applies to:

  • Microsoft Mobile Information 2001 Server
This article was previously published under Q298049

SUMMARY

The user personalization page that you can use to configure the Outlook Mobile Access push and browse functionality only supports basic authentication.

This behavior is due to the fact that is makes direct changes to your user object in Active Directory and that requires Delegate access, which only works with basic authentication.

This could be a potential security problem because the user name and password are sent in clear text over your network during basic authentication.

To avoid this problem, you can enable Secure Sockets Layer (SSL) on the airweb virtual root on the Exchange 2000 or Exchange Event Source server to encrypt the session. For additional information about how to enable SSL, click the article number below to view the article in the Microsoft Knowledge Base:

299525 HOWTO: Set Up SSL Using IIS 5.0 and Certificate Server 2.0

However, do not enable SSL on the MMISNotify Virtual Root. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

297983 Push Notification Does Not Succeed with 403 Errors in IIS

MORE INFORMATION

For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

281573 Personalizing Page Uses Basic Authentication Instead of NTLM

283201 HOWTO: Use Delegation in Windows 2000 with COM+

Modification Type:MinorLast Reviewed:4/25/2005
Keywords:kbinfo KB298049
©2004 Microsoft Corporation. All rights reserved.