Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Numberedheadings

Overview

Modern versions of Microsoft Exchange are generally compatible with Moonshot. Since Exchange is integrated with the Windows SSPI, then it requires the Moonshot SSP in order to take advantage of a Moonshot-enabled environment.

Compatibility

Key

In the tables below, the following icons have the following meanings:

  •  - This version of the software has been tested and verified as supporting Moonshot.
  •  - This version of the software has been tested and verified as not supporting Moonshot.
  •  - This version of the software has not yet been tested thoroughly and its status is not known. Let us know if you have tried it and whether it worked or not!

Compatibility List

Note that accessing supported versions of this software requires a Moonshot-compatible client - see the next section for details on which clients are supported.

Any versions not listed below have not yet been tested. If you do so, please let us know!

VersionCompatible?Notes
Microsoft Exchange Server 2013When running on a supported Windows platform
Microsoft Exchange Server 2010When running on a supported Windows platform 
Microsoft Exchange Server 2007When running on a supported Windows platform 
Microsoft Exchange Server 2003Can only be installed on Windows platforms that are not supported by the Moonshot Windows SSP.
Microsoft Exchange 2000 ServerCan only be installed on Windows platforms that are not supported by the Moonshot Windows SSP.
Microsoft Exchange Server 5.5Can only be installed on Windows platforms that are not supported by the Moonshot Windows SSP.
Microsoft Exchange Server 5.0Can only be installed on Windows platforms that are not supported by the Moonshot Windows SSP.
Microsoft Exchange Server 4.0Can only be installed on Windows platforms that are not supported by the Moonshot Windows SSP.
Microsoft Exchange Server 1.0Can only be installed on Windows platforms that are not supported by the Moonshot Windows SSP.

Installation Instructions

This software does not require any special installation instructions - install it as you normally would.

Configuration Instructions

Configure Moonshot

Due to a bug in Microsoft Exchange, all versions currently require you to set the "Use Kerberos RPC ID" configuration option on the Moonshot SSP (see the page for instructions on how to enable this). This tells the SSP to "pretend" to be Kerberos instead of GSS-EAP.

Configure Microsoft Exchange

No specific configuration is necessary within Microsoft Exchange itself, other than how you map external users to Exchange mailboxes; see below.

Client Compatibility

The following clients are known to work with this server software using Moonshot authentication (click on the link to see further information about enabling Moonshot in that client):

Next Steps

Once you have installed the software, what happens next?

Account Mapping

Read our General account mapping advice page before you go any further to get an overview of the general options available for mapping federation provided identities to local accounts.

An Exchange mailbox will need to be created in Exchange as per usual, with a corresponding Active Directory (AD) user account. To map from an incoming Moonshot-provided identity to an AD account (and therefore its mailbox), you need to edit that account's attribute called "AltSecurityIdentities". Add a value of "EAP:[NAI]" to map an incoming user to that particular account.

Example

If the user had an NAI of "johnsmith@example.com", and you wanted them to be able to authenticate to an Exchange mailbox connected to the "EGDOMAIN\johns" AD account, on that johns AD account's AltSecurity Identities you would add a value of "EAP:johnsmith@example.com".