Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Microsoft Exchange is Microsoft's email and calendering groupware. See Microsoft's Exchange website for more details.

Contents

1. Overview

Modern versions of Microsoft Exchange are generally compatible with Moonshot. Since Exchange is integrated with the Windows SSPI, then it requires the Moonshot SSP.

2. Compatibility

2.1. Key

In the tables below, the following icons have the following meanings:

  • (tick) - This version of the software has been tested and verified as supporting Moonshot.
  • (error) - This version of the software has been tested and verified as not supporting Moonshot.
  • (question) - This version of the software has not yet been tested thoroughly and its status is not known. Let us know if you have tried it and whether it worked or not!

2.2. Compatibility List

Note that accessing supported versions of this software requires a Moonshot compatible client - see the next section for details on which clients are supported.

Any versions not listed below have not yet been tested. If you do so, please let us know!

VersionCompatible?Notes
Microsoft Exchange Server 2013(question)  
Microsoft Exchange Server 2010(tick)When running on a supported Windows platform 
Microsoft Exchange Server 2007(question) 
Microsoft Exchange Server 2003(question) 
Microsoft Exchange 2000 Server(question) 
Microsoft Exchange Server 5.5(error) 
Microsoft Exchange Server 5.0(error) 
Microsoft Exchange Server 4.0(error) 
Microsoft Exchange Server 1.0(error) 

3. Installation Instructions

This software does not require any special installation instructions - install it as you normally would.

4. Configuration Instructions

4.1. Configuring Moonshot

Due to a bug in Microsoft Exchange, all versions currently require you to set the "Use Kerberos RPC ID" configuration option on the Moonshot SSP (see the Configure the Windows SSP page for instructions on how to enable this). This tells the SSP to "pretend" to be Kerberos instead of GSS-EAP.

4.2. Configuring Microsoft Exchange

No specific configuration is necessary within Microsoft Exchange itself, other than how you map external users to Exchange mailboxes; see below.

5. Client Compatibility

The following clients are known to work with this server software using Moonshot authentication (click on the link to see further information about enabling Moonshot in that client):

6. Next Steps

Once you have installed the software, what happens next?

6.1. Account Mapping

Read our General account mapping advice page before you go any further to get an overview of the general options available for mapping federation provided identities to local accounts.

An Exchange mailbox will need to be created in Exchange as per usual, with a corresponding Active Directory (AD) user account. To map from an incoming Moonshot-provided identity to an AD account (and therefore its mailbox), you need to edit that account's attribute called "AltSecurityIdentities". Add a value of "EAP:[NAI]" to map an incoming user to that particular account.

Example

If the user had an NAI of "johnsmith@example.com", and you wanted them to be able to authenticate to an Exchange mailbox connected to the "EGDOMAIN\johns" AD account, on that johns AD account's AltSecurity Identities you would add a value of "EAP:johnsmith@example.com".

  • No labels