Microsoft Exchange is Microsoft's email and calendering groupware. See Microsoft's Exchange website for more details.
Contents
1. Overview
Modern versions of Microsoft Exchange are generally compatible with Moonshot. Since Exchange is integrated with the Windows SSPI, then it requires the Moonshot SSP.
2. Compatibility
2.1. Key
In the tables below, the following icons have the following meanings:
- - This version of the software has been tested and verified as supporting Moonshot.
- - This version of the software has been tested and verified as not supporting Moonshot.
- - This version of the software has not yet been tested thoroughly and its status is not known. Let us know if you have tried it and whether it worked or not!
2.2. Compatibility List
Note that accessing supported versions of this software requires a Moonshot compatible client - see the next section for details on which clients are supported.
Any versions not listed below have not yet been tested. If you do so, please let us know!
Version | Compatible? | Notes |
---|---|---|
Microsoft Exchange Server 2013 | ||
Microsoft Exchange Server 2010 | When running on a supported Windows platform | |
Microsoft Exchange Server 2007 | ||
Microsoft Exchange Server 2003 | ||
Microsoft Exchange 2000 Server | ||
Microsoft Exchange Server 5.5 | ||
Microsoft Exchange Server 5.0 | ||
Microsoft Exchange Server 4.0 | ||
Microsoft Exchange Server 1.0 |
3. Installation Instructions
This software does not require any special installation instructions - install it as you normally would.
4. Configuration Instructions
4.1. Configuring Moonshot
Due to a bug in Microsoft Exchange, all versions currently require you to set the "Use Kerberos RPC ID" configuration option on the Moonshot SSP (see the Configure the Windows SSP page for instructions on how to enable this). This tells the SSP to "pretend" to be Kerberos instead of GSS-EAP.
4.2. Configuring Microsoft Exchange
No specific configuration is necessary within Microsoft Exchange itself, other than how you map external users to Exchange mailboxes; see below.
5. Client Compatibility
The following clients are known to work with this server software using Moonshot authentication (click on the link to see further information about enabling Moonshot in that client):
6. Next Steps
Once you have installed the software, what happens next?
6.1. Account Mapping
An Exchange mailbox will need to be created in Exchange as per usual, with a corresponding Active Directory (AD) user account. To map from an incoming Moonshot-provided identity to an AD account (and therefore its mailbox), you need to edit that account's attribute called "AltSecurityIdentities". Add a value of "EAP:[NAI]" to map an incoming user to that particular account.
Example
If the user had an NAI of "johnsmith@example.com", and you wanted them to be able to authenticate to an Exchange mailbox connected to the "EGDOMAIN\johns" AD account, on that johns AD account's AltSecurity Identities you would add a value of "EAP:johnsmith@example.com".