7,925 questions
Hybrid Auth but that doesnt include IMAP or POP on-prem:
https://learn.microsoft.com/en-us/microsoft-365/enterprise/configure-exchange-server-for-hybrid-modern-authentication?view=o365-worldwide
Depreciation of basic authentication in Exchange On Prem ?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 76%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Steph
1
Reputation point
Hello,
I was wondering if it was possible to secure Exchange On Premise in the same way that Microsoft does by disabling basic authentication in Exchange Online?
What are the alternatives to disable basic authentication and use a more secure authentication to read mailboxes in IMAP for example?
One of my customers uses IMAP to read Exchange mailboxes by his software that he develops internally. We were able to read the Online mailboxes via OAuth 2.0 and in IMAP.
I checked if we can use OAuth 2.0 on a local exchange, but if I believe this article it is a protocol specific to Exchange Online:
My research led me to this other article :
I have the impression that it's quite tedious and I'm not sure that it's really equivalent, I don't see any Azure application, token like on EXO etc...
If we have to go through Azure no matter what, it means that we need Azure AD licenses?
Thank you for your help and clarification.
Exchange | Exchange Server | Management
Microsoft Security | Microsoft Entra | Microsoft Entra ID
25,161 questions
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 67%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
Joyce Shen - MSFT 16,701 Reputation points2022-09-05T08:22:25.313+00:00 Hi @Steph
I am writing to see how everything is going on with this thread. If you still have further concern on this, please feel free to let us know.
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
-
Joyce Shen - MSFT 16,701 Reputation points
2022-09-08T07:47:40.78+00:00 Hi @Steph
Any progress so far, do suggestions below help? If your issue is resolved now, don't forget to "Accept Answer" for the helpful reply below. And if you still have other concern about this question, please share more information here!
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Sign in to comment
2 answers
Sort by: Most helpful
-
Andy David - MVP 157.8K Reputation points MVP Volunteer Moderator2022-08-31T11:23:21.193+00:00 -
Joyce Shen - MSFT 16,701 Reputation points
2022-09-01T05:25:39.343+00:00 Hi @Steph
Yes, POP and IMAP do not support modern authentication with on-prem Exchange. The official document introduces this as below:
Hybrid modern authentication overview and prerequisites for using it with on-premises Skype for Business and Exchange serversClients and/or protocols that are not listed (for example, POP3) do not support modern authentication with on-premises Exchange and continue to use legacy authentication mechanisms even after modern authentication is enabled in the environment.
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.