Server Configuration > Client Access Server > Exchange ActiveSync > Microsoft-Server-ActiveSync > Authentication Tab (RTM)
Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.
Applies to: Exchange Server 2007
Use the Authentication tab to select the authentication method or methods that you want to use for Exchange ActiveSync.
Note
The properties that you set in this dialog box will update the Internet Information Services (IIS) metabase.
Basic authentication (password is sent in clear text)
Select this check box if you want the mobile device to send the user name and password in clear text.Important
Because passwords are sent in clear text with Basic authentication, you should configure Secure Sockets Layer (SSL) to encrypt data transferred between your mobile clients and the Exchange ActiveSync virtual directory.
Client certificate authentication
Select whether you want to ignore, accept, or require client certificate authentication.
Certificates can reside in the certificate store on a mobile device or on a smart card. A certificate authentication method uses the Extensible Authentication Protocol (EAP) and Transport Layer Security (TLS) protocols. In EAP-TLS certificate authentication, the client and the server prove their identities to each other. For example, an Exchange ActiveSync client presents its user certificate to the Client Access server, and the Client Access server presents its computer certificate to the mobile device to provide mutual authentication.
Note
Requiring client certificates will force you to configure SSL on the Web site that is hosting the Exchange ActiveSync virtual directory.
Warning
Anonymous access to the Exchange ActiveSync virtual directory should always be turned off.