Hello,

Our department is testing this system, and I have been working with the developer, Fatme El-Moukaddem on this project. We are apparently running into authentication issues when the app attempts to access our Exchange 2010 service url. From what I understand, the service URL can employ two different auth methods, negotiate and NTLM. The advising calendar  app apparently requires NTLM  authentication, but according to Fatme, our server is only offering negotiate and never falling back to NTLM. I have checked the authentication headers being sent by our IIS server and they are currently “negotiate, NTLM”. Doesn’t that mean that the server should begin with negotiate, but fall back to NTLM if negotiate fails? Fatme suggested  that perhaps I need to change the authentication header order to “NTLM, negotiate”. What implications would such a change have from a security standpoint or otherwise? Would doing this cause any other unforeseen issues? Is there a way to backup the metabase before trying this?

Thanks for any advice,

 

Al Puzzuoli

Michigan State University

Information Technologist                                       http://www.rcpd.msu.edu

Resource Center for Persons with Disabilities  517-884-1915 120 Bessey Hall East Lansing, MI  48824-1033