SSO is enabled but i am more concerned about internal users actually, they will connect to a CAS server that will then redirect to the 2003 Front End Servers which will have Basic Auth set.
On 10/4/12, Steve Goodman <st...@stevieg.org> wrote: > If you publish the rules for your legacy URL for Exchange 2003 through TMG > and using the same listener, enable SSO for the domain, they shouldn't get > promoted for authentication twice as they'll have already authenticated with > TMG for Exchange 2010. > > Steve > > On 4 Oct 2012, at 16:57, "Al Rose" > <arose...@gmail.com<mailto:arose...@gmail.com>> wrote: > > Hello, > > Last time i tested a coexistence scenario i had to make sure that FBA was > enabled on the 2003 Front-End Servers so users wont have to authenticate > twice to go to OWA. > > Now i am reading TMG publishing for Exchange 2010 white paper and they are > advising to enable FBA on the TMG listener for all published Exchange 2010 > services (Active Sync, Autodiscover, OWA, OA) and 2003 Legacy access too. > This means i would have to set Basic Authentication for all CAS servers. > So how do i do for Legacy users if the Front-End Server is set to Basic Auth > and not FBA that means that my 2003 users will have to authenticate > twice... > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> > with the body: unsubscribe exchangelist > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
