How do I authenticate to Microsoft Exchange 2000 or 2003?

0 votes
asked Mar 22, 2012 by Rebex KB (8,190 points)
edited Mar 22, 2012

Are there any issues when connecting to Microsoft Exchange 2000 or 2003 server using IMAP or POP3 protocols?

Applies to: Rebex Secure Mail

1 Answer

0 votes
answered Mar 22, 2012 by Rebex KB (8,190 points)
edited Mar 22, 2012

When connecting to Microsoft Exchange 2000 or 2003 server using IMAP or POP3 protocols, you should be aware of the issues caused by mismatched logon name and alias name. The logon name identifies the user, the alias name identifies the mailbox.

A. Authenticating using a method other than NTLM

When authenticating using a method other than NTLM to an account whose alias name does not match the logon name, the username of the following form must be used to log in:

domain/logon/alias

Example:

rebex/johns/john.smith

B. Authenticating using NTLM

To utilize NTLM authentication, call the Smtp, Imap or Pop3 object's Login method with an optional argument which specifies that NTLM is to be used. When authenticating to Microsoft Exchange 2000/2003 server using NTLM, it is not possible to specify an alias name, because NTLM does not support this. Therefore, it is not possible to authenticate to accounts whose alias name does not match the logon name. This is a limitation of Exchange 2000/2003, and even Microsoft Outlook Express cannot authenticated in this case. An alias name must be changed to match the logon name to make NTLM authentication possible.

To change the user's alias name:

  1. Start 'Active Directory Users and Computers' management console.

  2. Open the 'Properties' of the user whose mailbox you want to access using IMAP/POP3 with NTLM authentication.

  3. Determine the user's logon name from the 'User logon name' field in the 'Account' tab.

  4. Select the 'Exchange General' tab and make sure the 'Alias' field is set to the same value as the 'User logon name' from the previous step.

Please note that alias name has nothing to do with the user's e-mail addresses, so changing the alias is unlikely to break anything - unless some other applications depend on the former alias name.

See also

...