Announcement

Collapse
No announcement yet.

Exchange 2007, OWA and RSA SecurID

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Exchange 2007, OWA and RSA SecurID

    Hi,

    I've recently implemented RSA SecurID to provide two-factor authentication for our Outlook Web Access portal. I'm running Exchange 2007 and at present when a user goes to our OWA site they are first presented with a SecurID login page requesting their username and passcode. Once they've provided the correct credentials they are forwarded to the regular OWA login page and can then access their e-mail.

    I'm looking for a way to integrate the SecurID passcode field into the regular OWA login page so that a user is presented with only one login page. Does anyone know of a way to do this?

    Thanks

  • #2
    Re: Exchange 2007, OWA and RSA SecurID

    First thing springs to my mind is Forefront TMG (Quelle surprise ). This was possible using custom forms in ISA 2006 so I'm pretty sure TMG will offer the same functionality. Bear in mind this actually presents a single login screen with both RSA and AD credentials, rather than single sign on which I would doubt is possible. Also check this thread at isaserver.org
    BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
    sigpic
    Cruachan's Blog

    Comment


    • #3
      Re: Exchange 2007, OWA and RSA SecurID

      Thanks for information Cruachan. I'd considered Forefront TMG but was hoping there might be built-in SecurID integration with Exchange/OWA I was missing. I'll take a look at Forefront now and see if I can get it working.

      Comment


      • #4
        Re: Exchange 2007, OWA and RSA SecurID

        There is nothing built in to Exchange, unless the vendor is making changes. This is what Forefront TMG/ISA Server is designed for.

        Simon.
        --
        Simon Butler
        Exchange MVP

        Blog: http://blog.sembee.co.uk/
        More Exchange Content: http://exchange.sembee.info/
        Exchange Resources List: http://exbpa.com/
        In the UK? Hire me: http://www.sembee.co.uk/

        Sembee is a registered trademark, used here with permission.

        Comment


        • #5
          Re: Exchange 2007, OWA and RSA SecurID

          So having investigated Forefront TMG I can see how to get SecurID authentication up and running.

          As I'm only at the test phase at the moment, is there a way to publish an alternate OWA login page that will include the SecurID field(s) so I can test authentication?

          Comment


          • #6
            Re: Exchange 2007, OWA and RSA SecurID

            Easiest way is to use a different IP address for the testing form, but you'll need a seperate DNS name and matching SSL certificate as well.

            Alternatively you can test from internal by publishing OWA internally and using the TMG FBA login. You may want to do this anyway so that internal and external users get the same OWA experience.
            BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
            sigpic
            Cruachan's Blog

            Comment

            Working...
            X