A while ago, we posted the default authentication and SSL settings for Exchange-related virtual directories in Exchange Server 2007. The settings below hold true for Exchange Server 2010 RTM and SP1. You will notice that Unified Messaging is no longer on the list and that is because this virtual directory and the Set-UMVirtualDirectory CMDlet no longer exist in Exchange server 2010. The Unified Messaging mailbox can be created and configured using Enable- or Set-UMMailbox.

Exchange Server 2010 with the Client Access Server (standalone):

Location

Authentication

SSL Setting

Management

Default Web Site

Anonymous

Required

IIS Management Console

aspnet_client

Anonymous

Required

IIS Management Console

Autodiscover

Anonymous / Basic / Windows Authentication

Required

Exchange Management Shell

ECP

Anonymous / Basic

Required

Exchange Management Console or Shell

EWS

Anonymous / Windows Authentication

Required

Exchange Management Shell

Microsoft-Server-ActiveSync

Basic

Required

Exchange Management Console or Shell

OWA

Basic

Required

Exchange Management Console or Shell

Powershell

Anonymous

Not Required

Exchange Management Shell

RPC

Basic / Windows Authentication

Required

Exchange Management Shell

RpcWithCert

all options Disabled

Required (128 bit not checked)

N/A

OAB

Windows Authentication

Not Required

Exchange Management Console or Shell

Exchange Server 2010 Mailbox role (standalone):

Location

Authentication

SSL Setting

Management

Default Web Site

Anonymous

Required

IIS Management Console

PowerShell

Anonymous

Not Required

Exchange Management Shell

CMDlet list for those that can only be modified in the Management Shell:

Set-AutoDiscoverVirtualDirectory

Set-WebServicesVirtualDirectory

Set-PowershellVirtualDirectory

Set-OutlookAnywhere (for the RPC virtual directory)

- Angelique Conde