Previous Topic: How to Connect to Exchange 2010 (Agentless)Next Topic: Configure the CCS Computer for Exchange 2010

Connector GuidesConnectors GuideConnecting to EndpointsMicrosoft Exchange ConnectorHow to Connect to Exchange 2010 (Agentless)Configure Exchange 2010 Endpoints

Configure Exchange 2010 Endpoints

This procedure is for the Exchange administrator.

Every Exchange 2010 endpoint must be configured to support communication with the Active Directory connector. Follow all of these steps on every endpoint that you plan to connect to.

Follow these steps:

  1. Ensure that Microsoft Exchange 2010 Management Tools is installed.
  2. Ensure that the Windows service Windows Remote Management (WS-Management) is running. If required, set the startup type to automatic.
  3. Configure WinRM to use default settings. To do this, open a Command Prompt window on the CCS computer as the Administrator user, then enter the following command and respond Y when asked for confirmation: 
    winrm quickconfig
  4. Enter the following command to check the authentication status: 
    winrm get winrm/config/service

    You see a section in the response similar to the following:

    Auth

    Basic = false
Kerberos = true
Negotiate = true
Certificate = false
CredSSP = false
CBTHardeningLevel = Relaxed
  5. To enable Kerberos authentication, use the following command: 
    winrm set winrm/config/service/Auth @{Kerberos="true"}
  6. To enable HTTP Basic authentication, follow these steps:
    1. Enter the following commands: 
      winrm quickconfig -transport:https
winrm set winrm/config/service/auth @{Basic="true"}
    2. Ensure that the Exchange server has its own server certificate with the following settings:
      • The Enhanced Key Usage of the certificate includes Server Authentication.
      • The certificate is in the local machine's computer account.
      • The subject of the certificate is the fully-qualified domain name of the computer. For example, somehost.example.com.
    3. Open IIS Manager, then set up the following for the default web site:
    4. Select PowerShell and then click Authentication. Ensure that Basic Authentication is enabled.
    5. On the Actions panel, select Bindings. On the Site Bindings dialog, edit "https" and select the server certificate for SSL Certificate.