Jun 17 2019 12:23 AM
Hi everyone,
I am running form based authentication. For some concern, i would like to disable basic authentication
get-OwaVirtualDirectory "owa (Default Web Site)" |fl *auth*
ClientAuthCleanupLevel : High
InternalAuthenticationMethods : {Basic, Fba}
BasicAuthentication : True WindowsAuthentication : False
DigestAuthentication : False FormsAuthentication : True
LiveIdAuthentication : False AdfsAuthentication : False
OAuthAuthentication : False
ExternalAuthenticationMethods : {Fba}
Note the "InternalAuthenticationMethods" is Basic and Fba.
set-OwaVirtualDirectory "owa (Default Web Site)" -BasicAuthentication $false
get-OwaVirtualDirectory "owa (Default Web Site)" |fl InternalAuthenticationMethods
InternalAuthenticationMethods : {}
with just setting the "BasicAuthentication" to $false it turns off the form based too. So i tried to enabled the form based again.
set-OwaVirtualDirectory "owa (Default Web Site)" -FormsAuthentication $true
ClientAuthCleanupLevel : High
InternalAuthenticationMethods : {Basic, Fba}
BasicAuthentication : True
WindowsAuthentication : False
DigestAuthentication : False
FormsAuthentication : True
LiveIdAuthentication : False
AdfsAuthentication : False
OAuthAuthentication : False
ExternalAuthenticationMethods : {Fba}
The basic authentication was automatically turn on by itself again. So i was thinking the form based required the basic authentication. The information on the internet is kind of scarce. Does anyone has any experience on this? Also note the "ExternalAuthenticationMethods" is {Fba} without Basic? Thanks everyone!
Jun 17 2019 09:45 AM
SolutionJun 17 2019 08:46 PM
@Greg Taylor - EXCHANGE Thank you! Can i also check ExternalAuthenticationMethods : {Fba}, what does this do? Because it seems different then the other .
-ExternalAuthenticationMethods is using string base instead of -FormsAuthentication $true or $false and it accepts just only "Fba".
set-OwaVirtualDirectory "owa (Default Web Site)" -ExternalAuthenticationMethods fba
Jun 17 2019 11:53 PM
The individual settings enable (or disable) the respective authentication method on the vdir. ExternalAuthenticationMethods and InternalAuthenticationMethods determine allowed authentication methods when connecting internally or externally. Only methods can be selected which are enabled on the vdir. It's a multi-value, allowing you to specify more than one method (thus displayed differently in output)
Jun 18 2019 06:39 AM
@Michel de Rooij That was the intent when the code was written - but it never worked like that. OWA/Exchange has no idea if the user is internal or external and so those values do nothing. I wouldn't suggest messing with them at all.