Exchange connection - Authentication tab

Integration module Existing Exchange connection Properties

Type of authentication

User name - Password

With this option, the user name and password that you use for login to Windows will be used in Intrexx to log on to Exchange. The login data can either be queried session-based and must then be entered by the users every time they log on to the portal again, or you can enter the data in encrypted format on the MediaGateway in order to avoid needing to renew logins. In this case, a connection will be created by Intrexx between the logged-in Intrexx user and the saved login information for the Exchange server.

Kerberos

Kerberos will determine the login information according to the current Windows user and will log in automatically log. Please note the following basic requirements for a successful authentication with Kerberos: If a user cannot be authenticated, the session-based login will automatically be activated.

Service Principal name

For successful authentication, the entry of a so-called Service Principal Name (SPN) is required. The SPN contains the information about the service for whom a Kerberos ticket should be created. This ticket will be required for the MediaGateway server. The dialog will suggest a SPN to you, but in practice, it may need to be adjusted, depending on your system environment. The SPN will usually be made up of the following components: host/<Computer DNS Name>@<KERBEROS_REALM> Computer DNS name: fully qualified host name (such as mycomputer.mycompany.com)
KERBEROS_REALM: as a rule, the domain in capitals (like MYCOMPANY.COM)

The SPN would, therefore, read as follows with the sample data: host/mycomputer.mycompany.com@MYCOMPANY.COM

Access data for the Exchange server

The login of an Intrexx user to the Exchange server takes place via a login box that will be shown when an Intrexx Exchange application is called up in the portal.
The Kerberos authentication only works if the requesting client uses the fully qualified Name in the server URL which is entered in the login box and not the IP of the Exchange servers The request of a portal on client systems depends on the configuration of your DNS server and has to be executed via one of the following URLs:
  • http://12.34.56.78/myPortal
  • http://intrexxserver.example.org/myPortal
  • http://intrexxserver/myPortal
Please ask your system administrator for more information about this.

In the configuration of the access data for the Exchange server, you can define whether specific data should be automatically entered to the login box, like the domain, or if data should be taken from the User Manager, such as the user name, or which data must be manually entered by the user to the login box in Intrexx Exchange applications.

Exchange user name / Email address / Domain / Server (URL)

In each case, opens a dialog where you can define the source for the user name, email address, domain and server URL for logging in to the Exchange server.

Query login data session-based on the web

If this setting is not activated, all login information from the login box will be saved as user account in the MediaGateway as soon as the user logs on for the first time with the Intrexx Exchange application. If this login was successful, the corresponding account information will be saved, encrypted with RSA, to the MediaGateway. The next time the Intrexx portal is visited, the login will not be required, as long as the connection to the Exchange server can be established. Next, the login box will then only be shown again when changes to the access data of the user come about, i.e. when, for example, the value of a relevant field in the User Manager has changed. If the setting is set for "Login data in web is session-based", the information will be queried for each session and no account will be created on the MediaGateway. The login box will thereafter always be shown the first time an Intrexx user opens an Exchange application in the portal.

An Intrexx portal user can only access the information on the Exchange server for which they have been provided permission by the Exchange Server.

Administration

Overview of known users

Opens a dialog which contains a list of the users in the MediaGateway. This link is clickable if MediaGateway accounts have already been created because users have logged in.