What are the software requirements for RSA Authentication Agent 5.3 to protect OWA using SSO?
Originally Published: 2005-01-12
Article Number
Applies To
Microsoft Windows Server 2003
Microsoft Exchange Server 2003
Microsoft Internet Information Server (IIS) 6.0
Single Sign-On (SSO)
Microsoft Outlook Web Access (OWA)
Issue
Resolution
RSA's SSO is accomplished by using the RSA Authentication Agent to obtain a Kerberos ticket, then presenting that ticket to OWA. RSA's SSO ISAPI extension uses a feature to pass the Kerberos ticket that is only available in IIS 6, which only runs on Windows 2003.
Exchange 2003 is required because earlier versions of Exchange did not support Kerberos. It should be noted that this requirement extends to ALL the Exchange servers because the Kerberos ticket is presented to the back end servers through the front end.
The domain must run in Windows 2003 native mode because RSA Authentication Agent uses some special extensions to the Kerberos protocol that are only available in Windows 2003 native domains.
Related Articles
Options for manage-securid-access-trusts Number of Views RSA Authentication Agent agent type values in Authentication Manager 8.x Number of Views RSA Announces RSA Authentication Agent for PAM 7.1.0.2 and Support for New Platforms Number of Views Web Services updateReviewItems 'Entitlement XXX already in the same state' message does not display account name in RSA Id… Number of Views SAML 2.0 Requirements for Service Providers Number of Views
Trending Articles
Troubleshooting RSA SecurID Access Identity Router to RSA Authentication Manager test connection failures RSA SecurID Software Token 5.0.2 Downloads for Microsoft Windows RSA Authentication Manager 8.9 Release Notes (January 2026) Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.8 Setup and Configuration Guide
Don't see what you're looking for?
