OWA FE/BE server quick question

Whenever you have a FE/BE setup does the FE server have to be a member of the internal domain? Or when the user enters a username and password does the FE server use their credentials to connect to the BE server?

Comments

  • royalroyal Posts: 3,353Member
    Yes it will most definitely need to be a part of the domain. When the FE server authenticates a user, it will use RPCs to authenticate with a DC. Afterwards, the FE server will communicate with a BE server over port 80 and then the BE server will do an authentication for that user also. This is called dual-pass authentication. You can do another authentication method where you authenticate to your FE via anoymous (not really authenticating) and the back-end will do the actual authentication. This is called pass-through. Just as an added FYI, in Exchange 2007, a client-access server won't communicate with the other servers via port 80 like how it was with FE > BE, instead, it uses Exchange RPCs.

    http://www.msexchange.org/tutorials/Dual-Pass-Through-Authentication-Exchange-2003-Front-EndBack-End.html?printversion
    “For success, attitude is equally as important as ability.” - Harry F. Banks
Sign In or Register to comment.