How to configure Messageware AttachView and RSA SecurID's Enterprise Single Sign-on interoperation

This article applies to the following products:
     Messageware AttachView 2003

     Messageware AttachView 2000

 

SUMMARY

 

This article outlines the server configuration to ensure interoperation of Messageware AttachView and RSA SecurID's Enterprise Single Sign-on.  

 

The configuration below applies for RSA Authentication Agent 5.3 for Web with the latest updates.

 

RESOLUTION

 

Follow the steps below to ensure interoperation.

 

Settings in Exchange System Manager (ESM)

 

1.     Open the Exchange System Manager (ESM) and navigate to First Administrative Group\Servers\<server>\Protocols\HTTP\Exchange Virtual Server

2.     Right-click on the Exchange virtual directory and select Properties from the Action Menu

3.     Change to the Access tab and press the “Authentication” button

4.     Verify that Anonymous Access is enabled using the RSA designated account, Basic Windows Authentication is enabled and the default domain populated

5.     Repeat steps 2-4 above for the Public virtual directory

 

 

Settings in Internet Information Services Manager (IIS)

 

1.     Open IIS Manager and navigate to the OWA Web Site (Default Web Site)

2.     Right-click on Default Web Site and select Properties

3.     Select the RSA SecureID tab and check the “Enable RSA Web Access Authentication Feature Set on this Server” option

4.     Check the following options:

a.     Disable IIS Server if Agent Fails to Load

b.    Ignore Browser IP Address for Cookie Validation

c.     Use RSA/ACE Server Name Locking Feature

d.    Auto-Submit (avoid having to click Continue after successful Auth)

5.     Click on OK in the Default Web Site properties window to apply the settings

6.     Right-click on the WebID virtual directory and select Properties from the Action Menu

7.     On the Virtual Directory tab take a note of the Application Pool

8.     Right-click on the Exchange virtual directory and select Properties from the Action Menu

a.     Virtual Directory tab

                                                  i.    Verify that the application pool matches the pool configured on the WebID virtual directory

b.    Directory Security tab

                                                  i.    Under Authentication and Access Control select Edit

                                                 ii.    Verify that Anonymous Access is enabled using the RSA designated account, Basic Windows Authentication is enabled and the Default Domain is populated as in the ESM above

c.     RSA SecurID tab

                                                  i.    Verify that “Target This Resource for Single Signon is” is enabled

9.     Repeat step 8 above for the Public, Exchweb/bin, X-AttachView, X-AttachView/bin virtual directories

 

 

Settings in the AttachView Administrative Console

 

1.     Launch the AttachView Administrative Console (Start\Program Files\Messageware Incorporated\AttachView for Outlook Web Access\AttachView Administrative Console)

2.     Under “Global Settings”, select the RSA tab

3.     Verify that the “RSA Enterprise Single Sign On Interoperation” option is enabled

4.     Restart the World Wide Web Publishing Service for the changes to take effect

 

 

This article applies to the following products:
     Messageware AttachView 2003

     Messageware AttachView 2000