Export (0) Print
Expand All
Expand Minimize

2.2.14 [RFC3501] Section 6.2.2, AUTHENTICATE Command

V0021:

The specification states: "If the server supports the requested authentication mechanism, it performs an authentication protocol exchange to authenticate and identify the client. It MAY also negotiate an OPTIONAL security layer for subsequent protocol interactions."

Microsoft Exchange Server 2007, Microsoft Exchange Server 2010, Microsoft Exchange Server 2013

Microsoft Exchange Server does not support negotiation of an OPTIONAL security layer.

E0003:

The specification states that the server is not required to implement any authentication mechanisms other than the PLAIN authentication mechanism.

Exchange 2007

In addition to the PLAIN authentication mechanism, Microsoft Exchange implements the following authentication mechanisms:

Exchange 2010, Exchange 2013

In addition to the PLAIN authentication mechanism, Microsoft Exchange implements the GSSAPI authentication mechanism.

V0022:

The specification states that server sites SHOULD NOT use any configuration that permits a plaintext password mechanism without a protection mechanism against password snooping.

Exchange 2007, Exchange 2010, Exchange 2013

By default, Microsoft Exchange does not permit plaintext password authentication, but can be configured to allow plaintext password authentication without protection against password snooping.

E0004:

The specification states that servers SHOULD implement additional SASL mechanisms that do not use plaintext passwords.

Exchange 2007, Exchange 2010, Exchange 2013

For details, see E0005 in this section.

V0023:

The specification states: "A server MAY include a CAPABILITY response code in the tagged OK response of a successful AUTHENTICATE command in order to send capabilities automatically."

Exchange 2007, Exchange 2010, Exchange 2013

Microsoft Exchange does not include a CAPABILITY response code in its response to a successful AUTHENTICATE command. Microsoft Exchange sends capabilities only in response to a CAPABILITY command from the client. For more details, see sections 2.2.13, 2.2.15, and 2.2.30 of this document.

Show:
© 2014 Microsoft