7 Appendix B: Product Behavior

  • Article

The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include updates to those products.

  • Microsoft Exchange Server 2010

  • Microsoft Exchange Server 2013

  • Microsoft Exchange Server 2016

  • Microsoft Exchange Server 2019

Exceptions, if any, are noted in this section. If an update version, service pack or Knowledge Base (KB) number appears with a product name, the behavior changed in that update. The new behavior also applies to subsequent updates unless otherwise specified. If a product edition appears with the product version, behavior is different in that product edition.

Unless otherwise specified, any statement of optional behavior in this specification that is prescribed using the terms "SHOULD" or "SHOULD NOT" implies product behavior in accordance with the SHOULD or SHOULD NOT prescription. Unless otherwise specified, the term "MAY" implies that the product does not follow the prescription.

<1> Section 3.1.3:  By default, Exchange 2010, Exchange 2013, Exchange 2016, and Exchange 2019 get the Federation Metadata Document from the URL http://nexus.passport.com/FederationMetadata/2006-12/FederationMetadata.xml. This URL can be modified when establishing the federated domain.

<2> Section 3.1.3:  Exchange 2010, Exchange 2013, Exchange 2016, and Exchange 2019 store the URL of the delegation management service in Active Directory when the server is loaded. The URL is stored in the serviceBindingInformation property of the Active Directory object CN=DomainPartnerManageDelegation,CN=ServiceEndpoints,CN=FirstOrganization,CN=MicrosoftExchange,CN=Services,CN=Configuration,DC=

When the server calls the delegation management service, this object is read to obtain the URL of the service.

<3> Section 3.1.4.6.2.1: Exchange 2010, Exchange 2013, Exchange 2016, and Exchange 2019 set this element to the string "ExchangeConnector".

<4> Section 3.2.3:  By default, Exchange 2010, Exchange 2013, Exchange 2016, and Exchange 2019 get the Federation Metadata Document from the URL http://nexus.passport.com/FederationMetadata/2006-12/FederationMetadata.xml. This URL can be modified when establishing the federated domain.

<5> Section 3.2.3:  Exchange 2010, Exchange 2013, Exchange 2016, and Exchange 2019 store the URL of the delegation management service in Active Directory when the server is loaded. The URL is stored in the serviceBindingInformation property of the Active Directory object CN=DomainPartnerManageDelegation,CN=ServiceEndpoints,CN=FirstOrganization,CN=MicrosoftExchange,CN=Services,CN=Configuration,DC=

When the server calls the delegation management service, this object is read to obtain the URL of the service.

<6> Section 3.2.4.6.2.1: Exchange 2010, Exchange 2013, Exchange 2016, and Exchange 2019 set this element to the string "ExchangeConnector".

<7> Section 3.3.4.1.1:  The duration of the offer depends on the type of offer made. Exchange 2010, Exchange 2013, Exchange 2016, and Exchange 2019 create an offer with the duration set to the following values.

Offer type

Default duration

MSExchange.SharingInviteMessage

15 days

MSExchange.SharingCalendarFreeBusy

5 minutes

MSExchange.SharingRead

60 minutes

MSExchange.DeliveryExternalSubmit

48 hours

MSExchange.DeliveryInternalSubmit

48 hours

MSExchange.MailboxMove

60 minutes

MSExchange.Autodiscover

5 minutes

<8> Section 3.3.4.1.1:  Exchange 2010 stores this value in the directory service property msExchFedApplicationURI of the msExchFedTrust object.

<9> Section 3.3.4.1.1:  Exchange 2010 stores this value in the directory service property msExchFedTokenIssuerURI of the msExchFedTrust object. Exchange 2010 uses the value "uri:WindowsLiveID".

<10> Section 3.3.4.1.1:  Exchange 2010 obtains the value of the saml:NameIdentifier element from the user object in the directory service of the user for whom the token is requested. If the directory service user object has the msExchImmutable property set, that value is used; otherwise, Exchange 2010 uses the objectGuid property of the user object, which is encoded using base64 encoding, concatenated with the msExchFedAccountNamespace property of the msExchFedOrgId object.

<11> Section 3.3.4.1.1:  Exchange 2010 obtains the value of the saml:NameIdentifier element from the user object in the directory service of the user for whom the token is requested. If the directory service user object has the msExchImmutable property set, that value is used; otherwise, Exchange 2010 uses the objectGuid property of the user object, which is encoded using base64 encoding, concatenated with the msExchFedAccountNamespace property of the msExchFedOrgId object.

<12> Section 3.3.4.1.1:  Exchange 2010 sets the URI to the attribute value found in the directory service property msExchFedPolicyReferenceURI of the msExchFedTrust object. The default value is "EX_MBI_FED_SSL".