We plan to use Entrust Identityguard to provide 2factor authentication for OWA. We have an ARR server for Activesync & OWA currently works thru that same server. OWA is not live, but activesync has been live for over a year.
Entrust does not seem to understand our Exchange configuration in relation to their product. They tried to install their isapi filter on our ARR server a few weeks ago, but it repeatedly failed & they sent the issue
to R&D. It failed on the screen where you choose the IIS site & the only site we have is Default Web Site.
Now, they say the isapi filter has to be installed on the Exchange servers (we have a DAG).
Here is our setup….pretty simple….
2 exchange 2013 cu7 servers in a DAG, both run all roles, both are in the internal network.
1 ARR server in the DMZ servicing Activesync.
Does anyone have any experience with a similar (or the same) 2 factor setup?
You may ask why I don’t press the vendor for more answers….. I simply cannot get them to understand my setup. I don’t think they have much experience with ARR & since we don’t use OWA, my knowledge of how it actually works is slim.
Thanks!