Configure Windows Authentication on CAS/EAS. If you configure SEG with KCD, and the EWS proxy is enabled, then you must perform the following procedure on the EWS Virtual Directory also.


  1. On the Exchange Server, open IIS Manager and navigate to the Microsoft-Server-ActiveSync Virtual Directory.
  2. Select Authentication, enable Windows authentication, and add Negotiate as a provider.
    Add Negotiate as Authentication Providers.
  3. In the Microsoft-Server-ActiveSync Virtual Directory, access the Configuration Editor and navigate to system.webServer > Security > Authentication > WindowsAuthentication. Select Enabled, set useAppPoolCredentials and useKernelMode values to True.
    EAS Virtual Directory