If you are using basic authentication only, and the EWS endpoint is configured to allow NTLM authentication, ensure the SEG version is 188.8.131.52 and validate the remove.unsupported.auth configuration in SEG using the following procedure:
- Navigate to folder using file explorer.
- Select the application.properties file and edit the file.
- Check if the remove.unsupported.auth.for.ews value is true if NTLM authentication is enabled on Exchange, as SEG does not support NTLM connection persistence. If you do not see an entry for remove.unsupported.auth.for.ews then the SEG version is not 184.108.40.206. Ensure the SEG version is 220.127.116.11.
- Verify the SEG version and save the file.
Note: If you enable both basic and Kerberos authentication and the client fails to present a valid client certificate, then the SEG removes the Negotiate header and requests you to authenticate using basic authentictaion. In such scenarios, the client is enforced to use basic authentication only. If the client does not have the basic authentication configured then the client fails to receive a successful response. When the client presents a valid certificate, the SEG generates a Kerberos token and proceeds with the Negotiate authentication.