Certificate-based authentication in Exchange Server 2010 allows you, the administrator, to ensure that ActiveSync clients connecting to Exchange are securely deployed and controlled, by restricting access only to devices that can present the correct certificate associated with the user's account.
In this chapter we'll be revisiting our fictional company, Lisa Jane Designs, with a view to implement certificate-based authentication for the Exchange Server 2010 organization.
In our example, Lisa Jane Designs will be looking to overcome issues with regular user password changes and also make sure that the casual user cannot connect a personal iPhone or other iOS device to Exchange Server 2010. To accomplish this, we'll be installing a certificate authority into the existing Active Directory and Exchange Server 2010 infrastructure, configuring it to ensure we can issue certificates for users, then configuring Exchange...