TransportServer.UseDowngradedExchangeServerAuth Property

Gets or sets a value that indicates whether the Generic Security Services Application Programming Interface (GSS-API) authentication method is used on connections where Transport Layer Security (TLS) is disabled.

Namespace:  Microsoft.Exchange.Data.Directory.Management
Assembly:  Microsoft.Exchange.Data.Directory (in Microsoft.Exchange.Data.Directory.dll)

Syntax

'Declaration
<ParameterAttribute(Mandatory := False)> _
Public Property UseDowngradedExchangeServerAuth As Boolean
    Get
    Set
'Usage
Dim instance As TransportServer
Dim value As Boolean

value = instance.UseDowngradedExchangeServerAuth

instance.UseDowngradedExchangeServerAuth = value
[ParameterAttribute(Mandatory = false)]
public bool UseDowngradedExchangeServerAuth { get; set; }

Property Value

Type: System.Boolean
true to use the GSS-API authentication method on connections where Transport Layer Security (TLS) is disabled; otherwise, false. The default value is false.

Remarks

Typically, TLS is required for connections between Hub Transport servers in your organization. On TLS-secured connections, Kerberos authentication is used by default. However, you might need to disable TLS between specific Hub Transport servers in your organization. When you do that, you need to set this property to true to provide an alternative authentication method. The default value is false. Do not set this value to true unless it is absolutely required.

If you set this property to true, you also have to create a specific ReceiveConnector instance to service the non-TLS connections. This ReceiveConnector instance must have remote IP address ranges specified to ensure that it is only used for non-TLS connections. You also must set the SuppressXAnonymousTls property of the ReceiveConnector instance to true.