{"id":404,"date":"2018-10-18T14:42:49","date_gmt":"2018-10-18T06:42:49","guid":{"rendered":"https:\/\/rol801.com\/wordpress\/?p=404"},"modified":"2018-10-18T14:42:52","modified_gmt":"2018-10-18T06:42:52","slug":"exchange-2013-cba-setup-review","status":"publish","type":"post","link":"https:\/\/rol801.com\/wordpress\/?p=404","title":{"rendered":"Exchange 2013 CBA Setup Review"},"content":{"rendered":"\n<figure class=\"wp-block-image\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"230\" height=\"219\" data-attachment-id=\"121\" data-permalink=\"https:\/\/rol801.com\/wordpress\/?attachment_id=121\" data-orig-file=\"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2016\/08\/images.png?fit=230%2C219&amp;ssl=1\" data-orig-size=\"230,219\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"images\" data-image-description=\"\" data-image-caption=\"\" data-large-file=\"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2016\/08\/images.png?fit=230%2C219&amp;ssl=1\" src=\"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2016\/08\/images.png?resize=230%2C219&#038;ssl=1\" alt=\"\" class=\"wp-image-121\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">\u6eab\u6545\u77e5\u65b0 <g class=\"gr_ gr_10 gr-alert gr_gramm gr_inline_cards gr_run_anim Style replaceWithoutSep\" id=\"10\" data-gr-id=\"10\">!\u57fa\u65bc\u4e0a\u661f\u671fUpgrade<\/g> Exchange 2013 \u7531 CU13 Upgrade \u53bb\u00a0CU21\u3002\u56e0\u70baServer \u4fc2\u4e0a\u5e74\u7528\u7279\u5225\u624b\u6bb5Split\u51fa\u569f\u3002\u6240\u4ee5Upgrade\u5230\u81e8\u5c3e\u51fa\u8996\u3002\u8feb\u65bc\u7121\u5948\u8981Delete\u5169\u500bExchange Website\u3002\u5462\u500b\u661f\u671f\u771f\u6b63\u8d77\u904e\u4e00\u96bb\u65b0Server\u53bb\u505aCAS\u3002<br>\u904e\u7a0b\u7121\u7279\u5225\u8981\u591a\u8b1b\u56e0\u70ba\u975e\u5e38\u9806\u5229\uff0c\u4f46\u4fc2\u5982\u540c\u4e0a\u5e74\u4e00\u6a23\uff0cCBA\u5148\u4fc2\u6700\u5927\u96e3\u95dc\u3002\u4fc2\u518dReview Article\u5605\u9014\u4e2d\uff0c\u5c31\u7747\u5230\u6700\u9032\u53e3\u5605\u4e00\u74b0\u3002\u5c31\u4fc2Certificate\u5605Subject\u4fc2\u8981\u6709User\u5605Email\uff0c\u6216\u8005Certificate\u5605SAN Name\u6709User UPN\u3002<br>\u5514\u8ddf\u5462Part\u5c31\u6703\u51faIIS Error 403.7<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Prerequisites:<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">You need access to a&nbsp;CA&nbsp;for client certificates. This can be a public CA solution, individual certificates from a vendor, or an Active Directory Certificate Services solution. Regardless, the following requirements must be met:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>The user certificate must be issued for client authentication. The default User template from an&nbsp;AD CS&nbsp;server will work in this scenario.<\/li><li>The&nbsp;<strong>User Principal Name<\/strong>&nbsp;(UPN) for each user account must match the&nbsp;<strong>Subject Name<\/strong>&nbsp;field in the user&#8217;s certificate.<\/li><li>All servers must trust the entire&nbsp;CA&nbsp;<em>trust chain<\/em>. This chain includes the root CA certificate and any intermediate CA certificates. These certificates should be installed on all servers that may require them, to include (but not limited to) ISA\/TMG\/UAG server(s) and the Client Access Server (CAS).<\/li><li>The root CA certificate must be in the&nbsp;<strong>Trusted Root Certification Authorities<\/strong>&nbsp;store, and any intermediate CA certificates in the intermediate store on all of these systems. The root CA certificate, and intermediate CA certificates must also be installed on the&nbsp;EAS&nbsp;device.<\/li><li>The user\u2019s certificate must be associated with the user\u2019s account in Active Directory<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Reference URL<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/docs.microsoft.com\/en-us\/exchange\/plan-and-deploy\/post-installation-tasks\/configure-certificate-based-auth?view=exchserver-2019\">https:\/\/docs.microsoft.com\/en-us\/exchange\/plan-and-deploy\/post-installation-tasks\/configure-certificate-based-auth?view=exchserver-2019<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/blogs.technet.microsoft.com\/exchange\/2012\/11\/28\/configure-certificate-based-authentication-for-exchange-activesync\/\">https:\/\/blogs.technet.microsoft.com\/exchange\/2012\/11\/28\/configure-certificate-based-authentication-for-exchange-activesync\/<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u904e\u7a0b\u7121\u7279\u5225\u8981\u591a\u8b1b\u56e0\u70ba\u975e\u5e38\u9806\u5229\uff0c\u4f46\u4fc2\u5982\u540c\u4e0a\u5e74\u4e00\u6a23\uff0cCBA\u5148\u4fc2\u6700\u5927\u96e3\u95dc\u3002\u4fc2\u518dReview Article\u5605\u9014\u4e2d\uff0c\u5c31\u7747\u5230\u6700\u9032\u53e3\u5605\u4e00\u74b0\u3002\u5c31\u4fc2Certificate\u5605Subject\u4fc2\u8981\u6709User\u5605Email\uff0c\u6216\u8005Certificate\u5605SAN Name\u6709User UPN\u3002<br>\n\u5514\u8ddf\u5462Part\u5c31\u6703\u51faIIS Error 403.7<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6eab\u6545\u77e5\u65b0 !\u57fa\u65bc\u4e0a\u661f\u671fUpgrade Exchange 2013 \u7531 CU13 Upgrade \u53bb\u00a0CU21\u3002\u56e0\u70baServer \u4fc2\u4e0a\u5e74\u7528\u7279\u5225\u624b\u6bb5Split\u51fa\u569f\u3002\u6240\u4ee5Upgrade\u5230\u81e8\u5c3e\u51fa\u8996\u3002\u8feb\u65bc\u7121\u5948\u8981Delete\u5169\u500bExchange Website\u3002\u5462\u500b\u661f\u671f\u771f\u6b63\u8d77\u904e\u4e00\u96bb\u65b0Server\u53bb\u505aCAS\u3002\u904e\u7a0b\u7121\u7279\u5225\u8981\u591a\u8b1b\u56e0\u70ba\u975e\u5e38\u9806\u5229\uff0c\u4f46\u4fc2\u5982\u540c\u4e0a\u5e74\u4e00\u6a23\uff0cCBA\u5148\u4fc2\u6700\u5927\u96e3\u95dc\u3002\u4fc2\u518dReview Article\u5605\u9014\u4e2d\uff0c\u5c31\u7747\u5230\u6700\u9032\u53e3\u5605\u4e00\u74b0\u3002\u5c31\u4fc2Certificate\u5605Subject\u4fc2\u8981\u6709User\u5605Email\uff0c\u6216\u8005Certificate\u5605SAN Name\u6709User UPN\u3002\u5514\u8ddf\u5462Part\u5c31\u6703\u51faIIS Error 403.7 Prerequisites: You need access to a&nbsp;CA&nbsp;for client certificates. This can be a public CA solution, individual certificates from a vendor, or an Active Directory Certificate Services solution. Regardless, the following requirements must be met: The user certificate must be issued &hellip; <a href=\"https:\/\/rol801.com\/wordpress\/?p=404\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Exchange 2013 CBA Setup Review&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[2,3],"tags":[],"class_list":["post-404","post","type-post","status-publish","format-standard","hentry","category-it","category-microsoft"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p71O8A-6w","jetpack-related-posts":[{"id":201,"url":"https:\/\/rol801.com\/wordpress\/?p=201","url_meta":{"origin":404,"position":0},"title":"Exchange 2013 EAS \/ EWS Multi Instance\u5f8c\u7e8c","author":"rol801","date":"May 21, 2017","format":false,"excerpt":"\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u57fa\u65bc\u4fc2\u4e00\u90e8Exchange CAS\u4e4b\u5167\u540c\u610f\u53ef\u4ee5\u7528\u5514\u540c\u5605Authentication Method (Password, Kerberos, Certificate) \u3002 \u800c\u767c\u73feExchange EWS\u4fc2\u6703\u5169\u500binstance \u540c\u6642response(Password Auth \/ Certificate Auth) \uff0c \u908a\u6210Outlook Client \u7576\u8981\u7528Web Service\u505anotification\u5605\u6642\u5019\uff0cIIS\u51fa\u73fe Error 500 0 64\u3002 \"POST \/EWS\/Exchange.asmx - 443 - 10.0.1.35 Microsoft+Office\/16.0+(Windows+NT+10.0;+Microsoft+Outlook+16.0.7927;+Pro) - 500 0 64 15\" \u4f46\u4fc2\u9ede\u89e3\u5462\uff1f \u4fc2\u7121\u4eba\u8b1bEWS Multi Instance\u5605\u60c5\u6cc1\u4e4b\u4e0b\uff0c\u6435\u5de6\u56db\u65e5\u90fd\u7121\u54a9\u982d\u7cb9\u3002 \u65b9\u5411\u6539\u8b8a\u8ad7\u5982\u4f55\u4ee4Outlook \u53ea\u6435Default \u500bEWS\uff0c\u800cMobileDevice \u65e2Mail Profile \u56e0\u70ba\u7531MDM\u2026","rel":"","context":"In &quot;IT&quot;","block_context":{"text":"IT","link":"https:\/\/rol801.com\/wordpress\/?cat=2"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2016\/08\/images.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":285,"url":"https:\/\/rol801.com\/wordpress\/?p=285","url_meta":{"origin":404,"position":1},"title":"\u63a5\u9023\u795e\u79d8Config\u6bd4\u6539\u52d5\u4e8b\u4ef6 I &#038; II &#8230;&#8230;. Kerberos Auth","author":"rol801","date":"February 10, 2018","format":false,"excerpt":"\u00a0 \u00a0 \u00a0 \u00a0 \u7e7c\u4e8c\u661f\u671f\u524d\u51fa\u73feExchange Server CBA vDirectory \u88ab\u5514\u6b63\u5e38\u5730disable Apphost settings\u00a0\u7531True\u8b8aFalse\u5f8c \u4fc2\u524d\u65e5\u518d\u51fa\u73fe\u795e\u79d8\u4e8b\u4ef6\u3002\u4eca\u6b21\u4fc2\u5169\u500b OKTA Connector \u540c\u6642disconnect\uff0c\u5f15\u767c\u5b8c\u5168\u7121\u6cd5Login\u4e4b\u5916\uff0c\u5c31\u4fc2OKTA IWA(Integrated Windows Authentication) Agent Website\u00a0\u7528\u4f5cKerberose \u5605SPN\u7a81\u7136\u6d88\u5931\u3002 \u6240\u4ee5\u4eca\u6b21\u5462\u500b\u5beb\u5605IIS Configure Kerberos Auth\u5605\u6eab\u6545\u77e5\u65b0 \u4e0b\u9762Reference\u5605Website\u503c\u5f97\u4e00\u7747\u3002\u4f46\u4fc2\u60f3\u7279\u5225\u63d0\u51fa\u8981\u7559\u610f\u5605\u6709\u4ee5\u4e0b \u4fc2\u958b\u5605IIS Website\u6703\u7528Service Account\u4ee5\u5514\u7528Default \u5605Application Pool Identity\uff0c\u5c0d\u5f80\u5f8ccreate SPN\u6703\u5bb9\u6613\u63a7\u5236 \u4fc2IIS\u5605Configuration Editor,\"system.webServer > security > authentication > windowsAuthentication\",\u5165\u9762\u5605 \"useAppPoolCredentials\"\u00a0\u8981Set\u505aTrue \u6700\u5f8c\uff0c\u5982\u679c\u65b0Configure\u5605IIS Website\u540cServer\u672c\u8eab\u6a5f\u540d\u5514\u540c Sample \u6a5f\u540d\u539f\u672c\u4fc2 \"ServerA.domain.local\" \uff0c \u4f46\u4fc2\u65b0IIS WebSite\u2026","rel":"","context":"In &quot;IT&quot;","block_context":{"text":"IT","link":"https:\/\/rol801.com\/wordpress\/?cat=2"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2018\/02\/logo-500px-300x300.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":189,"url":"https:\/\/rol801.com\/wordpress\/?p=189","url_meta":{"origin":404,"position":2},"title":"Microsoft ActiveSync &#8211; New EAS Website with Certificate Base Authentication(CBA) in same server","author":"rol801","date":"May 12, 2017","format":false,"excerpt":"\u70ba\u5de6\u5514\u4f7f\u8d77\u591a\u90e8CAS\uff0c\u4f46\u53c8\u53ef\u4ee5\u8a66CBA\uff0c \u53ea\u4fc2\u7528\u52a0\u591a\u4e00\u5f35NIC\uff0c\u591a\u4e00\u7c92IP\u3002 \u7d55\u5c0d\u4fc2\u5feb\u975a\u6b63\u3002 \u4f46\u4fc2\uff0c\u4fc2deployment\u5605\u904e\u7a0b\uff0c\u4fc2\u7d55\u5c0d\u4ffeExchange\/IIS\u73a9\u6b7b\u3002 \u5462\u4e0bWebsite\u5605\u6b65\u9a5f\u7d55\u5c0d\u7121\u932f\uff08\u63a8\u85a6\u7b2c\u4e00\u500b\uff09 \u9047\u5230\u554f\u984c\u5982\u4e0b 1\u3002\u540c\u4e00\u5f35NIC\u7528\u4e8c\u7c92IP\uff0c\u4fc2setup\u6642\u6703\u884d\u751fHost \u932fIP\u554f\u984c\uff0c\u6240\u4ee5\u5514\u5efa\u8b70 2\u3002\u7576\u4e2d\u907f\u514d\u7528IIS\u53bbSet\uff0c\u7279\u5225\u4fc2Step 11\u958bclientCertificateMappingAuthentication\uff0c\u540c\u57cb\u6700\u5c3eenable \"Require Client Certificate\" \u96d6\u7136\u4fc2IIS\u90fd\u6703\u6539\u5230\uff0c\u4f46\u4fc2\u5049\u5927\u5605M\uff04\u8a71Exchange \u91ce\u61c9\u8a72\u8fd4Exchange Admin Center\uff08EAC\uff09\u505a\uff0c\u540cSharePoint \u4e00\u6a23...... \u5514\u76f8\u4fe1....\u6211\u81ea\u5df1\u5f97\u5230\u5605\u4ee3\u50f9\uff0c\u5c31\u4fc2\u5514\u540c\u5605IIS Error\u3002\u3002 \u53ef\u80fd\u4fc2403.7 \uff0c\u63a5403.16........ \u518d\u5514\u4fc2\uff0c\u51faError 500\u3002\u3002\u606d\u559c\uff5eGameOver\u3002\u3002\u3002 \u9047\u904e\u597d\u5e7e\u6b21\uff0c\u8981delete site\uff0c\u7531\u982d\u518d\u569f..... 3\u3002EWS IIS Error 413, \u5514Fix, Notification\u4ea6\u6703\u505c\u5514work \u9700\u8981\u6539\u4ee5\u4e0b C:\\Program Files\\Microsoft\\Exchange Server\\V15\\FrontEnd\\HttpProxy\\autodiscover\\web.config C:\\Program Files\\Microsoft\\Exchange Server\\V15\\FrontEnd\\HttpProxy\\ews\\web.config 2. Replace the value \"uploadReadAheadSize\" of 0 to 1048576 (bytes) in\u2026","rel":"","context":"In &quot;IT&quot;","block_context":{"text":"IT","link":"https:\/\/rol801.com\/wordpress\/?cat=2"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2016\/08\/images.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":58,"url":"https:\/\/rol801.com\/wordpress\/?p=58","url_meta":{"origin":404,"position":3},"title":"Exchange 2013 OWA\/ECP < - > ADFS Authentication","author":"rol801","date":"December 15, 2015","format":false,"excerpt":"\u5462\u500bTopic\uff0c\u81ea\u5df1\u7d55\u5c0d\u6703\u8a55\u5b9a\u70ba\u4eca\u5e74\u505a\u904e\uff0c\u7e7c\u591a\u5e74\u524dSharePoint 2010\u5f8c\uff0c\u6700\u96e3\uff0c\u6700\u597d\u73a9\u5605\u4e00\u6a23\u3002 \u57fa\u5982ADFS 3.0\u5df2\u6709\uff0c\u62cdMicrosoft O365\/Azure \u5605SSO \u4ea6\u4fc2\u5169\u65e5\u5167\u8d77\u8eab\u3002\u8ad7\u5514\u51fa\u6709\u5572\u54a9\u7406\u7531\u5514\u53bb\u505a\u57cb\u4f62 \u00a0 \u6574\u500bsetup\u9032\u884c\u5de6\u4e09\u65e5.\u7576\u4e2d\u8981\u63d0\u6700\u96e3,\u4fc2\u4e00\u8def\u5931\u6557\u7576\u4e2dresearch \/ adjustment. \u800c\u4ee4\u5230\u5481\u9577\u6642\u9593\u5605\u539f\u56e0\u4fc2\u4ee5\u4e0b...... 1. Exchange Server 2013\uff1a\u907f\u514d\u554f\u984c\uff08\u4ea6\u767c\u73fe\u592a\u8010\u7121\u66f4\u65b0\uff0c\u7531SP1 upgrade \u53bb CU10\uff09 2. ADFS Server Signing Token Certificate : \u7d55\u5c0d\u4fc2\u4e00\u500b\u610f\u5916\u6536\u7a6b\u5605\u505a\u6cd5\u3002 \u540c\u6642\u4ea6\u8b49\u660e\u53ea\u9700\u8981Update Azure AD \u4e00\u6b21\u5c31\u5f97\uff0c\u5514\u6703\u5f71\u97ff\u820a\u6709 Federation Trust \"Update-MSOLFederatedDomain \u2013DomainName\" https:\/\/azure.microsoft.com\/en-us\/documentation\/articles\/active-directory-aadconnect-o365-certs\/ http:\/\/hazelnest.com\/blog\/blog\/2015\/07\/05\/exchange-2013-using-adfs-to-authenticate\/ http:\/\/nikpatel.net\/2014\/12\/22\/renew-expired-adfs-token-certificates-for-adfs-2-0-and-sharepoint-2013-on-premises\/ 3. Exchange Server Internal\/External Url \uff1a Reference URL \u7121\u4e00\u500b\u4fc2\u7528 .local Domain......\u800c\u4fc2Exchange configure\u2026","rel":"","context":"In &quot;ADFS&quot;","block_context":{"text":"ADFS","link":"https:\/\/rol801.com\/wordpress\/?cat=13"},"img":{"alt_text":"adfs-logo","src":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2015\/12\/adfs-logo-300x39.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":93,"url":"https:\/\/rol801.com\/wordpress\/?p=93","url_meta":{"origin":404,"position":4},"title":"Postfix incoming\/outgoing mail routing \u5be6\u4f5c","author":"rol801","date":"February 17, 2016","format":false,"excerpt":"\u00a0 \u73a9\u81ea\u5df1\u96bbDomain Linux server\u5481\u591a\u5e74.\u5f9e\u4f86\u90fd\u7121\u9ede\u8ad7\u8981\u591a\u6a5f\u9eceform Infra. \u54e9\u500b\u661f\u671f\u7d42\u65bc\u51fa\u73fe \u9700\u8981prepare Zimbra \u800c\u6709\u5462\u500b\u505a\u6cd5\u5605\u9700\u8981\u3002 \u7686\u56e0\u5514\u60f3\u6d6a\u8cbb N\u5e74\u524d\u8d77\u843d\u5605 CentOS server. \u4f5c\u70baSMTP gateway \u4ea6\u5514\u9700\u8981\u518dreg DNS Record. Outbound SMTP relay \u505a\u5f97\u591a\u3002 \u4f46\u4fc2Inbound\u7d55\u5c0d\u4fc2\u7b2c\u4e00\u6b21\u3002 \u904e\u7a0b\u6574\u8db3\u4e00\u65e5\uff0c\u4f46\u4fc2\u660e\u767d\u4e4b\u5f8c\u7d55\u5c0d\u53ef\u4ee5\u518d\u8ad7\u5f97\u66f4\u8907\u96dc\u3002 \u57fa\u672c\u9700\u6c42\u3002\u3002 \u540c\u4e00Domain\u4e0b\uff0c\u9ece\u7dcaZimbra email\u5605email\u6703\u7d93\u820aserver(Gateway) route\uff08relay)\u5165\uff0c\u00a0 Outbound \u540c\u6a23 relay \u51fa\u3002 \u4f46\u4fc2\u552f\u4e00exception.\u56e0\u70ba\u820aServer\u5df2\u6709\u81ea\u5df1account\u7528\u7dca\uff0c\u9700\u8981keep\u4f4f\u5514\u53ef\u4ee5\u6bd4account\u5605email \u90fdroute\u8d70\u3002 \u9996\u5148\u8981\u4fc2 postfix \u65e2config \/ect\/postfix\/main.cf,\u00a0 \u52a0\u5462\u53e5 \"transport_maps = hash:\/etc\/postfix\/transport\" \u4e4b\u5f8c\u6232\u8089\uff0c\u4fc2 \/etc\/postfix\/transport \u5165\u9762\u6700\u4f4e, \u52a0\u4ee5\u4e0b \u81ea\u5df1\u8981\u7559\u4f4f\u5514route\u5605email address , \u63a5\u4f4f\u4fc2\u81ea\u5df1\u6a5f\u5668\u6536\u2026","rel":"","context":"In &quot;IT&quot;","block_context":{"text":"IT","link":"https:\/\/rol801.com\/wordpress\/?cat=2"},"img":{"alt_text":"Integrations-Postfix-340x216","src":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2016\/02\/Integrations-Postfix-340x216.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":293,"url":"https:\/\/rol801.com\/wordpress\/?p=293","url_meta":{"origin":404,"position":5},"title":"My ADFS Claims Rules Journey \u2013 Part 3 &#8211; Final","author":"rol801","date":"February 28, 2018","format":false,"excerpt":"\u00a0 \u00a0 \u7d42\u65bc\u6709\u6642\u9593\u5fc3\u60c5\u5beb\u57cb\u6700\u5f8c\u5462Part\u3002 \u7e7cPart 2\u3002 \u7d93\u904e\u4e0d\u65b7Try on Error\u8a66Claims Rules\u4e4b\u5f8c\u3002 \u5ee0\u5605\u4ee5\u4e0b\u5462\u500bArticle\u53e6\u6211\u653e\u68c4Claims Rules\u53bb\u505aRestriction\u5605\u8ad7\u6cd5\u3002\u5c0d\u65bcActiveSync\u569f\u8b1b\uff0c\u4f3c\u4e4e\u7528Modern Auth\u4fc2\u524b\u6b7bClaim Rule\u3002 \u4ee5\u4e0b \u5e7e\u985e\u578b\u5605\u505a\u6cd5\u53ef\u4ee5\u53d6\u66ffUnauthorize ActiveSync device access \u7b2c\u4e00\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u7528MDM Vendor\u5605Identity Management Software - \u76f8\u5c0d\u96e3\u5ea6\u4fc2\u6700\u9ad8\uff0c\u56e0\u70ba\u591a\u7528SAML\uff0c \u9700\u8981\u6709Deploy SAML\u5605\u7d93\u9a57\u3002\u800cInfrasture\u5165\u9762\u5605\u914d\u7f6e\u5df2\u7d93\u5514\u4fc2\u666e\u901aCompany\u6703\u6295\u8cc7 \u7b2c\u4e8c\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Deploy Certificate Authentication\u3002\u96e3\u5ea6\u540c\u7b2c\u4e00\u7a2e\u505a\u6cd5\u4e0d\u9051\u591a\u8b93\u3002\u9700\u8981Deploy\/ Maintain Internal CA \/ NDES \/PKI infrastructure\u540c\u6a23\u5514\u5bb9\u6613 \u7b2c\u4e09\u00a0 \u00a0\u2026","rel":"","context":"In &quot;ADFS&quot;","block_context":{"text":"ADFS","link":"https:\/\/rol801.com\/wordpress\/?cat=13"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2015\/12\/adfs-logo.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2015\/12\/adfs-logo.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2015\/12\/adfs-logo.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/404","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=404"}],"version-history":[{"count":1,"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/404\/revisions"}],"predecessor-version":[{"id":406,"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/404\/revisions\/406"}],"wp:attachment":[{"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=404"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=404"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=404"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}