OWA + Sharepoint = true

Well, I've been writing about this previously, but I felt an need to describe my simplistic final solution for a couple of customers.

The only obvious problem in using OWA and the standard Page Viewer Webpart to display Exchange content in Sharepoint is the double authentication. By default users have to authenticate against Exchange the first time the webpart loads in the browser session. I contacted Micrsoft about this and they explained that by configuring Exchange properly the double authentication could be omitted.

Here are the solutions suggested:

1. Point users to OWA on a backend Exchange server, Internet Explorer users logged into machines that are joined to the same forest as the server will automatically authenticate using NTLM or Kerberos via the HTTP NTLM or HTTP Negotiate methods.

2. If accessing OWA through an Exchange front-end server, configure client certificate authentication, where users have certificates that may be used for authentication without any PIN or password.  This is pretty involved, but straightforward if you have a PKI.  Most of the config is covered in the document I'll refer to next.

I am not really an IT pro so this is a bit greek to me, but I've gotten this solution verified by several pros now, and OWA should be ready to take the role as my new main SPS/Exchange integration point. Also check out KC Lemsons posting on this subject.