technology and zen of life

“A heisenbug (named after the Heisenberg Uncertainty Principle) is a computer bug that disappears or alters its characteristics when an attempt is made to study it.”

Calendaring: Exchange can publish to ICS, defaults to insecure

ICS (iCal) is a file format for calendars. Most calendaring software uses it. For example, you can import / export it to Google Calendar. If you have a Google Calendar, you can “publish” your calendar to an ICS file, so you can use it with other software like Mozilla Calendar or web services.

Microsoft Exchange 2010 can also publish calendars to ICS. Which is great, because Exchange and Outlook offer more advanced features for heavyweight calendar users. Like using rich text and images for your descriptions, and adding file attachments. Steve Goodman has written a fine manual on how to enable iCal Calendar Sharing with Exchange 2010 SP1 (recommended reading).

Here I will not give the depressing account of my troubles installing Windows 2008 and Exchange. If you are used to installing Linux servers, prepare a few days instead of a few hours. Even after you have installed everything, after numerous reboots and fixes, buggy graphical config tools and a not-so-grown-up command line, you still have work to do. Like minding security.

If you publish your calendar to ICS, then you will receive an URL which is [1] plain HTTP, while it should default to HTTPS, and [2] not protected by a password.

The first problem can be solved by your firewall – do not allow normal http (80) traffic to your Exchange server. Instruct your users about the ICS URL; they have to replace http by https.

The second problem requires you to start the ISS Manager. Go to the owa/Calendar folder. Disallow the Anonymous access, and allow the Digest access. See the screenshot below.

Exchange 2010 ICS security Calendaring: Exchange can publish to ICS, defaults to insecure

 Calendaring: Exchange can publish to ICS, defaults to insecure

About Evert Mouw

Interested in kinda everything, studied political science, now studying medical informatics. MCSE, Linux enthousiast, and believing that technology is the path to enlightenment ;-) Best RTS game ever is Warhammer Soulstorm (IMHO). Other hobbies include hiking, kayaking, reading and when I have time, trying to have an ant colony in an artificial nest (formicarium).

Leave a Reply

2 Responses

  1. TPC says:

    This is what I needed…

  2. [...] Tot zover mijn ervaring met de installatie van Exchange 2013. Ik heb de functionaliteit niet verder getest. Als je Exchange installeert en ICS wilt aanbieden aan je gebruikers, lees dan ook mijn artikel op TechMonks: Exchange can publish to ICS, defaults to insecure. [...]

Email Subscription

Disclaimer

The views expressed on this blog are personal. We do not claim to be a representative voice of the views of any organisation whatsoever. We are not responsible for the content present on the blogs to which we have linked.Views expressed are solely that of the author and does not reflect a collective opinion of contributors.
%d bloggers like this: