Applies ToExchange Server 2010 Exchange Server 2013 Exchange Server 2016 Exchange Server 2019

Scenario

Consider the following scenario:

  • You are running Exchange Server.

  • You have enabled Exchange Web Services (EWS).

  • Push Notifications are enabled and used in your environment.

Cause

When a client subscribes to Push Notifications from Exchange Server, the notifications that are sent to the client include NTLM information that could be used to authenticate as the server that is running Exchange Server. This information was previously included to allow an authenticated response to subscribed clients. Only Push Notifications are affected. Pull and Streaming Notifications are unaffected.

Workaround

To work around this scenario and prevent information from being misused, define a throttling policy that prevents EWS Notifications from being sent to subscribed clients. Although only Push Notifications are subject to this behavior, a throttling policy affects Push, Pull, and Streaming Notifications equally.

Note This workaround causes some clients to not function correctly. This includes Outlook for Mac, Skype for Business, native iOS mail clients, and some other third-party clients. It may also include custom LOB applications.

Resolution

Microsoft has changed the notifications contract that is established between EWS clients and servers that are running Exchange Server not to allow authenticated notifications to be streamed by the server. Instead, these notifications are streamed by using anonymous authentication mechanisms. Because a client would have to authenticate to establish the subscription, this approach is considered to be an appropriate and necessary design to protect the credentials and identity of the server. After this change, clients that rely on an authenticated EWS Push Notification from the server that is running Exchange Server will require a client update to continue to function correctly.

This change in behavior becomes effective in the following Exchange releases:

Facebook LinkedIn E-Mail
RSS-FEEDS ABONNIEREN

Benötigen Sie weitere Hilfe?

Möchten Sie weitere Optionen?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders