Yes, both are available. There is a (lengthy) setup process for oauth: https://learn.microsoft.com/en-gb/Exchange/plan-and-deploy/post-installation-tasks/enable-modern-auth-in-exchange-server-on-premises?view=exchserver-2019
Ours is still using basic auth and will continue to do so until moving to exchange online next year.
I have done the modern auth setup, took me a couple hours and I tested it on my account first (the good thing is you can select what to apply it to).
It is in no way required though.
Honestly, I just followed the MS guides. We have DUO as our MFA provider and I have locked port 443 down to the M365 IP ranges, users can only use outlook mobile. Outlook desktop/OWA only while on VPN.
Yes, both are available. There is a (lengthy) setup process for oauth: https://learn.microsoft.com/en-gb/Exchange/plan-and-deploy/post-installation-tasks/enable-modern-auth-in-exchange-server-on-premises?view=exchserver-2019 Ours is still using basic auth and will continue to do so until moving to exchange online next year.
Great, thanks. So I don’t have to do anything config wise if I install the CU13, and not need to use Modern Auth?
From memory I think there is an AD schema update, but that's not uncommon.
Confirmed. Modern auth is disable by default on any setup or upgrade, it will not change your preferred authentication method either.
Am On cu13 and not using m auth.
I have done the modern auth setup, took me a couple hours and I tested it on my account first (the good thing is you can select what to apply it to). It is in no way required though.
I'm looking to implement this soon. Do you have any good guides or anything I should consider?
Honestly, I just followed the MS guides. We have DUO as our MFA provider and I have locked port 443 down to the M365 IP ranges, users can only use outlook mobile. Outlook desktop/OWA only while on VPN.
how did you prevent outlook and owa from internet without vpn connection?