Secure Password Authentication (SPA) is a proprietary Microsoft protocol used to authenticate Microsoft email clients with an electronic mail server when using the SMTP, POP, or IMAP.
This article provides information on how you can set up SPA in Outlook with the KOFF profile for a domain-joined user.
- The host on which the Kerio Connect server is installed has to be domain joined, and domain mapping should be appropriately configured for Active Directory.
- Do not confuse domain joining a host computer to Active Directory and mapping Active Directory domain to the Kerio Connect domain in Webadmin.
- Domain joining host computer depends on the operating system; on Windows, it is usually achieved via Control Panel configuration.
- The user for which the KOFF profile will be created must have a Kerio Connect Mailbox created.
- Such a user can be created by installing Kerio Connect Active Directory Extension on the Active Directory server before creating the user. (For more information refer to Adding Users to Kerio Connect.)
- The host on which KOFF and Outlook are installed must be domain joined.
- The user previously created must log in on this machine using their Active Directory credentials.
- Follow the creating Profiles in MS Outlook (Steps 1-4).
- Enter the Server name (hostname of the PC on which the Kerio Connect server is installed) and choose Secure Password Authentication.
E.g., Server name:
- In the Server Details tab, checkmark the option for Use secure connection (SSL).
- Click Retrieve Info and OK to finish the profile configuration.
Optionally, you can see the video below that explains the steps in detail for your reference:
Please note that the instructions mentioned in the video are not generic. Thus, ensure the server name and related details should be entered as per the hostname on your PC:
The KOFF profile is successfully configured using SPA, and the account information is retrieved.