Outlook and mobile client’s settings

How it works and security

To log in to Office356 service we are using the Shibboleth network, University login and password. It is a secure way of login, because the password never leaves University servers and never goes through foreign servers (in this case Microsoft servers). Because of that, the password is not saved in any form on MS servers.

This system works fine for web browsers, but what if someone wants to look at services which are not provided by HTTP?

Used protocol mostly don’t support authentication mechanism which is needed, and if they are supported, not every client knows how to use them. In the end, we ended with a common login through name and password. But what if servers don’t know password, how it is possible for them to verify the client?

In Microsoft they decided to solve this problem by implementing proxy authentication. Client sends them a name and password as he is accustomed and server on MS side will use this information to login through Shibboleth.

It would appear, that the use of the Shibboleth system, when the server does not know the user’s password has lots of sense. This is not the case. A different password, called ECP code is used for this authentication. The ECP code is meant exactly for non-HTML login for services, and its knowledge does not substitute the main password and it does not allow login to web services (such as AIS) nor login to class computers. Another advantage of ECP code is that you don’t have to change it regularly so after first setting of client settings (thunderbird, outlook, Gmail) you don’t have to worry that after few months your login to mailbox will not work. You can, however, change your ECP code if necessary.

How your login name looks like?

Because MS servers determine users by their full email address, in this case your username has to also contain the domain, i.e. your username will look like: cdoLogin@uniba.sk.

What password to use? 

To login you have to use the ECP code, which you can find through the interface for finding and changing of the ECP

Information to set up IMAP/SMTP/POP client

POP3 settings
Server name: outlook.office365.com
Port: 995
Encryption method: SSL

IMAP settings
Server name: outlook.office365.com
Port: 993
Encryption method: SSL

SMTP settings
Server name: smtp.office365.com
Port: 587
Encryption method: TLS

Settings are also available through Office 365:

  1. After logging into Office 365 click on “Settings” in right upper corner and then click on “Show advanced settings…”.
  2. Choose “Account” and then “My account”
  3. Click on “Access settings for protocols POP, IMAP and SMTP...”

If you do not see “Options -> Show all options... “ in the right upper corner, you are not using a compatible web browser, or you have switched to mode for visually impaired users.

Password for email clients is always the ECP code.
L1 password (password to log in into AIS) is used only to access the webmail interface.

Detailed instructions for desktop applications and mobile phones

You can find detailed instructions and instruction videos (videos are in English) on MS email installation guide. You should choose your operating system and application, which you want to set up, in the menu. Settings of applications in OS Linux are same as in MS Windows.