[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

POP Access for Non-Domain users

Posted on 2002-05-13
4
Medium Priority
?
223 Views
Last Modified: 2010-03-05
I'm having a Exchange 2000 server, running in a Windows 2000 Active Directory/Domain running in mixed mode (Some old NT DC's)

I'm using MCC - Active Directory Users and Computers to administrate the mailserver.

There is access to the Exchange Server from the Internet, for receiving and sending mail. Users can pick-up their mail from home using SecurePOP3.

Now I would like to be able to create some POP3-accounts, without having to create users on the Domain (And thereby giving them some access to the servers on the domain)

Does anyone have any ideas on how I can do that??
0
Comment
Question by:flopperman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 13

Accepted Solution

by:
hstiles earned 800 total points
ID: 7006175
You can't.  Mailboxes are inexorably linked to domain user accounts.  The only way around it would be to create a single user account and assign multiple mailboxes to this account - hardly secure though.
0
 
LVL 4

Expert Comment

by:bluezoo7
ID: 7006552
Hstiles is right that Exchange 2000 and AD domains are indelibly linked. You can't have the mailboxes without the domain accounts.

However, you cannot assign a single user to multiple mailboxes. Each mailbox must have a unique owner account, although users can be given rights to view multiple mailboxes.

You do have options, in order of most secure/difficult to least:

1. Create child domain in AD that contains all the users that you do not want in the parent domain. Use group policy to limit the acessibility of this domain to only the resources needed to get mail.

2. Use an OU and group policy to accomplish the same thing if child domains are too extreme for your environment.

3. Put all the "non-domain" users in a global group. Remove the group's rights except for those needed for Exchange (perhaps none except "log on locally"...you will have to test). Remove the users from the "Domain Users" group. Ensure that your servers specifically deny this group access via NTFS or share perms depending on your security policy.
0
 
LVL 13

Expert Comment

by:hstiles
ID: 7007858
You could also place the accounts in the domain guests group.
0
 

Author Comment

by:flopperman
ID: 7072381
hstiles gets the points even though it wasn't the answer I was hopeing for :-)
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question