?
Solved

Outlook 2003 not authenticating to Exchange 2003 server which is not part of the local domain.

Posted on 2006-03-28
3
Medium Priority
?
142 Views
Last Modified: 2010-04-18
 I am not sure if I have set this up correctly but I have the Exchange server setup in its own domain, own DNS server outside my firewall. My internal networks have its own Domain/ forest two Global catalogs, DNS, DHCP.

My thought was to keep the exchange server completely separate and if by chance it gets hacked into there is no chance of compromising our internal network shares. It was double work to key in all the users into the email/exchange domain but I thought for security it was worth it.  In outlook, you specify the exchange server name (mail.mydomain.com) and then when you click on check name it would prompt for a username and a password (mydomain.com\username)  This works fine for everyone at the corporate office and any remote location that is not a member of the domain mydomain.local

 

The internal domain is called mydomain.local (192.168.1.x network) and the Exchange domain is mydomain.com (24.x.x.x)

 

Food for more thought…

The internal domain client all talk back to the PDC for DNS (192.168.1.86) which forwards all outbound DNS to ISP. As I said though for all the computers at the corporate office this is working fine it is just the remote branches whose computers are members of the corporate domain (mydomain.local). They can ping the exchange server, they can telnet to port 25 on the exchange server, just can not resolve the name during the initial setup.

 

I have applied the hotfix to the 2 GC servers and the 1 Exchange server and have no such luck. Reference Microsoft KB 898060
I am stumped, any ideas?

0
Comment
Question by:tgeddings
2 Comments
 
LVL 51

Accepted Solution

by:
Netman66 earned 1500 total points
ID: 16322411
You'll have to resort to using HOSTS for this.

Have you thought about OWA rather than Outlook when offsite?  You can also look at RPC over HTTP.

0
 

Author Comment

by:tgeddings
ID: 16333042
Turns out according to Microsoft that this is an unsupported configuration. I didn't realize this at the time but hey I am an idiot. What changes to the host file will need to be made, since they are able to ping and telnet(port 25 only) to the exchange server?

Microsoft recommending moving the exchange server to be within the local domain and put it behind the firewall with the rest of our network. That seems like alot of work? What is everyone else thoughts?
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Loops Section Overview

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question