We help IT Professionals succeed at work.

Outlook 2003 not authenticating to Exchange 2003 server which is not part of the local domain.

tgeddings
tgeddings asked
on
Medium Priority
156 Views
Last Modified: 2010-04-18
 I am not sure if I have set this up correctly but I have the Exchange server setup in its own domain, own DNS server outside my firewall. My internal networks have its own Domain/ forest two Global catalogs, DNS, DHCP.

My thought was to keep the exchange server completely separate and if by chance it gets hacked into there is no chance of compromising our internal network shares. It was double work to key in all the users into the email/exchange domain but I thought for security it was worth it.  In outlook, you specify the exchange server name (mail.mydomain.com) and then when you click on check name it would prompt for a username and a password (mydomain.com\username)  This works fine for everyone at the corporate office and any remote location that is not a member of the domain mydomain.local

 

The internal domain is called mydomain.local (192.168.1.x network) and the Exchange domain is mydomain.com (24.x.x.x)

 

Food for more thought…

The internal domain client all talk back to the PDC for DNS (192.168.1.86) which forwards all outbound DNS to ISP. As I said though for all the computers at the corporate office this is working fine it is just the remote branches whose computers are members of the corporate domain (mydomain.local). They can ping the exchange server, they can telnet to port 25 on the exchange server, just can not resolve the name during the initial setup.

 

I have applied the hotfix to the 2 GC servers and the 1 Exchange server and have no such luck. Reference Microsoft KB 898060
I am stumped, any ideas?

Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2005
Commented:
You'll have to resort to using HOSTS for this.

Have you thought about OWA rather than Outlook when offsite?  You can also look at RPC over HTTP.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Turns out according to Microsoft that this is an unsupported configuration. I didn't realize this at the time but hey I am an idiot. What changes to the host file will need to be made, since they are able to ping and telnet(port 25 only) to the exchange server?

Microsoft recommending moving the exchange server to be within the local domain and put it behind the firewall with the rest of our network. That seems like alot of work? What is everyone else thoughts?
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.