Solved

Outlook 2003 Cached Mode - Password on Open

Posted on 2006-11-11
19
423 Views
Last Modified: 2008-02-01
Hello. I have a remote Outlook 2003 laptop running in Cached Exchange Mode connecting to an Exchange 2003 Enterprise Server through a VPN tunnel. I need Outlook to prompt for login credentials when it opens, not while checking for new messages. This person has very sensitive e-mail in his folders which anyone will have access to if they cancel the login screen that pops up by checking the box to always prompt for user name & password. Is there any way to password protect these offline files?? Any help would be appreciated. Thanks in advance.

Jon
0
Comment
Question by:Jon DeVito
  • 10
  • 4
  • 2
  • +1
19 Comments
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 75 total points
ID: 17921857
While you can make Outlook prompt for a username and password when it starts, that is only if it is connecting to the Exchange server. I am not aware of a way that you can get Outlook to prompt for a password when it is started.
My personal opinion is that the machine should protecting the files. If someone has access to the machine then it is game over anyway. With physical access to the machine I can get in to it in less than 2 minutes.

You need to protect the machine rather than the application.

Simon.
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 17921948
I agree in theory, but I'm trying to hide the data from the casual observer, not the tech people.
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 17922012
PS - I am using a Dell Latitude D820 with a Biometric Fingerprint Reader using Wave Embassy Security Center. If I can use my fingerprint to login to my Cached Exchange I will double the points.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17922019
If a casual observer gets access to the machine, then you have the same problem.
If the machine contains data that is that sensitive then the user needs to be trained to lock the machine when they walk away or take the machine with them. You can change the screensaver timeout to one minute so that it locks very quickly if the machine is abandoned.

Outlook has been designed that the machine provides the protection, not the application.

Simon.
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 17922088
Understood & agreed but that is not always practical & I can't take the chance with that. I would expect that by now with the Bio reader you could get a piece of software that will allow certain exe's to run only if the Bio reader is used. I don't see the option for that with the software that came with this laptop but I would be willing to try another software if it worked that way.

Thanks.
Jon
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17922143
You may want to put a pointer in the Outlook topic area then, because as far as I am aware it cannot be done.

A bio scanner is just another mechanism for entering a password. It requires application support that protects the file to send a request for authentication which the bio scanner can then fulfil.

Simon.
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 17922167
Thanks a lot for the help Simon. I will try the Outlook area but I'm not quite sure how to put a pointer though. Do I have to open a new thread in the Outlook topic area just with a link to this thread or is there a better way to do it?

Thanks again.
Jon
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17922359
Pointers are just new questions with minimum value points (20) and a link to the original question.

Simon.
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 17922416
Thanks a lot Simon. I just created the pointer in the Outlook area. Thanks again.

Jon
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 26

Assisted Solution

by:Vahik
Vahik earned 75 total points
ID: 17922778
http://pgp.com

the latest version of PGP desktop offers folder\file and disk\volume encryption...
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 17923173
Thanks Vahik, I'm looking at all of the PGP products & although they will encrypt the disk it doesn't look like they will secure my Outlook in Cached Exchange Mode. I have never used any software like this so I don't know if I'm looking at this wrong but I need to be able to walk away from a logged in laptop & have Outlook prompt me for a password when run preferably using my built in fingerprint reader. Can the PGP software do that?

Thanks.
Jon
0
 
LVL 26

Expert Comment

by:Vahik
ID: 17923494
PGP can encrypt ur outlook folder where outlook PST OST resides....once it is encrypted it servers two purpose...
1- to access outlook you must provide password(actually it is a passphrase)....
2- if laptop is stollen noone can access those encrypted files and folders(even if they access the drive by removing it adding it as a second drive on another machine) unless they come up with passphrase....not possible according to PGP....


but once passphrase is provided it will not be required unless a reboot or unless user is logged off....


i am not sure about biometrics but i know PGP works with smart cards and tokens...
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 17925529
Thanks for the info, still not quite what I'm looking for though because the user would have to log off or lock the computer every time he walked away. I need the protection to be on Outlook or the offline data file so that it prompts for a password every single time the program is launched. Thanks again for the info on the program though.

Jon
0
 
LVL 9

Accepted Solution

by:
robjeeves earned 100 total points
ID: 17927842
G'day mate, couple of ideas?

Windows Key + L to lock the screen and somthing like this

http://program-protector.blumentals-software.qarchive.org/

I've not used that software and there seems to be a few of them around if you have a google?

Any good to you?

Rob
0
 
LVL 9

Expert Comment

by:robjeeves
ID: 17927926
G'day

I had another brainwave :)  This might not work but I'll share it with you anyway.  Seeing as it's a laptop is it only one user who uses it?  If so how about

Make a new user on the laptop
Change the NTFS permission on the Outlook Executable to only allow 'the new user access'
You then create a batch file using the runas command and run the Outlook.exe executable.
In this mini-batch file you specify the Username but don't include the password, So the user gets a command window asking for a password

This is a bit of an ugly way to do it but it might work?  Not sure how outlook will handle opening as the new user, ie will it open the correct profile etc but why not give it a go.  It might just work :-)

Rob
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 17946890
Hi Rob, sorry I was away for a few days on business but I am definitely going to try that last one. Great idea if it works. Even if it's ugly, I just need it to work. I'll let you know the minute I can get back to that laptop. Most likely flying back in tomorrow. Thanks again for the idea.

Jon
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 17975730
Hi Rob. I keep getting Directory name is invalid pointing to my Outlook.exe when using the RunAs. Any idea why?

Thanks again for the help.
Jon
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 18139638
No objections from me. I wish I could have found a solution but thanks for trying everyone.

Jon
0

Featured Post

Promote certifications in your email signature

Has your company recently won an award or achieved a certification? They'll no doubt want to show it off. Email signature images used to promote certifications & awards can instantly establish credibility with a recipient and provide you with numerous benefits.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2010 error RBAC 3 19
Powershell / CAS-Mailbox query / script to disable OWA for all but a few users 12 34
exchange, outlook 2 28
ADD new primary address 13 16
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now