OAB for IMAP attached Outlook clients

I've recently setup a new RPC over HTTPS solution for a client.  Users are attaching to a hosted Exchange 2003 Server in our data center from a remote site.  Works great, set it up with few issues thanks to the help received on this site.  

An unexpected turn this past couple days was that the client had several workstations that are Windows 2000, where Outlook clients can't use RPC over HTTPS (if there is a way, please let me know).

For those users, I created a connection to the new Exchange Server via IMAP - which to me isn't ideal, but at least they could access mail.  Now these users are looking for an address book - (GAL) which of course isn't available.  

Does anyone know of a way to solve this, short of an upgrade?  :)

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

There are no workarounds for getting RPC over HTTP to work on Windows 2000.

POP and IMAP themselves are simply protocols for reading email from the server and obviously don't include any address list functionality. Your only option here is to provide that address list functionality via LDAP. Any normal email client (Outlook, Outlook Express, etc) supports LDAP. This gives POP/IMAP users some address list functionality but it isn't nearly as nice as the GAL that MAPI clients see. Instead, they can search the address list to find users (they would see both their display name and their email address).

The problem with LDAP is that Microsoft hasn't provided you with any secure mechanisms for offering it from Exchange. The Exchange servers themselves don't speak LDAP - only the Global Catalog AD servers. Theoretically you could open the LDAP port (389) on your firewall to a GC and have your users connect to it for LDAP queries but you don't want to do that - big security issues with having a GC internet accessible. More commonly I've seen people replicate the directory information from AD over to an ADAM (Active Directory Application Mode) instance which supports LDAP and could then be run on an internet-accessible host without security issues. However, this is a little tricky to setup and it is a lot of work. If you were planning to have IMAP-only clients forever, it might be worth it. If you're looking for a temporary solution until you get those Windows 2000 users upgraded, it's likely not.

I'm sure you've already thought about this but the other option for users is OWA. It has many drawbacks when using it as your primary mail client but the address list functionality is okay. Often a hybrid works for users temporarily where they use their IMAP client for sending & receiving and also keep an OWA window open for viewing their contacts, calendar, and doing address list lookups. It isn't elegant but worth suggesting to users.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
trivalentAuthor Commented:
You're right, getting LDAP configured would not be worth it in this case.

Yes, OWA works great from those PCs as well.  

Your suggestion for the OWA / LDAP solution is sound - as we both know users won't really understand why or what's happening, but this will be the way it has to be.

Thanks for the reply.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.