?
Solved

Connect Outlook 2007 non-domain client To Exchange 2003

Posted on 2008-10-03
9
Medium Priority
?
2,352 Views
Last Modified: 2013-11-30
I have one laptop user running XP Pro/Outlook2007 that cannot join domain for other reasons. Mail will be managed by Exchange 2003. How can this laptop user who is not joined to domain, send & receive email via Exchange? If he can some how send via relaying through Exchange & download mail from Exchange. Or perhaps some other way. Currently this user is accessing mail via POP3. User will be mobile with laptop. Please provide details.
0
Comment
Question by:yohayon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 5

Expert Comment

by:chops_uk
ID: 22638126
simply setup the account as usual and when prompted for domain credentials, enter domain\username instead of username..
0
 
LVL 3

Accepted Solution

by:
Tonie16 earned 1500 total points
ID: 22638221
Hi,

You said user needs to be mobile.
Please see pic below, settings for client setup, so that user can connect to exchange from internet.
You need to publish the name to the internet and make sure exchange is setup for Outlook anywhere access.  I think it uses the OWA settings, so it should just work then.

mail.jpg
0
 

Author Comment

by:yohayon
ID: 22642848
Tonie16, I will try your recommendation. But what about adding POP3 functionality to the Exchange Server for this laptop user? Is that a quick easy option? I am not responsible for backup up his email.
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 5

Expert Comment

by:chops_uk
ID: 22643940
Hi yohayon

A non domain PC will work fine with exchange.. just use domain\username to establish domain credentials  In My Opinion, if you have a VPN then it's the simplest / safest / most secure / quickest to implement option for a remote or mobile user.

I agree, OMA's a great way of doing it, but you'll need to sort out certificates, possibly a DNS A record,
etc, ensure https and not https is available and MOST importantly, ensure EVERYTHINGs locked down.. as you will get attacked from this interface. Turn on password lockout, disable guest, ensure passwords are all secure and preferably standard named accounts aren't accessible.

ONLY then, open port 443 from your firewall to your internal mail server and test. Then keep on top of firewall & server logs .. (keep an eye out for Event ID 529 in your event logs).

I'd simlply give them VPN access (restricted to just the internal mail server if they're not standard internal users) and get them to logon using standard Exchange Services.. preferably using Outlook's Cached Exchange mode (logging on using domain\username instead of just username)... or again, even OWA once connected internally.

yep, for just one user.. given the security hole OWA would create, I'd really stick with VPN... unless you have time on your hands to ensure your security's definitely OK ..

yep, you could setup a POP server.. but you've opened a hole in your security again.. so if there's any chance of KISS (keeping it Simple), I'd recommend doing that.

hope this helps
0
 

Author Comment

by:yohayon
ID: 22695980
Chops uk, thank you for responding in detail. I have initially attempted to configure the POP3 service on Exchange. The issue is that the laptop user can connect & send/receive email while he is remote. But once this laptiop user comes into the office he cannot. I believe it is related to the fact that the user is using the external ip of the exchange server internally & therefore cannot connect while in the office. Any solution to that?
Is there a dns record that can be created ? How?
0
 
LVL 5

Expert Comment

by:chops_uk
ID: 22697308
Hi Yohayon. Sorry if I'm not clear on what you've currently got running.. does this mean that he's accessing POP email remotely.. or using Exchange Services through a hole opened on the firewall?.. or is he currently using VPN? I assume it's not 'Outlook Anywhere' (over RPC)..

If you don't want to change from your current access mehod, create a DNS 'A' record pointing to the IP address he's accessing.. i.e. mailgate.example.com and configure his Outlook to point at that. Internally, create a DNS Forward Lookup Record for mailgate.example.com that points to the internal address of that machine. That way, when he's internal, he'll be using internal DNS and his machine will still be looking at the correct place. when external, he'll use the Internet DNS and get the external IP address.

Or.. and I really can't stress enough that (if he is currently accessing via a hole in the firewall), then you should switch to VPN access or, if you don't want a VPN.. then to Outlook over RPC (Outlook Anywhere on Exchange '07).

It just seems a shame to have the power of Exchange available and having to drop back to POP for this one user when there are othe options open to you!

I hope this helps.. please feel free to reply with to correct me if I've misunderstood anything in your existing setup or requirement... over to you!
0
 

Author Comment

by:yohayon
ID: 22699706
Recap: Laptop users us using pop3 to download mail from 3rd party. When Exchange will be introduced all mail for BandB,com will be received via Exchange. The laptop user will not be part of the domain but I need to make mail accessible to him. Internally the domain is called (example) bb.com. So how & what type of record is created to allow the remote user to connect to Exchange POP3 mail server with external IP configured in his Outlook when the user is internal & behind the firewall? Remember that internal domain name is different than external domain name.
0
 
LVL 5

Expert Comment

by:chops_uk
ID: 22700784
My comment about the DNS forward lookup will still work, so this is the answer (don't think IP addresses.. think of pointing at a server name).

However, my question is WHY you want to use POP mail when you could simply give them the power of a full Exchange using VPN or Outlook over RPC? You've not yet explained if and why this isn't an option for you? Don't forget, his laptop doesn't need to be a domain member to use exchange email.

the answer from above, ref the solution to internal / external resolution >> "If you don't want to change from your current access mehod, create a[n Internet] DNS 'A' record [via your ISP] pointing to the IP address [of the external Exchange POP server] he's accessing.. i.e. mailgate.example.com and configure his Outlook to point at that. Internally, create a DNS Forward Lookup Record for mailgate.example.com that points to the internal address of that machine [it shouldn't matter what the actual internal domain name is]. That way, when he's internal, he'll be using internal DNS and his machine will still be looking at the correct place. when external, he'll use the Internet DNS and get the external IP address."

over to you!
0
 

Author Comment

by:yohayon
ID: 22703112
The reason to use POP3 is since I am not supposed to store permanently this users mail on our server.  I still do not understand what type of record I am creating on my internal dns. A record? CNAME? (details please) & how do I overcome issue with the fact that my internal domain name is different than my external domain name with regards to creating the internal dns record?
Dns record on my isp is not an issue & was done long ago & works.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Pop culture is prime bait for hackers seeking to infect user’s computers and mobile devices with malicious malware. Hackers know exactly what the latest trends are online and know how to use them to their advantage.
In-place Upgrading Dirsync to Azure AD Connect
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses
Course of the Month12 days, 15 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question