Solved

Securing outlook Anywhere using certificate for Outlook 2007 user authentication only

Posted on 2011-02-23
12
509 Views
Last Modified: 2012-05-11
Hi Everyone,

I'd like to know if it is possible to secure Outlook 2007 Anywhere using certificate base ? so that user can just import the certificate that I created internally here and then just selecting the certificate name rather than typing their DOMAIN\username everytimethey connect to the remote head quarter base from their home laptop ?

At the moment I do have SAN certificate for my OWA issued by 3rd party CA, but only for the user that i'd like to know if it is possible.

Any pointer to resolve this issue would be greatly appreciated.

Thanks
0
Comment
Question by:jjoz
  • 7
  • 5
12 Comments
 
LVL 1

Author Comment

by:jjoz
ID: 34967502
by using the certificate that i must install to each user desktop generated by the internal CA, so it becomes more secure and easier for the user just select the dropdown list of the certificate rather than typing the username and password.
0
 
LVL 27

Accepted Solution

by:
davorin earned 500 total points
ID: 34973330
I'm afraid this is not possible.
Unless you can write a new outlook plug-in which will show the list of personal certificates at the time of authentication. You will need also at server side mechanism to to accept/reject certificates and change it into correct user logon.
0
 
LVL 1

Author Comment

by:jjoz
ID: 34973783
ok, so the only authentication is only username and password manual type ?
0
 
LVL 27

Expert Comment

by:davorin
ID: 34974406
Actually yes. There are two auth. types (basic & NTLM) , but both prompts for password.
Some additional info:
http://technet.microsoft.com/en-us/library/bb430792.aspx
0
 
LVL 1

Author Comment

by:jjoz
ID: 34974927
ahh OK, because I have imported the SSL that was generated by the internal company CA and yes I was able to select the certificate, but somehow it just keep asking me again and again.

maybe you are right, typing the password manually is the only way to go with Outlook Anywhere 2007.
0
 
LVL 27

Expert Comment

by:davorin
ID: 34982356
Do you get password prompt ot opening outlook or continually when the outlook is open?
If it is the second case, you will need to (suggest fully) update exchange server.
This problem was solved by SP1 Rollup 9.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:jjoz
ID: 34985617
at the opening only, and I never be able to connect.
0
 
LVL 27

Expert Comment

by:davorin
ID: 34986933
So OA is actually not working.
You can use this site to test your setup:
https://www.testexchangeconnectivity.com/

You can also try to use outlook /rpcdiag from LAN.
http://www.amset.info/exchange/rpc-http-diag.asp

In most cases the problem is with non trusted certificates, but in this case you are using 3dr party cert, so this should not be a problem. Anyway I always make sure, that when PC connects to OWA that cert is trusted and also chech out if in trusted root CA is listed CA who issued the cert.
0
 
LVL 1

Author Comment

by:jjoz
ID: 34986962
Davorin, thanks for the reply, OWA is not activated for outside access deliberately so it is expected, however only this Outlook Anywhere that I want to activate it.

so OWA is not a problem now.
0
 
LVL 27

Expert Comment

by:davorin
ID: 34987060
Accessing to OWA is just the fastest way tho check if everything is OK with a cert. You can still try to help you with two links I have posted.
OA is not a typo - it stands for Outlook Anywhere (Just in case we did not understood correctly ;))
0
 
LVL 1

Author Comment

by:jjoz
ID: 34987237
ah yes, my bad. i thought that was typo.

thakns for the advice and I shall test it out next week mate.
0
 
LVL 1

Author Closing Comment

by:jjoz
ID: 34991217
Yes, you are right, that this is impossible for now.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Finding original email is quite difficult due to their duplicates. From this article, you will come to know why multiple duplicates of same emails appear and how to delete duplicate emails from Outlook securely and instantly while vital emails remai…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now