• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 519
  • Last Modified:

Securing outlook Anywhere using certificate for Outlook 2007 user authentication only

Hi Everyone,

I'd like to know if it is possible to secure Outlook 2007 Anywhere using certificate base ? so that user can just import the certificate that I created internally here and then just selecting the certificate name rather than typing their DOMAIN\username everytimethey connect to the remote head quarter base from their home laptop ?

At the moment I do have SAN certificate for my OWA issued by 3rd party CA, but only for the user that i'd like to know if it is possible.

Any pointer to resolve this issue would be greatly appreciated.

Thanks
0
jjoz
Asked:
jjoz
  • 7
  • 5
1 Solution
 
jjozAuthor Commented:
by using the certificate that i must install to each user desktop generated by the internal CA, so it becomes more secure and easier for the user just select the dropdown list of the certificate rather than typing the username and password.
0
 
davorinCommented:
I'm afraid this is not possible.
Unless you can write a new outlook plug-in which will show the list of personal certificates at the time of authentication. You will need also at server side mechanism to to accept/reject certificates and change it into correct user logon.
0
 
jjozAuthor Commented:
ok, so the only authentication is only username and password manual type ?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
davorinCommented:
Actually yes. There are two auth. types (basic & NTLM) , but both prompts for password.
Some additional info:
http://technet.microsoft.com/en-us/library/bb430792.aspx
0
 
jjozAuthor Commented:
ahh OK, because I have imported the SSL that was generated by the internal company CA and yes I was able to select the certificate, but somehow it just keep asking me again and again.

maybe you are right, typing the password manually is the only way to go with Outlook Anywhere 2007.
0
 
davorinCommented:
Do you get password prompt ot opening outlook or continually when the outlook is open?
If it is the second case, you will need to (suggest fully) update exchange server.
This problem was solved by SP1 Rollup 9.
0
 
jjozAuthor Commented:
at the opening only, and I never be able to connect.
0
 
davorinCommented:
So OA is actually not working.
You can use this site to test your setup:
https://www.testexchangeconnectivity.com/

You can also try to use outlook /rpcdiag from LAN.
http://www.amset.info/exchange/rpc-http-diag.asp

In most cases the problem is with non trusted certificates, but in this case you are using 3dr party cert, so this should not be a problem. Anyway I always make sure, that when PC connects to OWA that cert is trusted and also chech out if in trusted root CA is listed CA who issued the cert.
0
 
jjozAuthor Commented:
Davorin, thanks for the reply, OWA is not activated for outside access deliberately so it is expected, however only this Outlook Anywhere that I want to activate it.

so OWA is not a problem now.
0
 
davorinCommented:
Accessing to OWA is just the fastest way tho check if everything is OK with a cert. You can still try to help you with two links I have posted.
OA is not a typo - it stands for Outlook Anywhere (Just in case we did not understood correctly ;))
0
 
jjozAuthor Commented:
ah yes, my bad. i thought that was typo.

thakns for the advice and I shall test it out next week mate.
0
 
jjozAuthor Commented:
Yes, you are right, that this is impossible for now.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 7
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now