Solved

Securing outlook Anywhere using certificate for Outlook 2007 user authentication only

Posted on 2011-02-23
12
508 Views
Last Modified: 2012-05-11
Hi Everyone,

I'd like to know if it is possible to secure Outlook 2007 Anywhere using certificate base ? so that user can just import the certificate that I created internally here and then just selecting the certificate name rather than typing their DOMAIN\username everytimethey connect to the remote head quarter base from their home laptop ?

At the moment I do have SAN certificate for my OWA issued by 3rd party CA, but only for the user that i'd like to know if it is possible.

Any pointer to resolve this issue would be greatly appreciated.

Thanks
0
Comment
Question by:jjoz
  • 7
  • 5
12 Comments
 
LVL 1

Author Comment

by:jjoz
ID: 34967502
by using the certificate that i must install to each user desktop generated by the internal CA, so it becomes more secure and easier for the user just select the dropdown list of the certificate rather than typing the username and password.
0
 
LVL 27

Accepted Solution

by:
davorin earned 500 total points
ID: 34973330
I'm afraid this is not possible.
Unless you can write a new outlook plug-in which will show the list of personal certificates at the time of authentication. You will need also at server side mechanism to to accept/reject certificates and change it into correct user logon.
0
 
LVL 1

Author Comment

by:jjoz
ID: 34973783
ok, so the only authentication is only username and password manual type ?
0
 
LVL 27

Expert Comment

by:davorin
ID: 34974406
Actually yes. There are two auth. types (basic & NTLM) , but both prompts for password.
Some additional info:
http://technet.microsoft.com/en-us/library/bb430792.aspx
0
 
LVL 1

Author Comment

by:jjoz
ID: 34974927
ahh OK, because I have imported the SSL that was generated by the internal company CA and yes I was able to select the certificate, but somehow it just keep asking me again and again.

maybe you are right, typing the password manually is the only way to go with Outlook Anywhere 2007.
0
 
LVL 27

Expert Comment

by:davorin
ID: 34982356
Do you get password prompt ot opening outlook or continually when the outlook is open?
If it is the second case, you will need to (suggest fully) update exchange server.
This problem was solved by SP1 Rollup 9.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 1

Author Comment

by:jjoz
ID: 34985617
at the opening only, and I never be able to connect.
0
 
LVL 27

Expert Comment

by:davorin
ID: 34986933
So OA is actually not working.
You can use this site to test your setup:
https://www.testexchangeconnectivity.com/

You can also try to use outlook /rpcdiag from LAN.
http://www.amset.info/exchange/rpc-http-diag.asp

In most cases the problem is with non trusted certificates, but in this case you are using 3dr party cert, so this should not be a problem. Anyway I always make sure, that when PC connects to OWA that cert is trusted and also chech out if in trusted root CA is listed CA who issued the cert.
0
 
LVL 1

Author Comment

by:jjoz
ID: 34986962
Davorin, thanks for the reply, OWA is not activated for outside access deliberately so it is expected, however only this Outlook Anywhere that I want to activate it.

so OWA is not a problem now.
0
 
LVL 27

Expert Comment

by:davorin
ID: 34987060
Accessing to OWA is just the fastest way tho check if everything is OK with a cert. You can still try to help you with two links I have posted.
OA is not a typo - it stands for Outlook Anywhere (Just in case we did not understood correctly ;))
0
 
LVL 1

Author Comment

by:jjoz
ID: 34987237
ah yes, my bad. i thought that was typo.

thakns for the advice and I shall test it out next week mate.
0
 
LVL 1

Author Closing Comment

by:jjoz
ID: 34991217
Yes, you are right, that this is impossible for now.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now