?
Solved

Exchange 2013 unable to configure outlook without being on the domain

Posted on 2014-03-19
17
Medium Priority
?
1,681 Views
Last Modified: 2014-04-08
Hi All,
We have an Exchange 2013 server in production running on a Windows 2012 server and when a computer that has not been joined to the domain but has domain credentials the exchange server rejects outlook from configuring and connecting.
I am just wondering if there is an option to allow connections from a computer that is not on a domain/untrusted but with domain credentials?
Thanks
Joe
0
Comment
Question by:joestramandinoli
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 6
17 Comments
 
LVL 6

Expert Comment

by:rick81
ID: 39941435
do you have your autoname dns setup correctly
have you got a ssl cert installed, outlook anywhere enabled?
0
 

Author Comment

by:joestramandinoli
ID: 39941443
Hi,
Thanks for the response.
ssl cert has been installed and we can browse things like owa with no cert issues.
It is just when outlook tries to connect it can see the server but when it tries to load the outlook profile it says that it can't download the default folders.
As soon as the computer has been joined to the domain it works without any issues.
Thanks
Joe
0
 
LVL 6

Expert Comment

by:rick81
ID: 39941460
i've had this problem before, its common.  cant remember what i did to resolve.
your autodiscover is setup correctly right?

you could try this workaround.

http://camerondwyer.wordpress.com/2013/01/21/how-to-setup-outlook-2013-to-connect-to-an-exchange-2013-account-in-a-different-domain/

or this.

http://helpdesk.princeton.edu/kb/display.plx?ID=9863
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 14

Expert Comment

by:Andy M
ID: 39941925
What OS/Version of Outlook are you running on the computer? Note that Windows XP has a lot of issues with Exchange 2013 and you also have to make sure that Outlook is appropriately patched as well:

Outlook 2003 - won't work at all.
Outlook 2007 - believe it has to be on SP2/3 at minimum.
Outlook 2010 - believe it has to be on at least SP1

We had similar issues with a client who migrated to Exchange 2013 but didn't update the workstations and had issues like unable to connect to exchange, unable to view public folders, etc.
0
 

Author Comment

by:joestramandinoli
ID: 39942042
Hi Rick - Thanks I will check those links.

Hi Morty500UK - Thanks for that but the clients are using both 2010 and 2013. If they are off the domain it won't work but as soon as they are joined to the domain everything works.

Thanks

Joe
0
 

Author Comment

by:joestramandinoli
ID: 39944147
Hi All,
Here is the error message I receive:
Cannot start Microsoft Outlook. Cannot open the Outlooks Window. The set of folders cannot be opened. You must connect to Microsoft Exchange with the current profile before you can synchronize your folders with your Outlook data file (.ost).
When I go through creating the profile, I am prompted to authenticate and it does so with no problems however, when I try to access outlook all I get is that error.
Thanks
Joe
0
 
LVL 6

Expert Comment

by:rick81
ID: 39944198
i know with exch2007 i had to adjust a reg entry to get this to work.  
with 2013 i thought as long as outlook anywhere, ssl cert and autodiscover were configured correctly this would work.   i could be wrong.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39944204
0
 
LVL 6

Expert Comment

by:rick81
ID: 39944415
also just came across this

this talks about ssl cert config for ex2013.

Trusted Certificate Authority

"For a client to trust the SSL certificate that a server is using the certificate must be issued by a certificate authority that the client already trusts.

If you’re using a private certificate authority to issue SSL certificates to your Exchange 2013 servers, and that CA is an enterprise CA in your AD forest, then that CA will already be trusted by clients that are members of domains in that AD forest. Non-domain members will not trust the CA unless the root certificate is imported into their trusted CA list."

i would try manually installing the self signed cert onto a computer not in the domain.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39952466
the fix for this is to add an internal DNS entry for autodiscover.

a similar fix using host file is this link.

http://camerondwyer.wordpress.com/2013/01/21/how-to-setup-outlook-2013-to-connect-to-an-exchange-2013-account-in-a-different-domain/
0
 

Author Comment

by:joestramandinoli
ID: 39987580
Hi All - Looking to buy a certificate - Is it just a SSL wildcard certificate that will cut the mustard on this one or does it need to be a specific type of certificate?
0
 
LVL 6

Expert Comment

by:rick81
ID: 39987586
0
 
LVL 6

Expert Comment

by:rick81
ID: 39987588
0
 

Author Comment

by:joestramandinoli
ID: 39987591
So will this wildcard one not work?

http://au.godaddy.com/ssl/ssl-certificates.aspx?ci=9039
0
 
LVL 6

Accepted Solution

by:
rick81 earned 2000 total points
ID: 39987603
wildcard will also work.  UC is just the preferred cert as it always you to use multiple domain names.  if you only have 1 domain name and or sub domains then the wildcard would be fine.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39987605
* UC is the preferred as it allows you to use multiple domain names
0
 

Author Comment

by:joestramandinoli
ID: 39987620
Thanks for your responses rick81
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month14 days, 6 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question