Solved

Exchange 2013 unable to configure outlook without being on the domain

Posted on 2014-03-19
17
1,403 Views
Last Modified: 2014-04-08
Hi All,
We have an Exchange 2013 server in production running on a Windows 2012 server and when a computer that has not been joined to the domain but has domain credentials the exchange server rejects outlook from configuring and connecting.
I am just wondering if there is an option to allow connections from a computer that is not on a domain/untrusted but with domain credentials?
Thanks
Joe
0
Comment
Question by:joestramandinoli
  • 10
  • 6
17 Comments
 
LVL 6

Expert Comment

by:rick81
ID: 39941435
do you have your autoname dns setup correctly
have you got a ssl cert installed, outlook anywhere enabled?
0
 

Author Comment

by:joestramandinoli
ID: 39941443
Hi,
Thanks for the response.
ssl cert has been installed and we can browse things like owa with no cert issues.
It is just when outlook tries to connect it can see the server but when it tries to load the outlook profile it says that it can't download the default folders.
As soon as the computer has been joined to the domain it works without any issues.
Thanks
Joe
0
 
LVL 6

Expert Comment

by:rick81
ID: 39941460
i've had this problem before, its common.  cant remember what i did to resolve.
your autodiscover is setup correctly right?

you could try this workaround.

http://camerondwyer.wordpress.com/2013/01/21/how-to-setup-outlook-2013-to-connect-to-an-exchange-2013-account-in-a-different-domain/

or this.

http://helpdesk.princeton.edu/kb/display.plx?ID=9863
0
 
LVL 13

Expert Comment

by:Andy M
ID: 39941925
What OS/Version of Outlook are you running on the computer? Note that Windows XP has a lot of issues with Exchange 2013 and you also have to make sure that Outlook is appropriately patched as well:

Outlook 2003 - won't work at all.
Outlook 2007 - believe it has to be on SP2/3 at minimum.
Outlook 2010 - believe it has to be on at least SP1

We had similar issues with a client who migrated to Exchange 2013 but didn't update the workstations and had issues like unable to connect to exchange, unable to view public folders, etc.
0
 

Author Comment

by:joestramandinoli
ID: 39942042
Hi Rick - Thanks I will check those links.

Hi Morty500UK - Thanks for that but the clients are using both 2010 and 2013. If they are off the domain it won't work but as soon as they are joined to the domain everything works.

Thanks

Joe
0
 

Author Comment

by:joestramandinoli
ID: 39944147
Hi All,
Here is the error message I receive:
Cannot start Microsoft Outlook. Cannot open the Outlooks Window. The set of folders cannot be opened. You must connect to Microsoft Exchange with the current profile before you can synchronize your folders with your Outlook data file (.ost).
When I go through creating the profile, I am prompted to authenticate and it does so with no problems however, when I try to access outlook all I get is that error.
Thanks
Joe
0
 
LVL 6

Expert Comment

by:rick81
ID: 39944198
i know with exch2007 i had to adjust a reg entry to get this to work.  
with 2013 i thought as long as outlook anywhere, ssl cert and autodiscover were configured correctly this would work.   i could be wrong.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39944204
0
Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

 
LVL 6

Expert Comment

by:rick81
ID: 39944415
also just came across this

this talks about ssl cert config for ex2013.

Trusted Certificate Authority

"For a client to trust the SSL certificate that a server is using the certificate must be issued by a certificate authority that the client already trusts.

If you’re using a private certificate authority to issue SSL certificates to your Exchange 2013 servers, and that CA is an enterprise CA in your AD forest, then that CA will already be trusted by clients that are members of domains in that AD forest. Non-domain members will not trust the CA unless the root certificate is imported into their trusted CA list."

i would try manually installing the self signed cert onto a computer not in the domain.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39952466
the fix for this is to add an internal DNS entry for autodiscover.

a similar fix using host file is this link.

http://camerondwyer.wordpress.com/2013/01/21/how-to-setup-outlook-2013-to-connect-to-an-exchange-2013-account-in-a-different-domain/
0
 

Author Comment

by:joestramandinoli
ID: 39987580
Hi All - Looking to buy a certificate - Is it just a SSL wildcard certificate that will cut the mustard on this one or does it need to be a specific type of certificate?
0
 
LVL 6

Expert Comment

by:rick81
ID: 39987586
0
 
LVL 6

Expert Comment

by:rick81
ID: 39987588
0
 

Author Comment

by:joestramandinoli
ID: 39987591
So will this wildcard one not work?

http://au.godaddy.com/ssl/ssl-certificates.aspx?ci=9039
0
 
LVL 6

Accepted Solution

by:
rick81 earned 500 total points
ID: 39987603
wildcard will also work.  UC is just the preferred cert as it always you to use multiple domain names.  if you only have 1 domain name and or sub domains then the wildcard would be fine.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39987605
* UC is the preferred as it allows you to use multiple domain names
0
 

Author Comment

by:joestramandinoli
ID: 39987620
Thanks for your responses rick81
0

Featured Post

Free book by J.Peter Bruzzese, Microsoft MVP

Are you using Office 365? Trying to set up email signatures but you’re struggling with transport rules and connectors? Let renowned Microsoft MVP J.Peter Bruzzese show you how in this exclusive e-book on Office 365 email signatures. Better yet, it’s free!

Join & Write a Comment

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now