Solved

Exchange 2013 unable to configure outlook without being on the domain

Posted on 2014-03-19
17
1,489 Views
Last Modified: 2014-04-08
Hi All,
We have an Exchange 2013 server in production running on a Windows 2012 server and when a computer that has not been joined to the domain but has domain credentials the exchange server rejects outlook from configuring and connecting.
I am just wondering if there is an option to allow connections from a computer that is not on a domain/untrusted but with domain credentials?
Thanks
Joe
0
Comment
Question by:joestramandinoli
  • 10
  • 6
17 Comments
 
LVL 6

Expert Comment

by:rick81
ID: 39941435
do you have your autoname dns setup correctly
have you got a ssl cert installed, outlook anywhere enabled?
0
 

Author Comment

by:joestramandinoli
ID: 39941443
Hi,
Thanks for the response.
ssl cert has been installed and we can browse things like owa with no cert issues.
It is just when outlook tries to connect it can see the server but when it tries to load the outlook profile it says that it can't download the default folders.
As soon as the computer has been joined to the domain it works without any issues.
Thanks
Joe
0
 
LVL 6

Expert Comment

by:rick81
ID: 39941460
i've had this problem before, its common.  cant remember what i did to resolve.
your autodiscover is setup correctly right?

you could try this workaround.

http://camerondwyer.wordpress.com/2013/01/21/how-to-setup-outlook-2013-to-connect-to-an-exchange-2013-account-in-a-different-domain/

or this.

http://helpdesk.princeton.edu/kb/display.plx?ID=9863
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 13

Expert Comment

by:Andy M
ID: 39941925
What OS/Version of Outlook are you running on the computer? Note that Windows XP has a lot of issues with Exchange 2013 and you also have to make sure that Outlook is appropriately patched as well:

Outlook 2003 - won't work at all.
Outlook 2007 - believe it has to be on SP2/3 at minimum.
Outlook 2010 - believe it has to be on at least SP1

We had similar issues with a client who migrated to Exchange 2013 but didn't update the workstations and had issues like unable to connect to exchange, unable to view public folders, etc.
0
 

Author Comment

by:joestramandinoli
ID: 39942042
Hi Rick - Thanks I will check those links.

Hi Morty500UK - Thanks for that but the clients are using both 2010 and 2013. If they are off the domain it won't work but as soon as they are joined to the domain everything works.

Thanks

Joe
0
 

Author Comment

by:joestramandinoli
ID: 39944147
Hi All,
Here is the error message I receive:
Cannot start Microsoft Outlook. Cannot open the Outlooks Window. The set of folders cannot be opened. You must connect to Microsoft Exchange with the current profile before you can synchronize your folders with your Outlook data file (.ost).
When I go through creating the profile, I am prompted to authenticate and it does so with no problems however, when I try to access outlook all I get is that error.
Thanks
Joe
0
 
LVL 6

Expert Comment

by:rick81
ID: 39944198
i know with exch2007 i had to adjust a reg entry to get this to work.  
with 2013 i thought as long as outlook anywhere, ssl cert and autodiscover were configured correctly this would work.   i could be wrong.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39944204
0
 
LVL 6

Expert Comment

by:rick81
ID: 39944415
also just came across this

this talks about ssl cert config for ex2013.

Trusted Certificate Authority

"For a client to trust the SSL certificate that a server is using the certificate must be issued by a certificate authority that the client already trusts.

If you’re using a private certificate authority to issue SSL certificates to your Exchange 2013 servers, and that CA is an enterprise CA in your AD forest, then that CA will already be trusted by clients that are members of domains in that AD forest. Non-domain members will not trust the CA unless the root certificate is imported into their trusted CA list."

i would try manually installing the self signed cert onto a computer not in the domain.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39952466
the fix for this is to add an internal DNS entry for autodiscover.

a similar fix using host file is this link.

http://camerondwyer.wordpress.com/2013/01/21/how-to-setup-outlook-2013-to-connect-to-an-exchange-2013-account-in-a-different-domain/
0
 

Author Comment

by:joestramandinoli
ID: 39987580
Hi All - Looking to buy a certificate - Is it just a SSL wildcard certificate that will cut the mustard on this one or does it need to be a specific type of certificate?
0
 
LVL 6

Expert Comment

by:rick81
ID: 39987586
0
 
LVL 6

Expert Comment

by:rick81
ID: 39987588
0
 

Author Comment

by:joestramandinoli
ID: 39987591
So will this wildcard one not work?

http://au.godaddy.com/ssl/ssl-certificates.aspx?ci=9039
0
 
LVL 6

Accepted Solution

by:
rick81 earned 500 total points
ID: 39987603
wildcard will also work.  UC is just the preferred cert as it always you to use multiple domain names.  if you only have 1 domain name and or sub domains then the wildcard would be fine.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39987605
* UC is the preferred as it allows you to use multiple domain names
0
 

Author Comment

by:joestramandinoli
ID: 39987620
Thanks for your responses rick81
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
New firewall implementation guidance 12 60
Exchange 2010 SP1 to SP3 + RU16 8 41
Intune/ Microsoft EMS 1 31
outloo, calendar 11 17
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question