Exchange 2013 unable to configure outlook without being on the domain

Hi All,
We have an Exchange 2013 server in production running on a Windows 2012 server and when a computer that has not been joined to the domain but has domain credentials the exchange server rejects outlook from configuring and connecting.
I am just wondering if there is an option to allow connections from a computer that is not on a domain/untrusted but with domain credentials?
Thanks
Joe
joestramandinoliAsked:
Who is Participating?
 
rick81Connect With a Mentor Commented:
wildcard will also work.  UC is just the preferred cert as it always you to use multiple domain names.  if you only have 1 domain name and or sub domains then the wildcard would be fine.
0
 
rick81Commented:
do you have your autoname dns setup correctly
have you got a ssl cert installed, outlook anywhere enabled?
0
 
joestramandinoliAuthor Commented:
Hi,
Thanks for the response.
ssl cert has been installed and we can browse things like owa with no cert issues.
It is just when outlook tries to connect it can see the server but when it tries to load the outlook profile it says that it can't download the default folders.
As soon as the computer has been joined to the domain it works without any issues.
Thanks
Joe
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
rick81Commented:
i've had this problem before, its common.  cant remember what i did to resolve.
your autodiscover is setup correctly right?

you could try this workaround.

http://camerondwyer.wordpress.com/2013/01/21/how-to-setup-outlook-2013-to-connect-to-an-exchange-2013-account-in-a-different-domain/

or this.

http://helpdesk.princeton.edu/kb/display.plx?ID=9863
0
 
Andy MInternal Systems ManagerCommented:
What OS/Version of Outlook are you running on the computer? Note that Windows XP has a lot of issues with Exchange 2013 and you also have to make sure that Outlook is appropriately patched as well:

Outlook 2003 - won't work at all.
Outlook 2007 - believe it has to be on SP2/3 at minimum.
Outlook 2010 - believe it has to be on at least SP1

We had similar issues with a client who migrated to Exchange 2013 but didn't update the workstations and had issues like unable to connect to exchange, unable to view public folders, etc.
0
 
joestramandinoliAuthor Commented:
Hi Rick - Thanks I will check those links.

Hi Morty500UK - Thanks for that but the clients are using both 2010 and 2013. If they are off the domain it won't work but as soon as they are joined to the domain everything works.

Thanks

Joe
0
 
joestramandinoliAuthor Commented:
Hi All,
Here is the error message I receive:
Cannot start Microsoft Outlook. Cannot open the Outlooks Window. The set of folders cannot be opened. You must connect to Microsoft Exchange with the current profile before you can synchronize your folders with your Outlook data file (.ost).
When I go through creating the profile, I am prompted to authenticate and it does so with no problems however, when I try to access outlook all I get is that error.
Thanks
Joe
0
 
rick81Commented:
i know with exch2007 i had to adjust a reg entry to get this to work.  
with 2013 i thought as long as outlook anywhere, ssl cert and autodiscover were configured correctly this would work.   i could be wrong.
0
 
rick81Commented:
0
 
rick81Commented:
also just came across this

this talks about ssl cert config for ex2013.

Trusted Certificate Authority

"For a client to trust the SSL certificate that a server is using the certificate must be issued by a certificate authority that the client already trusts.

If you’re using a private certificate authority to issue SSL certificates to your Exchange 2013 servers, and that CA is an enterprise CA in your AD forest, then that CA will already be trusted by clients that are members of domains in that AD forest. Non-domain members will not trust the CA unless the root certificate is imported into their trusted CA list."

i would try manually installing the self signed cert onto a computer not in the domain.
0
 
rick81Commented:
the fix for this is to add an internal DNS entry for autodiscover.

a similar fix using host file is this link.

http://camerondwyer.wordpress.com/2013/01/21/how-to-setup-outlook-2013-to-connect-to-an-exchange-2013-account-in-a-different-domain/
0
 
joestramandinoliAuthor Commented:
Hi All - Looking to buy a certificate - Is it just a SSL wildcard certificate that will cut the mustard on this one or does it need to be a specific type of certificate?
0
 
rick81Commented:
0
 
joestramandinoliAuthor Commented:
So will this wildcard one not work?

http://au.godaddy.com/ssl/ssl-certificates.aspx?ci=9039
0
 
rick81Commented:
* UC is the preferred as it allows you to use multiple domain names
0
 
joestramandinoliAuthor Commented:
Thanks for your responses rick81
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.