Solved

Exchange 2013 unable to configure outlook without being on the domain

Posted on 2014-03-19
17
1,519 Views
Last Modified: 2014-04-08
Hi All,
We have an Exchange 2013 server in production running on a Windows 2012 server and when a computer that has not been joined to the domain but has domain credentials the exchange server rejects outlook from configuring and connecting.
I am just wondering if there is an option to allow connections from a computer that is not on a domain/untrusted but with domain credentials?
Thanks
Joe
0
Comment
Question by:joestramandinoli
  • 10
  • 6
17 Comments
 
LVL 6

Expert Comment

by:rick81
ID: 39941435
do you have your autoname dns setup correctly
have you got a ssl cert installed, outlook anywhere enabled?
0
 

Author Comment

by:joestramandinoli
ID: 39941443
Hi,
Thanks for the response.
ssl cert has been installed and we can browse things like owa with no cert issues.
It is just when outlook tries to connect it can see the server but when it tries to load the outlook profile it says that it can't download the default folders.
As soon as the computer has been joined to the domain it works without any issues.
Thanks
Joe
0
 
LVL 6

Expert Comment

by:rick81
ID: 39941460
i've had this problem before, its common.  cant remember what i did to resolve.
your autodiscover is setup correctly right?

you could try this workaround.

http://camerondwyer.wordpress.com/2013/01/21/how-to-setup-outlook-2013-to-connect-to-an-exchange-2013-account-in-a-different-domain/

or this.

http://helpdesk.princeton.edu/kb/display.plx?ID=9863
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 13

Expert Comment

by:Andy M
ID: 39941925
What OS/Version of Outlook are you running on the computer? Note that Windows XP has a lot of issues with Exchange 2013 and you also have to make sure that Outlook is appropriately patched as well:

Outlook 2003 - won't work at all.
Outlook 2007 - believe it has to be on SP2/3 at minimum.
Outlook 2010 - believe it has to be on at least SP1

We had similar issues with a client who migrated to Exchange 2013 but didn't update the workstations and had issues like unable to connect to exchange, unable to view public folders, etc.
0
 

Author Comment

by:joestramandinoli
ID: 39942042
Hi Rick - Thanks I will check those links.

Hi Morty500UK - Thanks for that but the clients are using both 2010 and 2013. If they are off the domain it won't work but as soon as they are joined to the domain everything works.

Thanks

Joe
0
 

Author Comment

by:joestramandinoli
ID: 39944147
Hi All,
Here is the error message I receive:
Cannot start Microsoft Outlook. Cannot open the Outlooks Window. The set of folders cannot be opened. You must connect to Microsoft Exchange with the current profile before you can synchronize your folders with your Outlook data file (.ost).
When I go through creating the profile, I am prompted to authenticate and it does so with no problems however, when I try to access outlook all I get is that error.
Thanks
Joe
0
 
LVL 6

Expert Comment

by:rick81
ID: 39944198
i know with exch2007 i had to adjust a reg entry to get this to work.  
with 2013 i thought as long as outlook anywhere, ssl cert and autodiscover were configured correctly this would work.   i could be wrong.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39944204
0
 
LVL 6

Expert Comment

by:rick81
ID: 39944415
also just came across this

this talks about ssl cert config for ex2013.

Trusted Certificate Authority

"For a client to trust the SSL certificate that a server is using the certificate must be issued by a certificate authority that the client already trusts.

If you’re using a private certificate authority to issue SSL certificates to your Exchange 2013 servers, and that CA is an enterprise CA in your AD forest, then that CA will already be trusted by clients that are members of domains in that AD forest. Non-domain members will not trust the CA unless the root certificate is imported into their trusted CA list."

i would try manually installing the self signed cert onto a computer not in the domain.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39952466
the fix for this is to add an internal DNS entry for autodiscover.

a similar fix using host file is this link.

http://camerondwyer.wordpress.com/2013/01/21/how-to-setup-outlook-2013-to-connect-to-an-exchange-2013-account-in-a-different-domain/
0
 

Author Comment

by:joestramandinoli
ID: 39987580
Hi All - Looking to buy a certificate - Is it just a SSL wildcard certificate that will cut the mustard on this one or does it need to be a specific type of certificate?
0
 
LVL 6

Expert Comment

by:rick81
ID: 39987586
0
 
LVL 6

Expert Comment

by:rick81
ID: 39987588
0
 

Author Comment

by:joestramandinoli
ID: 39987591
So will this wildcard one not work?

http://au.godaddy.com/ssl/ssl-certificates.aspx?ci=9039
0
 
LVL 6

Accepted Solution

by:
rick81 earned 500 total points
ID: 39987603
wildcard will also work.  UC is just the preferred cert as it always you to use multiple domain names.  if you only have 1 domain name and or sub domains then the wildcard would be fine.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39987605
* UC is the preferred as it allows you to use multiple domain names
0
 

Author Comment

by:joestramandinoli
ID: 39987620
Thanks for your responses rick81
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Large Outlook files lead to various unwanted errors and corruption issues. Furthermore, large outlook files can also make Outlook take longer to start-up, search, navigate, and shut-down. So, In this article, i will discuss a method to make your Out…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question