Solved

Separate passwords for AD and Outlook 2010/Exchange 2010

Posted on 2014-04-03
11
1,061 Views
Last Modified: 2014-04-18
I'm sure I'm missing something easy.  AD with Server 2012 DC, Exchange 2010SP1 and Outlook 2010.  

Is there a way to have one password for AD and a different password for e-mail?

Searched for "separate AD and Outlook passwords" and turned up nothing.

Thanks in advance.
0
Comment
Question by:EdlenIT
  • 5
  • 4
  • 2
11 Comments
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 167 total points
ID: 39975646
Hi.

You would have to setup a different mailbox user for that user. Possible.
0
 

Author Comment

by:EdlenIT
ID: 39975657
Can you please explain?  If my AD account is john.doe, can my email not be john.doe@some_company.com and have a separate password?
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39975757
You would leave your mail being john.doe@some_company.com but untie it from your mailbox and tie it to the mailbox of a different user. Then you would reconfigure outlook to use another user's account and avoid credential saving. That way it will work, I guarantee.
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 333 total points
ID: 39977452
What you are trying to do is simply not possible

MS Exchange is tightly \ completely integrated with Active Directory and this behavior is there since Exchange 2000 I believe

Exchange will always use AD user and password and authenticate through domain controller only and it do not have its own LDAP \ user database.

Mahesh.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39977644
Hi Mahesh.

It is possible, we are using it. Read my description. You can easily override auto-discovery of user names and intentionally circumvent single sign on.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39977670
Yes, McKnife, whatever you are saying may be correct
But I think real question " is it possible to have separate password for AD user and Exchange Mailbox? That is what author is asking if I am not wrong..

Since Exchange mailbox is associated with Active directory user and not to its own LDAP user as it don't have one.

By attaching user email ID to another mailbox and using that mailbox would require that you have to manage two separate user accounts for single physical user and the another account credentials will \ can operate that mailbox
I really don't see any benefit with this and this will defeat the purpose of Exchange native AD integration.

What author is expecting here is just like Domino Lotus notes that is running as standalone application and maintaining its own users and passwords and after logon to machine when user fires up lotus notes it needs to enter the password for mailbox.
This means lotus admin will manage lotus users and AD admin will manage AD users

Hi EdlenIT, please share your thoughts

Mahesh.
0
 

Author Comment

by:EdlenIT
ID: 39978601
Mahesh - You are correct.  My intention is to log in to AD at my workstation with PasswordA then launch Outlook 2010 on Exchange 2010SP1 with a separate password for the email account associated to the AD account.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39978621
And that works as described.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39978627
Thanks for confirmation

As you read previous comments, it is not possible natively with Exchange 2010
However you can do workaround as suggested by McKnife, but it not what you are looking for.

Mahesh.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39980107
If he wants separate passwords for logon and mail and what you may indeed call a workaround offers that, why "isn't that what he is looking for"?
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 333 total points
ID: 39980289
Because then he would require to maintain two ad user accounts per physical user which I don't think he is really looking for.

Mahesh.
0

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now