Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Separate passwords for AD and Outlook 2010/Exchange 2010

Posted on 2014-04-03
11
Medium Priority
?
1,317 Views
Last Modified: 2014-04-18
I'm sure I'm missing something easy.  AD with Server 2012 DC, Exchange 2010SP1 and Outlook 2010.  

Is there a way to have one password for AD and a different password for e-mail?

Searched for "separate AD and Outlook passwords" and turned up nothing.

Thanks in advance.
0
Comment
Question by:EdlenIT
  • 5
  • 4
  • 2
11 Comments
 
LVL 57

Assisted Solution

by:McKnife
McKnife earned 501 total points
ID: 39975646
Hi.

You would have to setup a different mailbox user for that user. Possible.
0
 

Author Comment

by:EdlenIT
ID: 39975657
Can you please explain?  If my AD account is john.doe, can my email not be john.doe@some_company.com and have a separate password?
0
 
LVL 57

Expert Comment

by:McKnife
ID: 39975757
You would leave your mail being john.doe@some_company.com but untie it from your mailbox and tie it to the mailbox of a different user. Then you would reconfigure outlook to use another user's account and avoid credential saving. That way it will work, I guarantee.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 38

Assisted Solution

by:Mahesh
Mahesh earned 999 total points
ID: 39977452
What you are trying to do is simply not possible

MS Exchange is tightly \ completely integrated with Active Directory and this behavior is there since Exchange 2000 I believe

Exchange will always use AD user and password and authenticate through domain controller only and it do not have its own LDAP \ user database.

Mahesh.
0
 
LVL 57

Expert Comment

by:McKnife
ID: 39977644
Hi Mahesh.

It is possible, we are using it. Read my description. You can easily override auto-discovery of user names and intentionally circumvent single sign on.
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39977670
Yes, McKnife, whatever you are saying may be correct
But I think real question " is it possible to have separate password for AD user and Exchange Mailbox? That is what author is asking if I am not wrong..

Since Exchange mailbox is associated with Active directory user and not to its own LDAP user as it don't have one.

By attaching user email ID to another mailbox and using that mailbox would require that you have to manage two separate user accounts for single physical user and the another account credentials will \ can operate that mailbox
I really don't see any benefit with this and this will defeat the purpose of Exchange native AD integration.

What author is expecting here is just like Domino Lotus notes that is running as standalone application and maintaining its own users and passwords and after logon to machine when user fires up lotus notes it needs to enter the password for mailbox.
This means lotus admin will manage lotus users and AD admin will manage AD users

Hi EdlenIT, please share your thoughts

Mahesh.
0
 

Author Comment

by:EdlenIT
ID: 39978601
Mahesh - You are correct.  My intention is to log in to AD at my workstation with PasswordA then launch Outlook 2010 on Exchange 2010SP1 with a separate password for the email account associated to the AD account.
0
 
LVL 57

Expert Comment

by:McKnife
ID: 39978621
And that works as described.
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39978627
Thanks for confirmation

As you read previous comments, it is not possible natively with Exchange 2010
However you can do workaround as suggested by McKnife, but it not what you are looking for.

Mahesh.
0
 
LVL 57

Expert Comment

by:McKnife
ID: 39980107
If he wants separate passwords for logon and mail and what you may indeed call a workaround offers that, why "isn't that what he is looking for"?
0
 
LVL 38

Accepted Solution

by:
Mahesh earned 999 total points
ID: 39980289
Because then he would require to maintain two ad user accounts per physical user which I don't think he is really looking for.

Mahesh.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question