Solved

Separate passwords for AD and Outlook 2010/Exchange 2010

Posted on 2014-04-03
11
1,155 Views
Last Modified: 2014-04-18
I'm sure I'm missing something easy.  AD with Server 2012 DC, Exchange 2010SP1 and Outlook 2010.  

Is there a way to have one password for AD and a different password for e-mail?

Searched for "separate AD and Outlook passwords" and turned up nothing.

Thanks in advance.
0
Comment
Question by:EdlenIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
11 Comments
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 167 total points
ID: 39975646
Hi.

You would have to setup a different mailbox user for that user. Possible.
0
 

Author Comment

by:EdlenIT
ID: 39975657
Can you please explain?  If my AD account is john.doe, can my email not be john.doe@some_company.com and have a separate password?
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39975757
You would leave your mail being john.doe@some_company.com but untie it from your mailbox and tie it to the mailbox of a different user. Then you would reconfigure outlook to use another user's account and avoid credential saving. That way it will work, I guarantee.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 333 total points
ID: 39977452
What you are trying to do is simply not possible

MS Exchange is tightly \ completely integrated with Active Directory and this behavior is there since Exchange 2000 I believe

Exchange will always use AD user and password and authenticate through domain controller only and it do not have its own LDAP \ user database.

Mahesh.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39977644
Hi Mahesh.

It is possible, we are using it. Read my description. You can easily override auto-discovery of user names and intentionally circumvent single sign on.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39977670
Yes, McKnife, whatever you are saying may be correct
But I think real question " is it possible to have separate password for AD user and Exchange Mailbox? That is what author is asking if I am not wrong..

Since Exchange mailbox is associated with Active directory user and not to its own LDAP user as it don't have one.

By attaching user email ID to another mailbox and using that mailbox would require that you have to manage two separate user accounts for single physical user and the another account credentials will \ can operate that mailbox
I really don't see any benefit with this and this will defeat the purpose of Exchange native AD integration.

What author is expecting here is just like Domino Lotus notes that is running as standalone application and maintaining its own users and passwords and after logon to machine when user fires up lotus notes it needs to enter the password for mailbox.
This means lotus admin will manage lotus users and AD admin will manage AD users

Hi EdlenIT, please share your thoughts

Mahesh.
0
 

Author Comment

by:EdlenIT
ID: 39978601
Mahesh - You are correct.  My intention is to log in to AD at my workstation with PasswordA then launch Outlook 2010 on Exchange 2010SP1 with a separate password for the email account associated to the AD account.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39978621
And that works as described.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39978627
Thanks for confirmation

As you read previous comments, it is not possible natively with Exchange 2010
However you can do workaround as suggested by McKnife, but it not what you are looking for.

Mahesh.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39980107
If he wants separate passwords for logon and mail and what you may indeed call a workaround offers that, why "isn't that what he is looking for"?
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 333 total points
ID: 39980289
Because then he would require to maintain two ad user accounts per physical user which I don't think he is really looking for.

Mahesh.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question