Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 116
  • Last Modified:

Exchange 2007 SP3 + Active Sync

I am looking for a solution, where users via their devices, that use Microsoft's active sync go through say webmail01.xyz.com.

When they go through OWA they go through webmail02.xyz.com.  I want this URL  not to use active sync at all.

Can this be done via Exchange 2007 SP3?

thanks
0
techgenious
Asked:
techgenious
  • 3
  • 3
1 Solution
 
it_saigeDeveloperCommented:
Theoretically, you could, but I have to ask, is there a specific reason why?

-saige-
0
 
techgeniousAuthor Commented:
Yes  more for security reasons to separate the two.
How can it be done ?
0
 
techgeniousAuthor Commented:
It was asked by management and they want them separated due to security reasons ?
Thanks
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
it_saigeDeveloperCommented:
Simply changing the url does not change the security landscape.  Management has to understand, that whether one address or many are used, ultimately, the service requests for OWA and ActiveSync, get answered by the same mechanism, your CAS [or Client Access Server].  The key is securing each of the services path's to the CAS [e.g. - Using SSL, WindowsIntegrated Authentication and FBA (Forms Based Authentication)].

More on Securing an Exchange 2007 Client Access Server:
http://www.msexchange.org/articles-tutorials/exchange-server-2007/mobility-client-access/securing-exchange-2007-client-access-server-3rd-party-san-certificate.html
http://technet.microsoft.com/en-us/library/bb400932(v=exchg.141).aspx

More on Hardening Exchange Server 2007:
http://www.msexchange.org/articles-tutorials/exchange-server-2007/security-message-hygiene/hardening-exchange-server-2007-part1.html

-saige-
0
 
techgeniousAuthor Commented:
Thanks Saige let me check those articles.

The overall issue they have is, if you are able to obtain my user ID & password you can get into our network.
We want to have a infrastructure where, if the device is not configured to enter our network, then they cannot get in.

Example:
configuring their email with the stolen user ID & Password and getting the users email.  We want it where devices are also are authorized the internal network.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now