password access from Outlook to Exchange for just two users

At a certain small office most users don't have to enter passwords to access exchange from their outlook. Its controlled by their windows login. But two of the users wish to have to enter a different password in order to access exchange. The rest are happy with the way it is. How do I do that? Exchange Server 2010.
Peter HeinickeCEOAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Simon Butler (Sembee)ConsultantCommented:
Outlook can only use the AD domain for authentication.
Therefore the only way you can do it is to have two accounts - one for Windows login and one for email. The Windows login would not have any permissions on the email account, so they have to login to it.

Simon.
0
SEHCCommented:
HI

if you are using outlook anywhere you can set it to connect via slow and fast networks and that will ask for there login and passwords all the time.  

other then that Simon would be correct.
0
Simon Butler (Sembee)ConsultantCommented:
It will only prompt for a password if you use basic authentication. If you use integrated authentication then it will not.
Furthermore, Autodiscover will remove the entry to use Outlook Anywhere on fast connections.

Simon.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

VB ITSSpecialist ConsultantCommented:
You can create a separate mailbox with a different password, and then create a new Outlook profile for this new mailbox on the two users' machines. As their account won't have access to these new mailboxes by default they'll be prompted for credentials when they open Outlook.

You can then look at importing their emails and email addresses to this separate mailbox.
0
Peter HeinickeCEOAuthor Commented:
Here's what I did which was not that great. I checked the "Always prompt for Login Credentials" in the outlook security tab for the account. Then, I had to change the username to the windows username domain\user in order to connect from outlook. This still lets me see the already received mail if I can't connect so it isn't that great, but the users can't then get any more email that hasn't been received yet.

VB ITS: Which group in EMC do I add the email account to which is not connected to an AD user? I have Windows Server 2011 SBS.
0
VB ITSSpecialist ConsultantCommented:
Create a new dummy account and attach it to that. What I tend to do is create the account in a separate OU (as this will let you use the same display name) but use a different username and mailbox alias.

Consider the following:
The user account for John Doe is in located in domain.com\Company\Users in Active Directory Users and Computers
The username for John Doe is john
The mailbox alias for John Doe is john

I would then create a dummy account for John Doe using the below details:
Create a new account for John Doe in domain.com\Company\Mailboxes in Active Directory Users and Computers (create the Mailboxes Organizational Unit if it doesn't exist)
Assign a new account with the username john.doe (as usernames are unique) for both the user logon name and pre-Windows 2000 user logon name
Assign this account the mailbox alias of john.doe

Set up a new Outlook profile to connect to the new john.doe dummy mailbox and configure Outlook to prompt for which profile to use. As the john account won't have access to the john.doe mailbox, the user will be prompted for the username and password for the john.doe account.

If this works, you will then need to export the contents of the john mailbox then import them into the john.doe mailbox as well as the email addresses.
You'll also need to configure Outlook to always launch the profile for john.doe going forward.

Bit of a pain setting it up but it'll do what you want.

May I ask what is pre-empting this request? Do these two users have concerns regarding security of some sort? Just wondering why the strange request.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Peter HeinickeCEOAuthor Commented:
Yes, it is sort of an internal politics sort of thing. As long as the users are part of the organization, management wants to give them some privacy or at least a feeling of privacy. If they leave, management wants to be able to read their emails.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.