Solved

password access from Outlook to Exchange for just two users

Posted on 2014-12-05
7
101 Views
Last Modified: 2014-12-08
At a certain small office most users don't have to enter passwords to access exchange from their outlook. Its controlled by their windows login. But two of the users wish to have to enter a different password in order to access exchange. The rest are happy with the way it is. How do I do that? Exchange Server 2010.
0
Comment
Question by:Peter Heinicke
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40483494
Outlook can only use the AD domain for authentication.
Therefore the only way you can do it is to have two accounts - one for Windows login and one for email. The Windows login would not have any permissions on the email account, so they have to login to it.

Simon.
0
 
LVL 4

Expert Comment

by:SEHC
ID: 40483691
HI

if you are using outlook anywhere you can set it to connect via slow and fast networks and that will ask for there login and passwords all the time.  

other then that Simon would be correct.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40483977
It will only prompt for a password if you use basic authentication. If you use integrated authentication then it will not.
Furthermore, Autodiscover will remove the entry to use Outlook Anywhere on fast connections.

Simon.
0
Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

 
LVL 24

Expert Comment

by:VB ITS
ID: 40484273
You can create a separate mailbox with a different password, and then create a new Outlook profile for this new mailbox on the two users' machines. As their account won't have access to these new mailboxes by default they'll be prompted for credentials when they open Outlook.

You can then look at importing their emails and email addresses to this separate mailbox.
0
 

Author Comment

by:Peter Heinicke
ID: 40486146
Here's what I did which was not that great. I checked the "Always prompt for Login Credentials" in the outlook security tab for the account. Then, I had to change the username to the windows username domain\user in order to connect from outlook. This still lets me see the already received mail if I can't connect so it isn't that great, but the users can't then get any more email that hasn't been received yet.

VB ITS: Which group in EMC do I add the email account to which is not connected to an AD user? I have Windows Server 2011 SBS.
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 500 total points
ID: 40486210
Create a new dummy account and attach it to that. What I tend to do is create the account in a separate OU (as this will let you use the same display name) but use a different username and mailbox alias.

Consider the following:
The user account for John Doe is in located in domain.com\Company\Users in Active Directory Users and Computers
The username for John Doe is john
The mailbox alias for John Doe is john

I would then create a dummy account for John Doe using the below details:
Create a new account for John Doe in domain.com\Company\Mailboxes in Active Directory Users and Computers (create the Mailboxes Organizational Unit if it doesn't exist)
Assign a new account with the username john.doe (as usernames are unique) for both the user logon name and pre-Windows 2000 user logon name
Assign this account the mailbox alias of john.doe

Set up a new Outlook profile to connect to the new john.doe dummy mailbox and configure Outlook to prompt for which profile to use. As the john account won't have access to the john.doe mailbox, the user will be prompted for the username and password for the john.doe account.

If this works, you will then need to export the contents of the john mailbox then import them into the john.doe mailbox as well as the email addresses.
You'll also need to configure Outlook to always launch the profile for john.doe going forward.

Bit of a pain setting it up but it'll do what you want.

May I ask what is pre-empting this request? Do these two users have concerns regarding security of some sort? Just wondering why the strange request.
0
 

Author Comment

by:Peter Heinicke
ID: 40487028
Yes, it is sort of an internal politics sort of thing. As long as the users are part of the organization, management wants to give them some privacy or at least a feeling of privacy. If they leave, management wants to be able to read their emails.
0

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question