Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 91
  • Last Modified:

Exchange 2010 sub domain access

We have Exchange 2010 with our primary domain setup with several sub-domains. We have a couple laptops that are configured with primary and sub-domain address. The problem is, when a machine leaves the office/LAN it cannot authenticate the sub-domain, just primary. I setup users for each domain too.
0
Harold
Asked:
Harold
  • 5
  • 4
2 Solutions
 
davorinCommented:
I'm not completely sure to understand your problem.
I guess you have AD domain "DomainA" and then a series for mail domains like: @domainA.com. @domainB.com, @domainC.com...
And you want all users to use their mail address as login name (e.g. UserB@domainB.com)
Have you set up UPN in AD fro that domains?
https://apttech.wordpress.com/2012/02/29/what-is-upn-and-why-to-use-it/

Maybe you have problems with autodiscover:
http://www.msexchange.org/articles-tutorials/exchange-server-2010/mobility-client-access/using-autodiscover-large-numbers-accepted-domains-part1.html
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
If you are talking about "Accepted Domains" and you have users trying to use different SMTP domains that are not primary. This is not possible.

You can only have one Primary SMTP domain. However you can still receive email to a single mailbox on multiple addresses (Alias) but you cannot send as an Alias.

If you want to send as one of your Alias addresses you need to change that SMTP address to primary and then have the user send an email.

Will.
0
 
HaroldNetwork EngineerAuthor Commented:
davorin: thought the UPN would help with creation of user names that are the same but just assigning to a different domain, but I still have change the user name, if it matches the original username in the Primary Domain.
0
Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

 
HaroldNetwork EngineerAuthor Commented:
Will Szymkowski: yes I'm referring to Accepted Domains, so we can send mail from the Accepted Domains, I create a user that coincides with the domain and as long as your ON the LAN, it works, but when your off the LAN, the Accepted Domain account the would connect internally, will not connect externally.
0
 
davorinCommented:
Yes, that's true. It is mostly used in multi-tenant configuration, when you want to use the user's domain instead of AD domain at client configuration/authentication.

Can you please give us more info?
Version of outlook client. Are at problematic laptops configured multiple exchange accounts?
How are outlook accounts configured?
Is exchange setup as multi-tenant or you are just using additional accepted domains?
Do a user needs multiple mailboxes and send from different mail addresses? Should the incoming mails be stored in separate mailboxes (in case users accepts mails from multiple mail addresses)
0
 
HaroldNetwork EngineerAuthor Commented:
davorin: Never set this up "It is mostly used in multi-tenant configuration, when you want to use the user's domain instead of AD domain at client configuration/authentication."

Version of outlook client. Outlook 2010(currently) Are at problematic laptops configured multiple exchange accounts? yes
How are outlook accounts configured? we use the normal Exchange configuration wizard, is this what your asking?
Is exchange setup as multi-tenant or you are just using additional accepted domains? Just Accepted Domains, can I change it to use Multi-tenant in production mode?
Do a user needs multiple mailboxes and send from different mail addresses? Should the incoming mails be stored in separate mailboxes (in case users accepts mails from multiple mail addresses) Both of these questions, yes. I have setup users per mailbox to authenticate and able to send mail.
0
 
davorinCommented:
Multi-tenant is used in hosting environments. It is needed only if you need to (more or less) completely separate domains on exchange server. And you need to specify it at the beginning of installation.
Can you try two things:
- If you setup outlook with one sub-domain exchange account (no primary and on other sub-domain account) do you still have the problems?
- if you, instead to configure multiple exchange accounts, configure just primary account in outlook and add full access permissions for primary account to other sub-domain accounts. The other mailbox should be added to outlook with automapping.
http://www.msexchange.org/articles-tutorials/exchange-server-2010/management-administration/mailbox-auto-mapping-exchange-server-2010-part1.html
0
 
HaroldNetwork EngineerAuthor Commented:
davorin: I've done both...

- If you setup outlook with one sub-domain exchange account (no primary and on other sub-domain account) do you still have the problems? yes
- if you, instead to configure multiple exchange accounts, configure just primary account in outlook and add full access permissions for primary account to other sub-domain accounts. The other mailbox should be added to outlook with automapping. yes

The only reason the second is not an option is the Accepted Domain I'm trying to make work/authenticate, is new and is the ONLY account these users will be using and not the primary, hence where question 1 is answered. No you can not add ANY Accepted Domains, with primary or not, off the LAN.
0
 
davorinCommented:
Have you tried to use outlook connectivity and autodiscover tests?
https://testconnectivity.microsoft.com/
Do you get any errors?
Use a temporary test account or at lest change test user password after the tests

Is your "primary domain" your AD domain and also a public domain?
0
 
HaroldNetwork EngineerAuthor Commented:
What I found was outside the LAN, as I setup an account and clicked More Settings, Connections<tab> and Connect to Microsoft Exchange using HTTP, then Exchange Proxy Settings. From here I populated the  two fields with our mail servers name and set Authentication to Basic.

I was able to connect then.
0

Featured Post

Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now