Exhange Authentication

I have been asked to look putting a mail server in a central site for use by 
outlook clients on a couple of sites.

The AD has a root domain and 3 child domains. The child domains hold the end 
user accounts

This is all on server 2003 SP1 and Exchange 2003 SP2.

I wanted to have a DC on the same physical site as the Exchange box so that 
when a user tries to logon to their mailbox the authentication will not 
require a lookup on a remote DC over the WAN. What I didn't want was to have 
a DC for all 3 child domains on the site with Exchange as it would cost more 
money than I would want to spend.
Will Global Catalog allow me to use a single DC with exchange with this plan

The Exchange server is installed in the root domain
The DC local to the Exchange server is a DC in the root domain
This local DC is a Catalog server for all 3 child domains.

If I do this will Exchange simply authenticate credentials for mailbox 
access from the local GC for the users domain, or will it still go accross 
the WAN to an actual DC for the user domain?

Thanks for any help.

0
7/14/2006 8:50:01 AM
exchange.admin 57650 articles. 2 followers. Follow

2 Replies
342 Views

Similar Articles

[PageSpeed] 55

See
http://support.microsoft.com/kb/875427/en-us
http://support.microsoft.com/kb/250570/en-us

Marcus Bentley wrote:
> I have been asked to look putting a mail server in a central site for use by 
> outlook clients on a couple of sites.
>
> The AD has a root domain and 3 child domains. The child domains hold the end 
> user accounts
>
> This is all on server 2003 SP1 and Exchange 2003 SP2.
>
> I wanted to have a DC on the same physical site as the Exchange box so that 
> when a user tries to logon to their mailbox the authentication will not 
> require a lookup on a remote DC over the WAN. What I didn't want was to have 
> a DC for all 3 child domains on the site with Exchange as it would cost more 
> money than I would want to spend.
> Will Global Catalog allow me to use a single DC with exchange with this plan
>
> The Exchange server is installed in the root domain
> The DC local to the Exchange server is a DC in the root domain
> This local DC is a Catalog server for all 3 child domains.
>
> If I do this will Exchange simply authenticate credentials for mailbox 
> access from the local GC for the users domain, or will it still go accross 
> the WAN to an actual DC for the user domain?
>
> Thanks for any help.
>
>   

-- 
Text from most Windows dialogs can be copied to clipboard with Ctrl-INS.

Free productivity applications suit - www.openoffice.org
Free Internet calling - www.skype.com
Free SQL database Firebird - full support for transaction control, 
triggers, stored procedures, partial SQL-99 compliance
http://www.ibphoenix.com/main.nfs?a=ibphoenix&s=1142758270:704186&page=what_is_interbase
0
kpalagin (1838)
7/15/2006 6:24:22 AM
The first one answers my question, thanks.

Marcus

"Kirill Palagin" wrote:

> See
> http://support.microsoft.com/kb/875427/en-us
> http://support.microsoft.com/kb/250570/en-us
> 
> Marcus Bentley wrote:
> > I have been asked to look putting a mail server in a central site for use by 
> > outlook clients on a couple of sites.
> >
> > The AD has a root domain and 3 child domains. The child domains hold the end 
> > user accounts
> >
> > This is all on server 2003 SP1 and Exchange 2003 SP2.
> >
> > I wanted to have a DC on the same physical site as the Exchange box so that 
> > when a user tries to logon to their mailbox the authentication will not 
> > require a lookup on a remote DC over the WAN. What I didn't want was to have 
> > a DC for all 3 child domains on the site with Exchange as it would cost more 
> > money than I would want to spend.
> > Will Global Catalog allow me to use a single DC with exchange with this plan
> >
> > The Exchange server is installed in the root domain
> > The DC local to the Exchange server is a DC in the root domain
> > This local DC is a Catalog server for all 3 child domains.
> >
> > If I do this will Exchange simply authenticate credentials for mailbox 
> > access from the local GC for the users domain, or will it still go accross 
> > the WAN to an actual DC for the user domain?
> >
> > Thanks for any help.
> >
> >   
> 
> -- 
> Text from most Windows dialogs can be copied to clipboard with Ctrl-INS.
> 
> Free productivity applications suit - www.openoffice.org
> Free Internet calling - www.skype.com
> Free SQL database Firebird - full support for transaction control, 
> triggers, stored procedures, partial SQL-99 compliance
> http://www.ibphoenix.com/main.nfs?a=ibphoenix&s=1142758270:704186&page=what_is_interbase
> 
0
7/19/2006 1:44:02 PM
Reply:

Similar Artilces:

exhange server name in a group policy.
Hi Experts, Is there a simple way to roleout outlook 2003 within a terminal server farm? I want to set the exhange server name in a group policy. Can't find anywhere.. thanks in advance. Patrick On Fri, 12 Jan 2007 11:46:22 +0100, "Patrick Scholtes" <ps45.nospam@xs4all.nl> wrote: >Hi Experts, > >Is there a simple way to roleout outlook 2003 within a terminal server farm? >I want to set the exhange server name in a group policy. Can't find >anywhere.. > >thanks in advance. > >Patrick > It's not just the server name but PROFG...

Howto allow login only via "Form based Authentication"?
Hello! In the company I work_ed_ for we had an exchange-configuration were the only possible authetication method was form-based authetication. If we tried to access e.g. the calendar, we were redirected to the form-based-authetication site. But how can this be archived. If I just enable form-based authetication and disable all other authetication methods (like basic, digest,...) I get a warning that I'll not be able to access this service again and thats true. It would be really great if somebody could give me a hint howto enable only form-based authetication? Thank you in advanc...

User Authentication
Hello All I want to authenticate a windows user i cant use LogonUser because the client user may not have SE_TCB_NAME privilage i am using SSPI but in case of error i does not provide exact error message: For example if the user is not allowed to log on the domain from the this computer. SSPI gives an internal SSPI error rather than informing that the user is not allowed to login from this computer. Is there any other way to authenticate domain and Local users. Thanks in Advance! Faisal Mansoor ...

OWA Authentication #8
I have SBS 2003 with exchange server I thought I had authentication problems and stupidly started changing the authentication settings in IIS under the exchange node I have now found that the problem was elsewhere and have now sorted it However now I cannot login to OWA Can anyone tell me what the default setting's in IIS are so I can change them back Thanks ...

Turn off basic authentication for OWA?
I've seen plenty of information on how to turn on form based authentication for OWA. But it seems like basic authentication is still active even when you enable FBA and the way to determine which one is used is by the URL: http - basic https - FBA Is there a way to disable basic authentication and force the users to use FBA? If so, would they still have to type "https" or would typing "http" also open the logon form? Thanks. I would use fba with basic authentication only...just redirect the top level website (default website maybe) to the /exchange folder a...

Kerberos authentication issue
Hi, I have followed the MS Support Article 917818 instructions to enable Kerberos authentication support in CRM to allow use of host headers on the website, but I am still getting the exact same issue - a 401.1 Unauthorised error message. Is there anything else I should be looking at? Cheers Richard Have you set up an SPN between the IIS and SQL servers? "Richard Price" wrote: > Hi, > > I have followed the MS Support Article 917818 instructions to enable > Kerberos authentication support in CRM to allow use of host headers on > the website, but I am still getti...

Configuring Forms Based Authentication
Could someone please direct me to a detailed walkthrough on how to enable forms based authentification for Outlook Web Access on Exchange 2003. I have followed the steps on the help files with Exchange and enabled SSL on IIS however I now cannot access the site. I would be extremely greatfull if someone can help. Thanks in advance...... David "David Powell" <dpowell@homenet.local> said > Could someone please direct me to a detailed walkthrough on how to > enable forms based authentification for Outlook Web Access on Exchange > 2003. http://hellomate.typepa...

POP3 authentication issue
I have setup a POP3 account in Outlook XP. When I click the test button to test the settings, everything works fine. After about 20 minutes I start getting a dialog asking for the username/password for the POP3 server. Even if I check the remember password box, the dialog keeps popping up. I have also checked the remember password box when I setup the account in Outlook. Any ideas what is causing this? Thanks, Take a look here, it may help: http://support.microsoft.com/default.aspx?scid=kb;en-us;290684 "tk" <timkelley123@mennies.com> wrote in message news:%23AMk...

NT Domain Authentication
We are running Great Plains v7 and our users are currently authenticating via their domain NT account. How can I set it up so they have to change their passwor every 90 days. If I expire the domain account after 90 days they can't get logged into GP. There is a product from Winthrop (www.winthropdc.com) that gives you this functionality. GP does not have this functionality off the shelf since it uses SQL Server authentication. "Brian" <Brian@discussions.microsoft.com> wrote in message news:E6089E83-8012-43B6-A320-269C1FD9EB50@microsoft.com... > We are running Gre...

MS02-011: Authentication Flaw Could Allow Unauthorized Users To Authenticate To SMTP Service
Hello All ! I have problem - when I scan port 25 on our Exchange 5.5 with special XSpider 7.0 port scanner, this program recommend me visit following URL: http://www.microsoft.com/technet/security/bulletin/MS02-011.mspx for delete potential SMTP open relay. After patch downloading and succsessful installing I scan port 25 again and... scanner show me this recommendation again... What wrong?.. How I can eliminate this problem on Exchange 5.5 Help please! Our Exchange 5.5 (with IMC) run on Windows NT 4.0 SP6. Regards, Benjamin. ...

Problem with pop3 authentication
Hi all, there's a problem with my exchange eviroment. When I change the user password from a user on Active Directory, this user cannot login on POP3 protocol using this new password for a long boring time. When I use OWA and Exchange Client, everthing works fine. There's some settings on Exchange to clean this cache or reduce this delay time? Thanks in advance. ...

Backup service authentication question
Hello, I have a fairly small Exchange 2003 installation. My HQ site has a single Exchange 2k3 BE server. The HQ site is connected to 3 other remote sites via a mesh network. Each of those sites has a local Exchange 2k3 BE server. I use BackupExec 11d for my backups. I recently noticed that if my Exchange server in the HQ site is unavailable, the Exchange backups in the remote sites fail in connecting to the resource. It appears like an authentication issue. When the main site comes back on line, backups can run again without issue. Each site has at least one 2k3 domain controlle...

Activesync/OWA authentication problems
I am running Exchange 2003 on the same server as ISA 2000. I have OWA clients that access their mailbox's from another network that sits behind another ISA server. To enable these clients access you have to DISABLE Integrated Windows Authentication from the Exchange virtual directory and use just Basic Authentication, this is apparently because this type of authentication cannot pass through 2 ISA servers!? I also have PPC users using Server Activesync. To connect and synchronise these clients have to have Integrated Windows authentication ENABLED. Is there any way I can have this both...

Authentication Failed Error Message Won't Stop!!
"Authentication Failed. Please check your username and password for the account..." I have deleted the referenced email accounts, I have disabled my anti-virus coverage for my email accounts, I have uninstalled and reinstalled my anti-virus software and I am at a loss as to how to prevent this constant, non-stop error message from coming up time and time again - about every 30 seconds. HELP. -- BCD Go to Tools | Acccounts | Mail and look for that account that is = referenced and delete it. If there are any messages in the outbox, = delete those as well. steve...

moving exhange 5.5 to another domain
Is it possible to move exchange 5.5 to another domain and not lose any mail boxes and settings? My plan is to join the mail server to another domain. My question what will happen to exhange when I do this. I did have three domain controllers running on win2k servers with sp4. I would like to just create a totally different domain to by pass as many problems as possible. Can I just have that email server join this new domain? If I do so what might happen. No, you can't do that (not natively anyway). What you could do is put a new Exchange server in the new domain and then migrate the mai...

CRM authentication issues
Hi all We seem to be having a problem with our CRM system. Since we installed the product we persistantly got the following error message: Event ID 11 KDC Error There are multiple accounts with name host/anc2003dc02.ancorisltd.local of type DS_SERVICE_PRINCIPAL_NAME. From an initial correspondance, I was told to use LDP and ADSI edit to remove the duplicate SPN which I completed successfully and this stopped the error from happening. Since then, we have been unable to connect to the CRM web site using the http:\\servername as before. We can connect to the system remotely, howeve...

OWA 2003 hanging after authentication externally
Please help!! I have Exch 2003 Enterprise (with SP1) on a Win 2003 SP1 server. I am having a really bizarre issue which I have had for weeks now and nothing I have done has fixed it. Some clients pc's externally (XP and 2000) when logging onto our OWA mail receive the authentication box and after entering their credentials it just hangs with a blue line in the middle whilst trying to load the inbox contents. Internally using XP works fine on all accounts I have tested so far. Don't have any 2000 pcs internally to test. It works on other XP and 2000 machines that I have tested fine, ...

Re: form base authentication
Dang spell check. IIS admin, not IBIS admin. "Matthew Kitchin (Usenet/Lists)" <mkitchin.public@gmail.com> wrote in message news:... > It's right there in the GUI for IBIS admin. It should be pretty easy. I > don't know of any document. Just poke around and you will see it. > > "WB" <wmb37@hotmail.com> wrote in message > news:uvt5T8l6GHA.844@TK2MSFTNGP03.phx.gbl... >> do you know of a document which would explain how to do that??? >> >> w >> >> "Matthew Kitchin (Usenet/Lists)" <mkitchin.public@...

Transparent Authentication with OWA 2003 FE
Is it possible to have transparent authentication with OWA 2003 Front-End ? Thank you for your help, Regards, Xavier ...

CRM 3.0 Authentication Problem
Aside from my issues customizing CRM, I'm running into a problem logging in. Domain users are not able to login and it will continue to prompt for a username and password in IE. If I add a user to the "Domain Admins" group temporarily, they login fine. Are there additional groups that CRM users need to be added to? Thanks. Ben, By default, IE will pass thru network credentials if there is no dot in the address- http://crm or http://crm:5555. But if there is a dot in the URL <http://crm.domain.com or http://crm.domain.com:5555> it will prompt for credentials. This ...

Outlook Client Cannot Authenticate to Exchange Server 2000
Hi All, I'm having a connection problem to my exchange server from my outlook. I have noticed, someone else got this same issue on one of the forum, but without a solution. Here's my problem in detail. I (user1) have Windows XP pro with SP1, I can authenticated to my domain without any problem. When Outlook XP is launched, the system prompts for the user id. I key the username and password, and the system responds that the logon information is incorrect, check the username, password or domain. This occurs on any id entered, including the administrator. I have not found anything that...

What does "SMTP Authenticate" mean?
This error message was received when Outlook bounced back an email I sent, it would be nice if they told me what SMTP Authenticate means and how to do it. Help please... Bob ********************************************* The reasons given by the server are included to help you determine why each recipient was rejected. Recipient: <staff@thetrophyshop.com> Reason: You must SMTP Authenticate before sending to staff@thetrophyshop.com Hi Bob, have a look on this sites: What means SMTP Authenticate? http://www.cablecom.ch/en/smtp How to configure Outlook SMTP Authenticate: http://...

OWA
We currently use forms based authentication on our Exchange Server, but for people who are logged in on the internal network (but not at a computer with Outlook) we would like them to be able to acccess OWA and not have to log in again. (i.e. https:\\mail\exchange\username). Is there a way to do this and prevent the login prompt? Thanks Create another HTTP virtual server using different port w/same IP or default port but different IP? -- Bharat Suneja MCSE, MCT -------------------------------- "Jan" <someone@microsoft.com> wrote in message news:ud3Bd%239rFHA.2072...

Authentication problems after RPC fix
After running all windows updates yesterday in order to ensure that we were not vulerable to LoveSan, etc.. (including Windows 2000 Service Pack 4 and the dot net Framework 1.1 update), we can no longer authenticate to our MS-CRM test server.... The Error we receive is: Server Error in '/' Application. ----------------------------------------------------------- --------------------- Access is denied. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it ori...

SMS reminder message from Exhange 2003
We are looking for a product that will send a reminder from the Exchange server to a pager/phone regardless if Outlook is open or not. We have users that use only OWA and never have Outlook open and would like calendar reminders sent to their phone via SMS or email. Can anyone tell me of how they accomplish this? (writing my own custom event sink is not really an option) Ken AdminKen wrote: > We are looking for a product that will send a reminder from the > Exchange server to a pager/phone regardless if Outlook is open or > not. We have users that use only OWA and never hav...