owa advice needed

we are running Exchange 2003 SP1 in a single domain W2k native
environment...

we're currently considering using RSA secure VPN access to let users
outside our network access their email (each user would connect using
\\servername\exchange).

in order to get this to work properly however, our VPN support guys are
saying we have to change all the permissions on our Exchweb folder and
subfolders to 'anonymous' (from Integrated and Basic).

are we at risk internally of someone sniffing our network with this
arrangement?

I know the MS recommendation is using a front end server in the DMZ to
do all the authentication.

Anyone have any thoughts, recommendations?

Thx,

J.

0
lee.james (17)
3/15/2006 10:01:26 PM
exchange.admin 57650 articles. 2 followers. Follow

2 Replies
329 Views

Similar Articles

[PageSpeed] 49

On 15 Mar 2006 14:01:26 -0800, lee.james@spartan.ab.ca wrote:

>we are running Exchange 2003 SP1 in a single domain W2k native
>environment...
>
>we're currently considering using RSA secure VPN access to let users
>outside our network access their email (each user would connect using
>\\servername\exchange).
>
>in order to get this to work properly however, our VPN support guys are
>saying we have to change all the permissions on our Exchweb folder and
>subfolders to 'anonymous' (from Integrated and Basic).

They are morons.
>
>are we at risk internally of someone sniffing our network with this
>arrangement?

Damn right.
>
>I know the MS recommendation is using a front end server in the DMZ to
>do all the authentication.

The hell it is.

>
>Anyone have any thoughts, recommendations?
>
Get competent network boys.

>Thx,
>
>J.

0
mark7219 (5666)
3/15/2006 10:44:57 PM
Are you going to use Outlook or OWA for Exchange access? Don't change 
permissions that is a recipe for disaster. I'm not even sure why they would 
suggest that. If you are going with OWA use SSL for security.

The FE in a DMZ is an old recommendation that has been supplanted by the use 
of ISA in the DMZ. However this should not even be a factor for a VPN 
connection.

Perhaps you share some more of your goals for Exchange client access.

Nue
<lee.james@spartan.ab.ca> wrote in message 
news:1142460086.011227.288310@i40g2000cwc.googlegroups.com...
> we are running Exchange 2003 SP1 in a single domain W2k native
> environment...
>
> we're currently considering using RSA secure VPN access to let users
> outside our network access their email (each user would connect using
> \\servername\exchange).
>
> in order to get this to work properly however, our VPN support guys are
> saying we have to change all the permissions on our Exchweb folder and
> subfolders to 'anonymous' (from Integrated and Basic).
>
> are we at risk internally of someone sniffing our network with this
> arrangement?
>
> I know the MS recommendation is using a front end server in the DMZ to
> do all the authentication.
>
> Anyone have any thoughts, recommendations?
>
> Thx,
>
> J.
> 


0
imaneophyte (3004)
3/16/2006 1:53:55 AM
Reply:

Similar Artilces:

I need a formula for a Golf Scorecard
If the value of column B is greater by 2 than the value of column A, Record as 1 in column C. enter in C2 =IF(B2-A2>2,1,"") and copy down -- Greetings from New Zealand Bill K "Timmy" <Timmy@discussions.microsoft.com> wrote in message news:1A8710C9-50BC-4B5D-8197-81EA2D8AC1F8@microsoft.com... > If the value of column B is greater by 2 than the value of column A, > Record > as 1 in column C. Thanks for your help Bill, Im in NZ too!!! Unfortunatly your formula did not work. It doesnt show up as invalid but just turns up a blank(not a zero even) in ...

Repository. Please, need help. I created an example project.
Hello, I am trying to create a Repository pattern with Unit Of Work using a Linq To SQL model. I read everything I could find and tried many options but I am never able to quite make it work correctly. Basically, the use of my Repositories Unit Of Work fire an error on the Linq code in the repositories: "Cannot add an entity with a key that is already in use." Sometimes I am able to solve this problem then my Repositories fail to work as an Unit Of Work. I created a Console Project that includes: 1. SQL code to create a sample database; 2. The Linq To SQL entiti...

I need to send a secured email, how do I do that?
I need to send an email that only the user can open, does anyone know how to do that? Thanks! Send the content as a password protected zip-file and contact the person by different means to inform him/her about the password you used. -- Robert Sparnaaij [MVP-Outlook] Coauthor, Configuring Microsoft Outlook 2003 http://www.howto-outlook.com/ Outlook FAQ, HowTo, Downloads, Add-Ins and more http://www.msoutlook.info/ Real World Questions, Real World Answers ----- "HR1" <HR1@discussions.microsoft.com> wrote in message news:6D58FFF1-3EFB-463F-BAED-5F4B577FD...

I need a formula!!!
I am working in Excel 2000 and I have a spreedsheet already made but i have to make a new one and I have 4 colums of information that I would like to move into one colum can you help me with the formula? Krystin Use =Cell1&Cell2&Cell3&Cell4 If you require spaces in between each cell entry use =Cell1&" "&Cell2&" " etc Andy. "Krystin" <ext-krystin.craig@nokia.com> wrote in message news:3af201c3761f$d2de8cd0$a301280a@phx.gbl... > I am working in Excel 2000 and I have a spreedsheet > already made but i have to make a new one ...

Need to Graph Comparisons
I know this is going to sound really basic and I apologize in advance. Monthly, I track activity on our hotline, by facility and by issue type. I have a stacking bar graph that I generate. The names of the issues are on the left side, with the facilities across the top. This results in the issues stacked for each facility. I need to know how to generate a graph that will show comparisons for month to month by facility, quarter to quarter, etc. Do I do duplicate sets of data by month and if so, how can I graph them to compare them? I hope this makes sense and thank you for your help. Yo...

Help needed with conditional formatting
Hi once again to all of you.I am here with one more problem related t conditional formatting.I have uploaded my file in this lin http://rapidshare.de/files/17202439/a.xls.html I had set some formatting to column B with some formattin.But m problem is that, that if i dont enter anything in column C the colo remains the same in the column B. But i need that if column C is blan then column B must be without color.Please help me soon. Thanks in advance -- Little Maste ----------------------------------------------------------------------- Little Master's Profile: http://www.excelforum.com...

change password on OWA
I can not change password from owa. I can see the change password screen and write user, domain, old password and new password informations. Then I push the ok button I take this error message: Internet Service Manager for Internet Information Server 6.0 Error: General access denied error I have W2k3 and Exchange 2003 SP1 with two FE and Exchange Cluster Active-Passive Any help would be appreciated. On Tue, 26 Apr 2005 16:38:17 +0200, "MMC" <ryuken_26@yahoo.it> wrote: >I can not change password from owa. I can see the change password screen and > write user, doma...

Block GAL's and OWA searches from being visible
We have a very complicated situation that I've heard lots of answers to, but unable to find a definitive answer. The main idea is that we have 3 groups of people: Alumni is group 1, IT People is Group 2, and Group 3 consists of everyone else at the college (faculty, staff, students). Here's what we want to accomplish: Alumni can only see other alumni in the GAL they use. We don't want 1 large GAL with white spaces missing. We also only want Alumni to only return alumni when searching in OWA Fac/Staff/Students - these people can only see fac/staff/students, not the alumni. ...

OWA: Combining form-based & basic HTTP auth
Hello, Is it possible to enable both form-based and HTTP authentication at the same time for an OWA server in Exchange 2003? I've been trying to do this for the last day or so and have not been having much luck. I would like to have both because each method has its advantages. Form-based auth allows session timeouts and compression (why is compression tied to the form method by the way?). HTTP auth prevents unauthenticated users from knowing that you have an OWA server there as they hit the HTTP auth before they can learn anything except you are running IIS. I can use either in...

text box help needed
hi experts - I am quite new to this. I have a txtbox on my bound form called txWorkCode. It is a required field and duplicates are not allowed. I want it to accept only digits 0 to 9 (but they are text, not integers). If the user enters 3 for example, I want a "0" appended to the front. In other words the underlying table will always be from 00 to 99 whether the user enters 1 digit or 2. I don't want the value to just 'look' like "03" for example, but I need there to actually be "03" in the WorkCode field in my underlying table. ...

Urgently need help with creating formulas
Hello My worksheet is full of thousands of firstnames, middle names surnames, email addresses etc etc. How do I create a formula that wil result in having each persons *first name, initial of middle name surname and email address * ? I would really appreciate some help. Thank you. Ka -- Kat Hughe ----------------------------------------------------------------------- Kat Hughes's Profile: http://www.excelforum.com/member.php?action=getinfo&userid=1674 View this thread: http://www.excelforum.com/showthread.php?threadid=31952 You didn't bother to tell us your setup so try thi...

OWA Issue #3
Hello Logging into OWA is fine. But once Im in, the status area on the botttom left of the window says done with an error flag. I open it up and get: Internet Explorer Problems with this web page might prevent it from being displayed properly or functioning properly. Line: 15 Char: 30 Error: Object expected Code: 0 URL: https://my server/exchange/?Cmd=contents Has anyone seen this? What should I look for? How should I repair this? Thanks for any help. Thomas ...

OWA 2003
When i connect to OWA on an external server on a computer accessing internet through our Test ISA server, i get the Error Access is denied message. When i access it from behind our Proxy 2 server it goes through fine...any ideas why? Please note i have read Q169649 XWEB: Access Is Denied Using the Web Client and it has not helped "Creative Door" <Private@email.com> wrote in message news:fjNsb.38615$Ws6.664@edtnps84... > When i connect to OWA on an external server on a computer accessing internet > through our Test ISA server, i get the Error Access is denied message....

OWA Access
Hi, Please ignore my previous post about this. I forgot to add some detail. We are having problems with our users connecting to OWA. Our company uses to SMTP addresses for example company1.com and company2.com. We are currently upgrading from Exchange 5.5 to Exchange 2003. We have 8 sites in total. Users at 7 of our branches use a company1.com email address while 1 branch uses a company2.com address. Now, all the users who use the company2.com address can login into our webmail server without a problem but users who have a compnay1.com address get the following message: "You cou...

OWA on Front-End Exchange 2003 Server gives "HTTP/1.1 503 Service Unavailable"
On a pure Windows 2003 network, I have Exchange Server 2003 installed on a back end server "BE1". OWA works fine on this server via http://BE1/Exchange On 2 brand new windows 2003 servers "FE1", "FE2", I 1. Installed Exchange Server 2003. 2. Installed Exchange 2003 SP1 3. Made it a front-end server via System Manager 4. Rebooted and tried accessing OWA Accessing http://FE1/Exchange and http://FE2/Exchange does not work I only get "HTTP/1.1 503 Service Unavailable" IIS log: 2004-11-24 14:26:53 127.0.0.1 GET /Exchange - 80 mydomain\myusername 127...

OWA certificate
I will install FE in DMZ for OWA and I have BE in internal side. I just wonder which server should hold CA role. Do you recomend FE or BE or it does not matter? Thanks If you go my most recomendations you should configure a three tier topography, with an offline Root. and Enterprise CA, and an online Sub CA. The offline CAs can be in Virtual PC or VMWare and archived away for when you need them. I would not install a CA on an Exchange server, but have seen it done before, because of buget constraints. You should keep your Online CA server intenal only, and publish its public certicate...

Worried about Backing Up Data
Hi folks, I'm looking for advice. Am I doing enough, doing things right? I have a SBS 2003 server and a couple of Server 2003 machines. My SBS has a tape robot running Backup Exec. I run it daily and take the previous nights tapes home with me each day, but there are days that the backup doesn't run (for reasons I'm not sure, so I need to investigate that), but I"m also thinking that tape backups aren't the best way to go either. If the building burns down, I can't restore it completely anyway, as I will have to have new HW. So I signed up with an ...

My 500 page novel needs book margins
A newbie, I wrote a novel and now I need different margin settings. Can I change all those pages to the correct size? Yes. Assuming you've let the lines wrap naturally and not used any manual page breaks, you can change the margins and your text will rewrap. If you're thinking of formatting the book yourself, see http://daiya.mvps.org/bookword.htm -- Suzanne S. Barnhill Microsoft MVP (Word) Words into Type Fairhope, Alabama USA http://word.mvps.org "Novelwriter" <Novelwriter@discussions.microsoft.com> wrote in message news:F6791D2C-C655-4483-AEE3...

Macro Help Needed
I have a macro to send emails which used to work but now doesn't. Whilst running it within VB it flags an error with this part:- 'Execute the URL (start the email client) ShellExecute 0 &, vbNullString, URL, vbNullString, vbNullString, vbNormalFocus I can't work out why because as far as i can tell nothing has changed. ...

Need a special bar graph
Hello, I want to represent the birth and death of several historical figures in a horizontal line graph, given the birth and death dates. For example, consider the following. Pericles, -495 to -429 Socrates – 469 to -439 The graph I have in mind is somewhat like a Gantt chart. The graph techniques that I see in Excel only allow for one point, and always reference zero. What would you suggest for a graph of these? Thank you, Keith Here is my data (I do wish we had a better way of showing data!) born died Pericles -495 -429 Socrates...

Need help writing a workable formula in form design......
I'm trying to write a workable formula in an unbound text in form design. It's a monster formula. Their are 4 components: comp/att*100-30/20 yds/att-3*.25 td/att*20 2.375-int/att*25 Each one of the answers for these 4 components must be checked , if greater than 2.375 then set to 2.375 and if less than 0 then set to 0 and finally, all added together, multiplied by 100 and divided by 6 This is what I have but I get Syntax Error. I'm very new to access, so please keep this in mind, thank you. =PasserRating:([comp]/[Att]*100-30/20+iif(>2.375=2.375),iif(<0=0)+[yds]/[att]...

vba needed
I have a worksheet which is linked to Access providing me with a database which produces a variety of stats etc. What i would like to do is to look in a column of this database and when two rows of data match record the time difference between the two occurances. The data is based on alarms and response times. a pair of matching cells will have a unique id number. Im not sure where to start tho some sort of if statement and some coping and pasting may be involved.The date time is in column b the alarm id is in column M with various other data in between. Thank you in advance for any suggestio...

OWA error 403 with expiring or expired password
Hello, If I log onto OWA with an account that the password will expire in 14 days or less, I get the error 403, you are not authorized to view this page. If I click on refresh it lets me in. Any ideas? Thank you. Anybody? "Greg Mulato" wrote: > Hello, > If I log onto OWA with an account that the password will expire in 14 > days or less, I get the error 403, you are not authorized to view this page. > If I click on refresh it lets me in. Any ideas? > > Thank you. I'm having a similar problem, did you find a solution? "Greg Mulato"...

OWA-Error: (0x80070005):Access is denied.----HELP!
Error: (0x80070005):Access is denied." Repost as no reply to last msg. When user clicks attachment button, it goes straight to a select file dialog box rather than bring up the attachment dialog where the user would normally click browse. After attaching via this method user cannot send msg as another dialog box appears with the following text. "One or more errors occurred while the message was being sent. Error: (0x80070005):Access is denied." NOTE:This server is running SSL, the user is a domain user so no admin abilities. ...

Access denied when sending email with Excel attachment using OWA
Have a user who get the following error when send an email with an excel spradsheet using OWA. The exact error messsage: One or more errors occurred while the message was being sent. Error: (0x80070005): Access is Denied. We are running Exchange 2003 SP2 with ISA 2004 SP2 for OWA clients. thanks ...