I'm running Server 2008 with Exchange 2007 SP1. All is running quite well and good.
However, I have a few clients who are not thrilled with the idea of joining a domain environment, mainly because of the hassle involved in copying profiles around.
On my test computer, I've had no luck getting the computer to connect to server.example.local when not joined to the domain. I imagine that there is a security policy setting that is not allowing anonymous clients to connect.
Secondly, the client is adamant about a lack of passwords and password prompts. They'd like ideally for Outlook to open and not prompt for usernames.
I've been told by the client that their previous IT company had managed to setup another exchange server without it prompting for usernames and passwords (their words, not mine) but I haven't figured out how this was achieved.
So, my questions in short:
- Can I have computers that are not joined to a domain connect to an Exchange 07 server?
- Can I have computers that are connected to said exchange server NOT prompt for passwords each time Outlook is opened?
All client PC's are using Vista or W7, with Office 2007 SP2.
Best Answer
PCs that aren't joined to the domain can definitely talk to Exchange with Outlook. Outlook is going to prompt the user for credentials when connecting to the Exchange Server computer. I know that Outlook 2003 didn't have any "remember password" functionality, but I'm not sure about Outlook 2007. If I had to guess, I'd say that it doesn't.
Autodiscovery will work. Have a look at this article http://msexchangeteam.com/archive/2007/04/30/438249.aspx (search for the phrase "non domain") for a brief bit about how the autodiscovery works on non-domain clients.
(Why are they so adverse to joining a domain? Roaming user profiles aren't required, and the existing local profiles can be migrated to domain user profiles.)
It might be possible to do the whole "poor man's workstation trust" wherein you create domain user accounts that match the local usernames / passwords used on the client computers to get Outlook not to prompt for passwords. That's an environment that's hard to keep password synchronized in, and I'm not even sure it would work.
They really need to join their clients to the domain. That's the solution. It'd be interesting to hear more about why they have a problem with it. (I'm guessing they're doing lousy things like storing data on the hard disk drives of clients, peer-to-peer file sharing, etc... sigh)
You indicate that your tests aren't working. What kind of error messages are you receiving when it fails? (Name resolution could be iffy in such an environment. You might not have the whole DNS infrastructure that AD mandates in place, for one.)