| Author |
Message |
John Doe
Guest
|
 Posted:
Tue Mar 08, 2005 6:55 am Post subject:
Address Book via Front-End? |
|
|
Running Exchange 2003 in FE/BE setup. Everything is working fine.
However, how do IMAP clients get access to the Address Book? The back-ends
have restricted access while the Front-ends are available to IMAP user
anywhere in the world. What about LDAP? Hopefully something can be
configured to allow Address Book lookup via the front-ends.
I hope the answer isn't "allow access to an AD DC through the firewall" ...
Is there an article about how to set this up within the FE/BE model?
I need some details ... for example, on a MAC, using the native Address Book
say, what would the search base be?
Any help greatly appreciated.
|
|
| Back to top |
|
 |
Steven
Guest
|
| Posted:
Tue Mar 08, 2005 8:11 am Post subject:
Re: Address Book via Front-End? |
|
|
Well non-MAPI clients don't get access to the "Address Book" per say. Your
IMAP clients need to point to an Active Directory Global Catalog server
(port 3268) to search Active Directory for mail objects. Exchange 200x
Front-end servers are not LDAP servers, they just proxy HTTP, IMAP, and POP3
connections (and when configured they route SMTP mail). You must allow your
IMAP clients to talk to a GC if you want them to do directory searches.
As far as search bases its generally like this:
dc=company,dc=com
Such as dc=microsoft,dc=com
Best regards,
Steven
"John Doe" <JohnDoe@discussions.microsoft.com> wrote in message
news:14FDDEBF-F6CC-4EA5-B3CB-E22742527A91@microsoft.com...
| Quote: | Running Exchange 2003 in FE/BE setup. Everything is working fine.
However, how do IMAP clients get access to the Address Book? The back-ends
have restricted access while the Front-ends are available to IMAP user
anywhere in the world. What about LDAP? Hopefully something can be
configured to allow Address Book lookup via the front-ends.
I hope the answer isn't "allow access to an AD DC through the firewall"
...
Is there an article about how to set this up within the FE/BE model?
I need some details ... for example, on a MAC, using the native Address
Book
say, what would the search base be?
Any help greatly appreciated.
|
|
|
| Back to top |
|
|
John Doe
Guest
|
| Posted:
Tue Mar 08, 2005 8:11 am Post subject:
Re: Address Book via Front-End? |
|
|
Thanks Steven
I knew that a normal lookup was via the GC. We it working on the LAN. It is
more the internet solution.
I'm looking for a proxying solution instead of opening a port in the
firewall to one of my DCs.
John
"Steven" wrote:
| Quote: | Well non-MAPI clients don't get access to the "Address Book" per say. Your
IMAP clients need to point to an Active Directory Global Catalog server
(port 3268) to search Active Directory for mail objects. Exchange 200x
Front-end servers are not LDAP servers, they just proxy HTTP, IMAP, and POP3
connections (and when configured they route SMTP mail). You must allow your
IMAP clients to talk to a GC if you want them to do directory searches.
As far as search bases its generally like this:
dc=company,dc=com
Such as dc=microsoft,dc=com
Best regards,
Steven
|
|
|
| Back to top |
|
|
Steven
Guest
|
| Posted:
Tue Mar 08, 2005 6:38 pm Post subject:
Re: Address Book via Front-End? |
|
|
Well you have a few problems in that. Active Directory Domain Controllers
require authentication before one can search the directory, which means your
clients would not only need open access to a DC on port 3268, but they would
need to send their password in the clear.
Best regards,
Steven
"John Doe" <JohnDoe@discussions.microsoft.com> wrote in message
news:C0375F70-B623-45D9-89DD-B13C5E62E8DD@microsoft.com...
| Quote: | Thanks Steven
I knew that a normal lookup was via the GC. We it working on the LAN. It
is
more the internet solution.
I'm looking for a proxying solution instead of opening a port in the
firewall to one of my DCs.
John
"Steven" wrote:
Well non-MAPI clients don't get access to the "Address Book" per say.
Your
IMAP clients need to point to an Active Directory Global Catalog server
(port 3268) to search Active Directory for mail objects. Exchange 200x
Front-end servers are not LDAP servers, they just proxy HTTP, IMAP, and
POP3
connections (and when configured they route SMTP mail). You must allow
your
IMAP clients to talk to a GC if you want them to do directory searches.
As far as search bases its generally like this:
dc=company,dc=com
Such as dc=microsoft,dc=com
Best regards,
Steven
|
|
|
| Back to top |
|
|
John Doe
Guest
|
| Posted:
Wed Mar 09, 2005 6:59 am Post subject:
Re: Address Book via Front-End? |
|
|
Will using port 3269 (opening that in the firewall) force the use of ssl?
With 3268 it is working when the "requires ssl" box is ticked or unticked. |
|
| Back to top |
|
|
Steven
Guest
|
| Posted:
Wed Mar 09, 2005 5:40 pm Post subject:
Re: Address Book via Front-End? |
|
|
This may get you started:
http://support.microsoft.com/default.aspx?scid=kb;en-us;247078
--
Best regards,
Steven
"John Doe" <JohnDoe@discussions.microsoft.com> wrote in message
news:8972724D-F206-477E-B076-B9FAC62CB828@microsoft.com...
| Quote: | Will using port 3269 (opening that in the firewall) force the use of ssl?
With 3268 it is working when the "requires ssl" box is ticked or unticked. |
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in