question

PluggedNagManuteno-7290 avatar image
0 Votes"
PluggedNagManuteno-7290 asked KaelYao-MSFT commented

Outlook 365 Exchange configuration linked to AD user



Hello and good afternoon everyone,

I would like to know if it is possible to link the configuration of Outlook with the Exchange service through the user login in the domain.

For example: Maria does not have a fixed computer at the company and this company uses Office 365 + Enchange boxes. She cannot have access to the email password.

Every time Maria switches computers, will I need to configure Outlook with the Exchange account?

Maria has an Exchange license, but not a 365 key (365 keys are hardware-related, not users).

Is there any way through GPO or script to allow that when the user logs in, Outlook is already configured with the account?

Thanks!

office-exchange-server-administrationoffice-outlook-itprowindows-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

KaelYao-MSFT avatar image
0 Votes"
KaelYao-MSFT answered KaelYao-MSFT commented

Hi @PluggedNagManuteno-7290

Have you deployed Azure AD connect to sync on-premises AD with Azure AD in your environment?

To my knowledge this is not possible.

As to login Exchange online mailboxes, you may need authenticate with the credentials of Exchange Online mailboxes.
So email address and password are required.
And if you have MFA enabled, you also need to authenticate via MFA.
There is no method to store these credentials in local AD to have Outlook auto-configured with these credentials.


If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 9
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @PluggedNagManuteno-7290

Just checking in to see if above information was helpful. Please let us know if you would like further assistance.

1 Vote 1 ·

Hi @PluggedNagManuteno-7290

Yes. It should also work with Outlook.
Once you have enabled Security Defaults in your tenant and have enforced MFA for the accounts on per user level, the users will need to also authenticate via Phone or Microsoft authenticator app besides simply entering the password.

If MFA has been set for the account, after entering the password you would see a promotion for setup MFA methods like this:
202233-22.png


Besides MFA, if possible you may also consider conditional access in Azure AD to control client access.


1 Vote 1 ·
22.png (74.6 KiB)

Perfect, MFA worked when I tried to login to Outlook Desktop as you said.

This will allow you to manage logins even if employees have the password.

Your help was worth gold and took the rope off my neck lol

5 stars and thank you very much for your help.
We can close the topic.

0 Votes 0 ·
KaelYao-MSFT avatar image KaelYao-MSFT PluggedNagManuteno-7290 ·

Glad to know it works for you!

If you don't mind, please accept the reply as the answer to the question to close this topic.
Thanks for your understanding.

1 Vote 1 ·
Show more comments

First of all, sorry for the delay in responding.


Have you deployed Azure AD connect to sync on-premises AD with Azure AD in your environment?

This was not done. Anyway, what does this feature do? Sorry, but I don't know about this feature.

Isn't there something similar to exporting the .prf file for Exchange?

From what I've read, it works up to the 2016 version of Office. To be quite honest, I didn't get to test it with the 365 to see.

Is that if users have the password to access Exchange, they could access the box outside the company, which would be a big problem. So we're looking for ways to automate the Outlook login process as I'm talking about 30+ employees and each of them can use up to 15 different computers.

Unfortunately, in this sector there is a high turnover of employees, in addition to work shifts (morning, afternoon and night).

Do you have any suggestions for this situation?

0 Votes 0 ·
KaelYao-MSFT avatar image KaelYao-MSFT PluggedNagManuteno-7290 ·

Hi,

Anyway, what does this feature do?

It is used to sync on-premises AD infrastructure to Azure AD.

Isn't there something similar to exporting the .prf file for Exchange?

According to this link: ZeroConfigExchange - Automating the Creation of an Outlook Profile for Exchange Accounts

Exchange accounts - the .PRF file requires an Exchange server name to be hard-coded. This is normally acceptable for on-premises environments using Exchange 2010 and previous versions, but for Exchange 2013 and greater, along with for Exchange Online accounts, the server name contains a variable GUID that can change from time to time and from user to user.

In the PRF file the server name would be hard-coded but if using Exchange Online it would get changed from time to time.

Thus I suppose credentials to login Outlook would still be necessary.

0 Votes 0 ·

Thanks for the answer.
Could you tell me if using MFA when setting up Outlook with the Exchange account, I would be asked to enter a double check?

I know that by OWA this is possible, but with Exchange's AutoDiscover, MFA's performance would also be asking for double authentication?

If so, that solves my problem as I can pass the login/password to the users and I control the second part of the authentication.

0 Votes 0 ·
LimitlessTechnology-2700 avatar image
0 Votes"
LimitlessTechnology-2700 answered PluggedNagManuteno-7290 commented

Hi there,

If Maria switches computers often then all the PC that she makes the switches on must have Exchange for mail flow configured.

After you've installed Exchange Server in your organization, you need to configure Exchange for mail flow and client access. Configure mail flow and client access on Exchange servers https://docs.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/configure-mail-flow-and-client-access?view=exchserver-2019

What you can try is Outlook on the web. Outlook on the web (formerly known as Outlook Web App or Outlook Web Access) is a browser-based email client. Outlook on the web lets you access your Microsoft Exchange Server mailbox from almost any web browser.

How to set up Outlook on the web to access Exchange Server https://docs.microsoft.com/en-us/exchange/troubleshoot/client-connectivity/set-up-web-access



--If the reply is helpful, please Upvote and Accept it as an answer–

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello friend,

As told to our friend above, we have more than 30 employees who switch between 15 computers in 3 work shifts.
It also happens that this department has new employees leaving and entering with a certain frequency.

So imagine having to configure 1 user on 15 computers every time a new employee is hired? Jesus! xD

Unfortunately OWA is not an option and users cannot access login credentials either.

What do you suggest in the situation I'm in?

Thanks

0 Votes 0 ·