Add work exchange account to outlook on home computer

[bgstcola]

Hi all

I've been trying to add my work exchange account to outlook on my home pc (Outlook 2010 and win7). I had no luck so I contacted helpdesk at my work and they told me that it was not possible. I'm wondering if this can be true. I have the account working on my phone so shouldn't it be possible to get it on my pc as well?

Thanks
bgstcola

 

[Chiefcrowe]

yes.. the settings could be different though. we use RPC over HTTPS to access exchange at home.
Also, the initial setup may have to be run while connected to your VPN.

 

[Gooberlx2]

Do you have access to exchange webmail? You could try using something like DavMail to sit in between and act as a local IMAP server.

 

[kleinkinstein]

so I contacted helpdesk at my work and they told me that it was not possible.

Ha! Of course they did. They don't want to support an extranet account. They don't want to set a precedent. They want you to go away.

Anything is possible.

 

[Ketchup]

Does the place you work at give you a way to access their network from outside the office (in general, not just the email)?

 

[debian0001]

If RPC is enabled you might be able to...

Google Outlook Anywhere.

 

[bgstcola]

Thanks alot for all the suggestions. I will try them tomorrow:thumbsup:

btw: I don't know anything about how the network is configured.

 

[kleinkinstein]

btw: I don't know anything about how the network is configured.

And your IT dept knows it. That's why you're getting shot down so easily.

 

[Dstoop]

And your IT dept knows it. That's why you're getting shot down so easily.

To be fair, they're shooting him down with good reason. It's not their job, nor their responsibility to support his home PC, much less help him make a (presumably) unauthorized connection to their exchange server. Security risks aside, i'm sure the IT support staff has way more important things to be doing than helping the OP beat *their own* system.

As for the OP, unless connecting directly to your exchange server from home is explicitly allowed by your company policies, it's not a good idea to do so. All that vague paperwork about the computer use guidelines you signed when they hired you? That usually includes a clause covering how you wont do exactly what you're trying to do now, and they can fire you for it.

That being said, it all depends on if your company is hosting their own exchange servers, or if they use some form of hosted exchange. If it's the latter, it's stupid easy to get your outlook hooked up from home

 

[bgstcola]

I have tried kleinkinsteins method and I couldn't make it work. I think it's a bit strange that I can add the account to my phone (sgs2 with enhanced email) and I can't add it to outlook. That doesn't make sense to me

 

[debian0001]

It makes absolute sense. The phone uses ActiveSync which is a different from Outlook or any mail client. Why don't you use OWA? I am sure they allow that.

 

[bgstcola]

I don't use owa because it's inefficient. Usually it's easier to pick up my phone than to go to a website and enter username and password.

I would really like to have my personal and work mail accessible from the same client on my pc exactly as on my phone. It seams like DavMail is the way to go. Which client would you suggest? My personal mail is on Google Apps.

Someone should include ActiveSync in a desktop client...

 

[Fardringle]

Whether you CAN do this or not is unimportant. If the office IT department said DON'T do it, then trying to do it is a good way to get yourself in trouble and/or fired.

 

[Ketchup]

Whether you CAN do this or not is unimportant. If the office IT department said DON'T do it, then trying to do it is a good way to get yourself in trouble and/or fired.

THIS. My dad and I both work at places that allow VPN access to the office. I can do the majority of what I do at home, or pretty much anywhere with wifi.

The place you work has not expressed this liberty. In fact, they have expressed that you cannot do this. So I would leave it alone. Maybe get an email going up the chain if it is that important to you.

 

[bgstcola]

Well I asked the the IT helpdesk if it was possible to add the Exchange account to Outlook and they said no. I'm pretty sure they meant "no" as in "we don't know a way to do this" or "there is a way but it's too complicated and we have other things to do" and not that I shouldn't do it if I could find a way. Why would they mind?

I'm from Denmark and I think stuff like this maybe different than in the US. I consider myself a "by the rules" kinda guy but this doesn't worry me at all.

 

[nsafreak]

There are all kinds of reasons why your work may not want to do this or simply don't allow you to connect to their Outlook servers from home. It may not simply be because of various IT security guidelines that that they want to (or are legally required to) enforce but it may also be things like SOX and other regulatory guidelines that your company may have to follow or if they're audited and found not to be following get to pay nice hefty fines. If you really badly need to access your work e-mail from home and can provide a valid work related reason you might be able to get them to setup a VPN account so that you can VPN in and connect to the outlook servers that way. Otherwise there's a good chance that you're out of luck.

 

[bgstcola]

I tried DavMail and couldn't make i work. It seemed a bit messy too.

I contacted helpdesk again and suggested that they allowed VPN or Outlook Anywhere. But they said they wouldn't do it because they wouldn't allow pop3 for security reasons I guess I'm SOL.

 

[Dstoop]

IMO just use OWA if they give it to you. As long as you're using a modern browser the layout is almost identical to Outlook anyway. Typing a username/password takes a whole five seconds, and as long as you are actually sitting there working and using it you won't get disconnected for inactivity. Not to mention that you won't get yourself fired for using it.

 

[Gooberlx2]

Typing a username/password takes a whole five seconds

Can also use something like lastpass to autologin.

 

[Nothinman]

I tried DavMail and couldn't make i work. It seemed a bit messy too.

I contacted helpdesk again and suggested that they allowed VPN or Outlook Anywhere. But they said they wouldn't do it because they wouldn't allow pop3 for security reasons I guess I'm SOL.

Either the helpdesk guy is an idiot or he thinks you're one. If you can go over his head, try that. However, there are a number of variables involved in getting ActiveSync and/or Outlook Anywhere setup and it's not like you can do that on your own.

 

[Dstoop]

Why would they mind?

Because there's considerable security concerns. If you need to access via a secure OWA website or a VPN, they can configure your connection to have limited rights as well as at least require up-to-date virus software is installed on your computer. They can reasonably safeguard your connection to the mailserver just like any other remote access oriented service they may provide.

Just giving you free reign to connect to their exchange server would involve opening two considerable vulnerabilities to the enterprise environment:

1. The exchange server and firewalls would need to be configured to just let any old connection through in an attempt to access mail accounts, which means you can connect to it from home, but so can any person attempting to gain unauthorized access to the company network.

2. Outlook is a MAJOR target for viruses, especially worms. A virus ends up on the company network and they can quickly contain it. A virus hijacks your home PCs Outlook and starts spamming all of your business contacts with virus-laden dick pill adverts, sent from your official @CompanyName.com email address. Best case is you hammer the corporate spam filter into oblivion and company mail service slows to a crawl, worst case *they get sent through* and your company just infected 2000+ clients with a computer virus, potentially compromising their personal information and definitely compromising their business relationship with your company.

IT doesn't come up with these rules just to punish employees working remotely, there's serious and legitimate reasons why giving people free access is not typically done.

 

[bgstcola]

Dstoop, I'm not sure I understand. Do you say that it is reasonable that I can't connect to Exchange *without* VPN but that there isn't any real security reason not to allow VPN?

I work at a school so it's not like we need any special kind of security.

Nothinman, ActiveSync works fine but it is of no use on my desktop pc.

 

[Nothinman]

Because there's considerable security concerns. If you need to access via a secure OWA website or a VPN, they can configure your connection to have limited rights as well as at least require up-to-date virus software is installed on your computer. They can reasonably safeguard your connection to the mailserver just like any other remote access oriented service they may provide.

Just giving you free reign to connect to their exchange server would involve opening two considerable vulnerabilities to the enterprise environment:

1. The exchange server and firewalls would need to be configured to just let any old connection through in an attempt to access mail accounts, which means you can connect to it from home, but so can any person attempting to gain unauthorized access to the company network.

2. Outlook is a MAJOR target for viruses, especially worms. A virus ends up on the company network and they can quickly contain it. A virus hijacks your home PCs Outlook and starts spamming all of your business contacts with virus-laden dick pill adverts, sent from your official @CompanyName.com email address. Best case is you hammer the corporate spam filter into oblivion and company mail service slows to a crawl, worst case *they get sent through* and your company just infected 2000+ clients with a computer virus, potentially compromising their personal information and definitely compromising their business relationship with your company.

IT doesn't come up with these rules just to punish employees working remotely, there's serious and legitimate reasons why giving people free access is not typically done.

The proliferation of "cloud computing" and hosted Exchange providers these days says otherwise. I could see how 1 can be an issue if your users have poor passwords or you don't have a dedicated edge server to isolate access. But 2 shouldn't be an issue now since MS has done so much to lock down access to its accounts from outside processes. I'm not saying that it's impossible, but that it's a lot less likely and considered an acceptable risk these days.

I work at a school so it's not like we need any special kind of security.

That kind of thinking is the main problem. You most likely have lots of personal information for the students and their family, so I would say that you definitely need to secure that well.

 

[Ketchup]

I work at a school so it's not like we need any special kind of security.

I love that sentence.

 

[bgstcola]

I love that sentence.

haha yea that came out kinda wrong. I just meant stuff that would be worth a lot of money to hackers or pose national security threats etc.

Anyways, I'm a teacher and I work a lot at home and need to check my mail often. I can't figure out if I'm an idiot because I wont just accept to use OWA or if you're suggesting that my IT-department is incompetent for not letting me use VPN. Maybe both?

btw: they said that they already had VPN because they had citrix. I hate citrix