Enable Outlook Anywhere in Exchange 2010

Spread the love

In order to access emails from Internet using Outlook application, Outlook Anywhere feature must be enabled in Exchange 2010. Outlook Anywhere replaces the need for VPN to access Exchange mailbox from Internet. Outlook Anywhere uses HTTPS/443 port and uses digital certificate to encrypt traffic. So the domain name that will be used to access Exchange server from outside needs to be in Subjective Alternative Name of the digital certificate. Make sure you have installed SAN certificate correctly with proper domain names. This article shows steps to enable Outlook Anywhere in Exchange 2010.

Enable Outlook Anywhere in Exchange 2010

When you install Exchange 2010, Outlook Anywhere is not enabled by default. You have to manually enable it. You need to provide domain name, like mail.mustbegeek.com while enabling Outlook Anywhere. This domain will be access from Outside to login to Exchange mailbox. From internally, SCP or Autodiscover DNS record will be used to lookup Outlook Anywhere information from domain joined clients. To enable Outlook Anywhere, log on to Exchange server and open Exchange Management Console.

Enable Outlook Anywhere in Exchange 2010

Expand Server Configuration and select Client Access. Right-click client access server and click Enable Outlook Anywhere.

Enable Outlook Anywhere in Exchange 2010

Type domain name to access mail server. Here I have mail.mustbegeek.com. Make sure this external domain is pointed to corporate Exchange server’s public IP address. You should do this from public domain hosting like GoDaddy. Choose authentication method. You can choose Basic or NTLM. NTLM uses the cached login cred to login to Outlook when user goes out of corporate network and logs in via Internet. So choosing this option allows user to login to Outlook using cached login without having user to enter the password. If cache is not present user is unable to login. Basic authentication transmits username and password in clear text but is encrypted by SSL connection. While accessing Outlook from Internet, Basic authentication will ask for credential, you can check box to remember the password. Both method are secure as they are transmitting through SSL connection and are encrypted by digital certificate. Here, I will choose Basic authentication. Now, click Enable.

Enable Outlook Anywhere in Exchange 2010

Click Finish. Outlook Anywhere is now enabled for all mailboxes. To enable Outlook Anywhere through PowerShell or Exchange Management Shell use following cmdlets,

Enable-OutlookAnywhere -Server MBG-CAS01 -ExternalHostname 'mail.mustbegeek.com' -DefaultAuthenticationMethod 'Ntlm' -SSLOffloading $False

In this way you can enable Outlook Anywhere in Exchange 2010. You can disable Outlook Anywhere per user if need using following cmdlet,

Get-Mailbox —Identity BGiri@mustbegeek.com | Set-CASMailbox -MAPIBlockOutlookRpcHttp $True


The following two tabs change content below.
Bipin is a freelance Network and System Engineer with expertise on Cisco, Juniper, Microsoft, VMware, and other technologies. You can hire him on UpWork. Bipin enjoys writing articles and tutorials related to Network technologies. Some of his certifications are, MCSE:Messaging, JNCIP-SEC, JNCIS-ENT, and others.

Latest posts by Bipin (see all)

scroll to top