R
RobM
We are currently looking to migrate to native Outlook (2003) encryption from
a third party Outlook add-in. This is compicated by the fact that our parent
company maintains an LDAP directory containing all certificates, and we have
a separate AD environment that alspo contains a limited number of
certificates. The LDAP directory is added as an address book in Outlook and
we can resolve addresses against it without any problem. However, if we try
to encrypt an email, regardless of which address book the name resolves
against Outlook looks for a certificate in our local AD. Where one exists, it
will encrypt the email, but if a certificate isn't present message sending
fails. If I turn on cached mode the behaviour changes - Outlook then looks to
the LDAP directory, finds the appropriate certificate and encrypte the mail
as expected. We could get round this by importing all the certificates to AD,
but this isn't something we're keen to do, particularly as there are only a
very few users who currently have AD certs, so what we really want to do is
to persuade Outlook to either ignore AD altogether (unlikely I suspect) or
fall back to the LDAP directory when it fails to find a cert in AD. Any ideas
how we can achieve this?
a third party Outlook add-in. This is compicated by the fact that our parent
company maintains an LDAP directory containing all certificates, and we have
a separate AD environment that alspo contains a limited number of
certificates. The LDAP directory is added as an address book in Outlook and
we can resolve addresses against it without any problem. However, if we try
to encrypt an email, regardless of which address book the name resolves
against Outlook looks for a certificate in our local AD. Where one exists, it
will encrypt the email, but if a certificate isn't present message sending
fails. If I turn on cached mode the behaviour changes - Outlook then looks to
the LDAP directory, finds the appropriate certificate and encrypte the mail
as expected. We could get round this by importing all the certificates to AD,
but this isn't something we're keen to do, particularly as there are only a
very few users who currently have AD certs, so what we really want to do is
to persuade Outlook to either ignore AD altogether (unlikely I suspect) or
fall back to the LDAP directory when it fails to find a cert in AD. Any ideas
how we can achieve this?