The automatic configuration of mobile devices using Active Sync can be simplified by using the user’s mail address for logging-in to the Exchange account.
At the same time the automatic configuration of Outlook can be simplified if it is started over the internet instead of over the internal network.
Because both configurations need a password, wouldn’t it be great if you could log-in with your mail-address?
The users don’t need to type in their internal AD-user name and the configuration runs automatically.
For this to work, the UserPrincipalName (UPN) has to match the primary mail-address.
Hence, the user does not log-in with the mail-address but the UPN.
…and it doesn’t matter for him or her.
Via the properties of the MMC-domains and trusts, a further UPN-suffix can be entered. It can later be selected when configuring the UPN on the user-object.
Many companies employ the Threat Management Gateway (TMG) by Microsoft for the publication of mobile Exchange access-paths. Usually the log-in data is verified via the LDAP protocol because the TMG is part of the DMZ and should not be a member of the domain. In the properties of the LDAP configuration of the listener on the TMG, the log-in-expression should look as follows:
Through the adaption of this configuration, log-in to the Exchange-account with the mail-address is possible. This simplifies the automatic configuration of mobile devices including notebooks using Outlook Anywhere.