Volume Number: 20 (2004)
Issue Number: 12
Column Tag: Programming

Using Entourage and Mail with an Exchange Server

by Mark Underwood

Making lots of headway in the "mixed" IT world

Introduction

While most people think that the best thing for the Mac was the return of Mr. Jobs, quite a bit of the people in the Corporate IT departments feel it was Microsoft's introduction of Exchange Server support in Office X and 2004. Not only did it mean conventional corporate users could access their email, shared calendars, Public folders directly from the server...it also meant they would be frowned upon less by their support gurus! In this article, we'll give the detailed instructions for those users and support staffers who want to get or provide direct Exchange services for Mac OS X.

Versions, History, Requirements And Caveats

First off, remember that this integration process is a moving target for two reasons - both of them in Redmond. Microsoft is always improving on the abilities of their Exchange Server (we're now at Exchange Server 2003) and Office (Window's version is 2003 and Mac's version is 2004). While the protocols behind how an Exchange server talks to the clients that can use it hasn't changed much in the last four years, Microsoft only started this integration on the Mac side in the last two versions.

In this article, we'll refer to the three Microsoft-supported versions of Office for Mac as follows:

• 2001 - Office 2001 for Macintosh, which only runs under Mac OS 9 (not classic), and is the equivalent of Office 2000 for Windows
• X - Office X for Macintosh, which is the equivalent of Office 2002/XP for Windows
• 2004 - Office 2004 for Macintosh , which is the equivalent of Office 2003 for Windows

By "equivalent", we mean that not only are the file formats the same between sides, but with some very minor exceptions, the same named programs are functionally equivalent. Word is Word, Excel is Excel, and PowerPoint is PowerPoint. The "minor" exceptions in these named programs mean that Mac-specific nifties were added above and beyond (not instead of or replacing) the Windows-side program. Mostly this is in QuickTime, as you might guess.

Before 2001 was released, Microsoft had created a stab at a Mac-based Office quite that had Word, Excel, and PowerPoint only. They also created a reasonable Exchange client that, oddly enough, was named "Outlook". This program could fetch mail from an Exchange server and see some of the shared folders - but only if extensions to the Exchange server was configured - things not turned on by default when the server is installed. There was another stab at the Outlook equivalent, named (again, oddly enough) Outlook 2001 that was more stable, yet still not quite the Windows-side. If the IMAP or Outlook Web Access service is installed, then just about any email client can access mail - so other than it "looked" more like the windows Outlook, it didn't get any closer to being functionally equivalent.

With 2001, Microsoft dropped Outlook Express support on the Mac and introduced Entourage. Very Mac-like, very useful...but not Outlook. Two years later, just after Mac OS X started hitting the streets, X comes out. Still Mac-like, still useful...and some better Exchange support is integrated - but the IMAP gateway is still required on the server-end. Now we have 2004, and at last, it's useful.

But Apple wasn't asleep, either. The original Mail program in 10.0 was pretty much just sendmail on GUI steroids. No Exchange access except with the Outlook Web Access (OWA) gateway. Cheetah spiffed it slightly - still nothing but OWA. Jaguar added the heavy-duty filters and rules...still nothing but OWA. It took until the Panther entered the IT jungle for apple to add basic Exchange service support to their Mail program. We can expect that support to improve with both vendors' products in their next iteration.

Here's what you need to get this working properly:

Like all things It, the more up to date, the better. Exchange 5.5, even with the POP gateway, can only provide the mail to any Mac-based client. Exchange 2000 with SP 2 or later can provide mail, public folders, and calendaring - the basics of dealing with Exchange from the windows-user perspective. The latest version of server even allows full Active Directory integration for Exchange (as well as Mail), so that a client Mac isn't any different in usage from a Windows box.

Panther is best for this, on a lot of little levels and one big one. The Windows-integration inside this version is very clean and works without flinching. We'll give you the details of how to get that properly set up (as you don't usually think to do it, even in a "mixed" network). It can be done under Jaguar...but you haven't upgraded yet? Shame on you!

To get the best of Exchange, we highly recommend Entourage 2004, as Apple didn't get the iCal program to work with Exchange (yet). While Address Book can work with Exchange (through the LDAP gateway) and Mail with Exchange, if you must use, delegate, and share calendaring, Entourage 2004 is it. We'll show you how to use Mail and Address book, but seriously consider Entourage.

As with everything Microsoft-related, your mileage may vary. A full list of what does and doesn't work of the Exchange services and the Mac-based clients can be found on their Mactopia site at:

http://www.microsoft.com/mac/support. aspx?pid=exchange

Server Configuration

This isn't a copy of WinTech magazine, so we won't bore you with the Exchange Server installation and configuration verbosity. However, we can tell you (and should, as Microsoft's support site doesn't have all of this together) what services should be activated to make this approach work for any Mac-based, Exchange compatible client.

Outlook Web Access (or HTTP DAV as it is now know) should be already on, since that's the default in order to get Exchange email through a web browser. But double-check, and if it uses a different port than 80, note that down.

IMAP should be turned on, as this is what Apple's Mail program accesses the Exchange server with. IMAP is a normal method, too...but isn't on by default in some Exchange versions.

LDAP should be turned on. It will be on if you are using 2003, or have your 2000 server integrated with Active Directory, but again, double-check, and note the port if different than 389.

Configuring Mac OS X

With the server ready to go, let's turn our attentions to the Mac. And yes, before we configure the Exchange client, we first configure the Mac to act more like it's a PC, with respect to Windows-based services.

On a Mac, windows-based services are known under the UNIX parlance name of SMB. Go into your Applications folder, then down to the Utilities folder, and start up Directory Access.

Figure 1 shows up. You may need to unlock access to the settings by authenticating - cick the lock in the lower left if needed. Once it's available, check the SMB box, select it once, and click on the Configure button.

Windows environments have two major types of authentication: WINS and Active Directory. What you want to do is to ensure reference from the Exchange server through its background authentication, as well as how the Mac will (in turn) reference to the server. If you're not the IT staffer, consult one to find out which applies...using the simple question of "are we using Active Directory?" Be warned; if you're not the IT staffer, for you to ask such a "geeky" question will astound them - since it's Microsoft-speak. But if answered "no", you use WINS. If answered "yes", you can use WINS and Active Directory...or just Active Directory, if the WINS protocol isn't used at your location.

In either case, you can (and should) specify the Workgroup the Mac is living in, with respect to the other windows machines in your local area. In our example, we have one named "KAUi". But Mac OS X is also savvy enough to help you see which one you're in...pull down the menu at the end of the Workgroup field and you'll see all of the workgroups within your LAN or IP sub-domain. Usually the name of the workgroup is known and called something like your department or company's name. If WINS is being used, it normally means you're using Windows NT Server and Exchange 5.5. Look at Figure 2, which is what you'll get when you clicked on "Configure" for SMB. Put the WINS Server's name in the next field. If you're not using WINS, leave it blank. Click "OK" to take these settings, and we'll move on.

If you got back "yes" from your question on Active Directory, check it in the Directory Access dialog, then select it and click "Configure". You'll see a shorter version of Figure 3...extend it by clicking on the triangle next to Show Advanced Options. What to fill in here depends on the way your location's Active Directory was set up, so you can safely take these names to your IT staffers and get what to put in them. Usually only the top three are needed, unless there are more than one AD in the place.

Once you have those answers to fill in, you will need to click on "Bind..." to add the Mac to the Active Directory list of clients. This will throw up a prompt to log in with as an administrator, so you'd better have one handy.

Restart the Mac once both of these are configured to re-register the computer in everything that matters for the rest of the steps.

Now we turn to creating the Exchange accounts in the two mail programs. We'll do Entourage first

Configuring Entourage 2004

Open Entourage 2004, select Accounts from the Tools menu, and then pull down the "New" menu in the dialog and pick "Exchange..." This starts the Account Setup Assistant, which will try and automatically detect your Exchange server settings if you provide the basics: User ID, Domain, and Password. If they're all correct...and you don't have oddities on the Exchange server with respect to security and such, it will breeze on through and set up your account.

Due to the known and unknown security errors and problems with Exchange, however, most servers will not be so easy. Let's switch instead to the "Configure account manually" button back at the start (if the auto-assistant failed in any way to set the account up) and review the settings.

On this tab, give your account a name, and put in the basics of the server and network. In our example, we used a domain name of "KAUi" to match the Workgroup name for a 5.5/2000 Exchange server without Active Directory. If you use Active Directory, you would put in the fully qualified domain name of the Exchange server. For the name of the server itself, we've used the IP address instead of the short local name for two reasons: speed and speed. Using the short name means an address lookup to get the IP address. Multiply that times the number of end users, and you might get a delay long enough to match the timeout value and get nothing. If the Exchange server speaks to the outside world (which it should), then it has a fixed IP address and you should use that. Name and E-mail address are what you want Entourage to show to the outside world through your sent messages.

Now let's look at the Mail tab.

Critical setting here is how to fetch the messages from the server. We chose "Receive complete messages" to make sure we can go offline and still read them. Exchange is similar to a standard IMAP server that leaves messages on itself to retrieve and read. But most folks deal with how POP servers work...messages get transferred down to the client and not left on the server. So if you saw the message headers on the Exchange server and then left work, you wouldn't be able to select and read them without going on-line to complete the process. If you have a slow dial-up situation, you can check the "Partially receive..." option to cut down on the traffic and set a limit as to the size fetched. Message Options for signature and header information go here on this tab. Let's move on to the Directory tab.

Part of the beauty of the Exchange server is centralized services, such as a single corporate address book, shared folders, and shared calendaring. On this tab, we deal with the Address Book part. If your IT staffers have set up the Exchange server with the LDAP extension, put either the name or IP address of it into this field. Name's okay here, as the lookup's different. With LDAP, there was also a search base established for how broad of a group is examined when accessed...normally "dc=local" will do, but check your settings. Trimming the number of returned names speeds things up, and I'm sure you don't have 100 John Smiths in your company, anyway. Figure 6 shows our example for you.

Next is the Advanced tab, where the spiffy Exchange services get set.

Normally, the same Exchange server is mail, calendar, public folders, and directory. We again used the fixed IP here to cut down on response time. Synchronization is best done always, hence that as the default setting. You have the option to pick a specific category within Entourage to synch, or to synch all but a specific category (such as a person category), or not to synch at all. This synch applies to everything - calendar, address book, tasks, etc. If you don't want your private life spilling into the corporate Exchange server, you don't use the same account in Entourage to do both types of mail - simply said. On to the next tab.

Delegate is an option within Exchange to allow others of your choosing to act as a 'delegate' with respect to your calendar and tasks information. Administrative assistants, for example, or co-workers on a project. You normally delegate with settings back at the server-end for starters, but within Entourage, you can refine the settings to specific individuals and responsibilities.

Listed here will be the ones your Exchange server has listed for you already, and you can add others within the guidelines and roles set up there. In our example, we didn't do any delegation, as its best to test that later. On to the Security tab.

Digital certificates are often allowed in Exchange servers, as Windows server have the option to generating them for use by clients. Here is where you indicate which one(s) to use for both signing and encryption.

This completes the configuration for Entourage 2004...now you can close the edit by clicking the "OK". Entourage will find the Exchange server, and voila! You should see your left column look something like this:

Configuring Apple Mail

If you use - or what to use - Apple's Mail program to access the Exchange server, the steps are a little easier due to the fact that Apple's Mail program relies on the IMAP, LDAP, and WebDAV extensions to the server, instead of the Windows-based default services.

Open Mail, bring up the Preferences, click on Accounts, and create a new mail account to start the process with.

Pick "Exchange" from account type, provide a description for the account, then put the email address and name you want associated with the account from the outside world's perspective. Incoming server is the Exchange server - notice that we again used the fixed IP to save speed - and user name/password are those of the server's.

Our outgoing server relies back on the ISP's, since we're not really using the full Exchange suite here. Recall that many ISPs prevent you from relaying messages, so you normally use the same as any outbound POP account(s) you may have.

The last entry here is the Outlook Web Access Server, should your Exchange server be a pre-2003 version. Mail will switch to using its gateway, rather than the IMAP.

Done! Apple's Mail has been configured for Exchange. Now we turn to the Address Book approach for getting that shared resource to work with Mail.

Since Address Book is used for many programs under Apple's default suite, it may be nice to add it anyway - even if you use Entourage. Open Address Book, go under its Preferences, click on the LDAP tab, and then the plus sign at the bottom to add a new directory server.

As we did in Entourage, LDAP settings are the same for Address Book. Server name or fixed IP address, search base, etc. are all the same. Add it, then click on "Save" to save it.

To use the LDAP, exit the Preferences, go to the top of the first list on the lft and click on the icon labeled "Directories". Next to it should now show up your Exchange server via LDAP. Click on it to restrict searches to it, and then type in a name or location in the search field at the top right of the dialog, then press return. Any results will be listed in the bottom pane. Voila!

Conclusions

Well, whether you went the all-Apple or all-Microsoft approach to adding Exchange services to your Mac - or to the Macs you support if you're an IT staffer - you see that it's much easier than it was just a couple of years ago...and it can only get better as time goes on. We hear rumors of abilities being added to Tiger's versions of Mail and Address Book, as well as more surprises from Redmond in the next wave of Exchange. But this advancement makes it a lot easier for the "mixed" world to let both cats and dogs eat at the same diner indefinitely. ?

While it's not a perfect fit - there are some Exchange services still only for Windows-based clients, but they are nominally not the day-to-day sorts of things - the benefits of migration in either direction by introducing this compatible approach far outweigh the 'single platform' mantra folks have had to hear for decades. Let's all hope the tide has indeed turned, and the folks at both locations keep this alive and flourishing.

Mark Underwood was born in Lexington, Kentucky and started writing not too long after that event, cutting his first set of teeth on Robert Heinlein and J.R.R. Tolkien. He currently lives near the Atlanta area with his family, three cats, and close to two dozen computers that are currently combined in solving the children's homework and the amazing mysteries of the IT industry.