Solved

Outlook Connecting to Exchange 2003 over RPC HTTPS, Can I save my password so the domain box stops popping up each time I start outlook?

Posted on 2004-09-04
11
2,384 Views
Last Modified: 2008-08-27
Hi,

Finally got Exchange 2003 configured to use RPC over HTTPS so clients do not have to VPN in. I have outlook 2003, WinXP SP2, and have set it up such that I can access my exchange mailbox using RPC over HTTPs. Everything's working fine--however there is one slightly annoying issue. Every time I start Outlook, I am confronted with the domain login box, prepopulated with the DOMAIN\USERNAME in which I have to enter in my password. Can this be made to go away? There is no option to save my password (at least not in this domain prompt).

The email account settings box under user authentication "always prompt for username and password" is unchecked.

Any ideas?

Jay
0
Comment
Question by:jbreg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 13

Assisted Solution

by:stefri
stefri earned 200 total points
ID: 11982516
i am afraid this behaviour is by nature
stefri
0
 

Author Comment

by:jbreg
ID: 11982631
Do you have any resources or documentation on this? It seems very strange that it does not allow these logins to be stored, when it does for every other messaging type and most domain popups elsewhere...

Is there a workaround?

Jay
0
 
LVL 10

Assisted Solution

by:jayca
jayca earned 100 total points
ID: 11983417
No workaround, this is for security reasons.

As a person who supports Exchange, I would be very upset if they did allow that.  
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:jbreg
ID: 11983534
Not that I don't trust you, but is there some documentation or resource which I could use to learn more about this?

Is this the configuration you would reccomend for end-users, notwithstanding the fact that it is marginally cumbersome?

Jay
0
 
LVL 104

Expert Comment

by:Sembee
ID: 11984367
Is the machine with Outlook installed a member of the same domain as the Exchange server?
If so, then the constant prompt for username/password is not normal. Pass through authentication should work. Having implemented a number of RPC/HTTP implementations if there was a constant username/password prompt for clients on the domain/network then the service wouldn't be implemented.

If it isn't then the password prompt is correct as pass through authentication cannot work.

Can you confirm which it is?

Simon.
0
 

Author Comment

by:jbreg
ID: 11984377
Simon,

No. I suppose I could do this, though, but then I'd have to configure my router at home to persistently vpn into our sonicwall. This machine is mine at home and is not on our domain.

Jay
0
 
LVL 104

Expert Comment

by:Sembee
ID: 11984599
If it isn't on your domain then the password will not be saved. That is by design.

Simon.
0
 

Author Comment

by:jbreg
ID: 11986489
I understand this, I suppose, but from an end-user perspective it really sucks having to input your password each time you open outlook. I thought one of the chief benefits of an RPC over HTTPS implemenation was the avoidance of extra, cumbersome steps like VPNS...

Jay
0
 
LVL 104

Accepted Solution

by:
Sembee earned 200 total points
ID: 11987272
RPC/HTTP is designed to be used in a domain environment as an alternative access method. If the machine is a member of the domain then the username/password is not prompted for each time.
If the machine isn't a member of the domain, then as others have said above, I would be very concerned if the ability to save the password was provided and would be looking for a way to disable it. A machine that isn't part of the domain is out of our control.
I actually don't allow RPC/HTTP to be used on non-domain machines for the sites that I manage and this has kept the security in place.

Simon.
0
 
LVL 2

Expert Comment

by:cj52973
ID: 12355118
RPC/HTTP is designed to allow connectivity to Exchange without the need for a VPN.  If you are using Basic authentication you will see a log-in box each time you attempt to connect to Exchange.  This box will also not have an option to save the password and is very annoying.  Try using NTLM.

This requires NTLMv2 (NAT Friendly) so you have to be running Windows 2000 or higher with Outlook 2003.  
Set your RPC proxy to utilize windows integrated authentication.  
Set you client to utilize NTLM.
See http://support.microsoft.com/default.aspx?scid=kb;en-us;820281 for client side registry edit I set mine to 3.
Try it you should be able to save your password and it will work just fine.  
If not or if not a domain machine try using Run – cmd - control keymgr.dll to create a keychain for the server you are connecting to.  I’ve used the keymgr.dll to set the auth for my SPS and OWA site too.

Use the format username@domainname.com to login

On another note MS could have added the ability to store the password in basic mode.  It would have been just as secure if not more secure than using basic mode in OWA and storeing the password in IE.  This is not a security feature.

Chris
0
 

Expert Comment

by:mentchconsulting
ID: 20924862
I am having this same problem.

So I tried to follow the instructions and ran "control keymgr.dll". It opens up the window "Stored User Names and Passwords", but it only gives me two options:  Remove and Properties.  No button is displayed to "Add".

I am running Windows XP.

How do I get the Add option??  I am the administrator for my computer.
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people use more than one email account and so it becomes difficult for them to manage them when they use separate accounts,  so, in this article, I have shared an easy way to add Other Mail Accounts in your Google Inbox. It helps to combine all…
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question