[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Questionable Outlook Anywhere log in prompt time

Posted on 2007-11-23
7
Medium Priority
?
1,679 Views
Last Modified: 2010-08-05
Exchange 2007/Outlook 2007 - OWA and Outlook Anywhere are configured and using a commercial SAN cert.

Issue - When a user opens Outlook remotely it takes between 30 - 90 seconds before the log in box comes up and prompts for username and password. In Account Settings - Micsosoft Exchange proxy Settings - I only have "On slow networks, connect using HTTP first, then connect using TCP/IP" checked -However when I also check "On fast networks, connect using HTTP first, then connect using TCP/IP" - the log in box pops up as soon as you open Outlook outside the network - which is my goal.

Bad News - Then when your back on the network you always get prompted for username & password.

I was thinking of trying to set up a GPO or a site policy that disables "On fast network...." when connect to the corporate LAN - but I am not sure how to accomplish this or if this is the best solution to my issue.
0
Comment
Question by:tmorrison3
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 20340377
This is caused by Outlook's poor speed detection. It gets easily confused by home networks. When I deploy RPC over HTTPs I always set the two speed options to use HTTPS. Basically at the moment you are waiting for it to time out and try to use HTTPS.

To get round the authentication problem, try setting integrated authentication on the virtual directory and NTLM authentication in Outlook. You will need to see if the authentication passes through your firewall. It has on the sites I have used.

The feature was primary designed for hosted Exchange providers, who don't care about authentication in different locations because their clients need to authenticate every time.

Simon.
0
 
LVL 3

Author Comment

by:tmorrison3
ID: 20340794
I'll test it on Monday - FYI, we are using a Cisco ASA....
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20340943
I haven't tried it through an ASA, but I know it goes through Cisco PIX. Hopefully Cisco haven't changed too much.

Simon.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 3

Author Comment

by:tmorrison3
ID: 20686868
I am verifying if NTLM Authentication is allowed to pass through our ASA 5510.... then I will test - sorry for the delay.
0
 
LVL 3

Author Comment

by:tmorrison3
ID: 21368813
Sorry for the LOOOOONNNGGG delay. I have verified that NTLM Authentication is passing through our ASA 5510 - If I change the Exchange Proxy settings in my Outlook Client to NTLM Authentication and have On fast network.....and On slow network..... both checked - It passes through windows authentication - both outside the network and inside the network (which is what my boss wants).

So - my question is where - in IIS RPC site or OWA authentication or where can I "set" that the Outlook Clients default to NTLM Authentication and On fast networks......gets "checked" - hope that makes sense.

Thanks
0
 
LVL 104

Accepted Solution

by:
Sembee earned 2000 total points
ID: 21371530
Outlook Anywhere client takes its information from autodiscover. Autodiscover builds it I believe from the Outlook Anywhere configuration in EMC. Therefore if you change the authentication type in EMC to NTLM/Integrated and then run IISRESET, autodiscover should change it.

I haven't worked out how to get both boxes ticked for the speed setting though. It is probably a PowerShell command. One of the very long list of things that I want to look at.

Simon.
0
 
LVL 3

Author Comment

by:tmorrison3
ID: 21722897
I used this link to conifugre Outlook Anywhere for NTLM on the Outlook 2007 Clients and the virtual directories in Exchange 2007 SP1 - http://technet.microsoft.com/en-us/library/bb124149.aspx

I tried to use the Outlook12.adm to create a GPO to check that second box - no dice. I might try using the Office Customization Tools - or just instruct users to check the box. Anyway, Thank you
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
how to add IIS SMTP to handle application/Scanner relays into office 365.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question