?
Solved

Questionable Outlook Anywhere log in prompt time

Posted on 2007-11-23
7
Medium Priority
?
1,675 Views
Last Modified: 2010-08-05
Exchange 2007/Outlook 2007 - OWA and Outlook Anywhere are configured and using a commercial SAN cert.

Issue - When a user opens Outlook remotely it takes between 30 - 90 seconds before the log in box comes up and prompts for username and password. In Account Settings - Micsosoft Exchange proxy Settings - I only have "On slow networks, connect using HTTP first, then connect using TCP/IP" checked -However when I also check "On fast networks, connect using HTTP first, then connect using TCP/IP" - the log in box pops up as soon as you open Outlook outside the network - which is my goal.

Bad News - Then when your back on the network you always get prompted for username & password.

I was thinking of trying to set up a GPO or a site policy that disables "On fast network...." when connect to the corporate LAN - but I am not sure how to accomplish this or if this is the best solution to my issue.
0
Comment
Question by:tmorrison3
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 20340377
This is caused by Outlook's poor speed detection. It gets easily confused by home networks. When I deploy RPC over HTTPs I always set the two speed options to use HTTPS. Basically at the moment you are waiting for it to time out and try to use HTTPS.

To get round the authentication problem, try setting integrated authentication on the virtual directory and NTLM authentication in Outlook. You will need to see if the authentication passes through your firewall. It has on the sites I have used.

The feature was primary designed for hosted Exchange providers, who don't care about authentication in different locations because their clients need to authenticate every time.

Simon.
0
 
LVL 3

Author Comment

by:tmorrison3
ID: 20340794
I'll test it on Monday - FYI, we are using a Cisco ASA....
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20340943
I haven't tried it through an ASA, but I know it goes through Cisco PIX. Hopefully Cisco haven't changed too much.

Simon.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 3

Author Comment

by:tmorrison3
ID: 20686868
I am verifying if NTLM Authentication is allowed to pass through our ASA 5510.... then I will test - sorry for the delay.
0
 
LVL 3

Author Comment

by:tmorrison3
ID: 21368813
Sorry for the LOOOOONNNGGG delay. I have verified that NTLM Authentication is passing through our ASA 5510 - If I change the Exchange Proxy settings in my Outlook Client to NTLM Authentication and have On fast network.....and On slow network..... both checked - It passes through windows authentication - both outside the network and inside the network (which is what my boss wants).

So - my question is where - in IIS RPC site or OWA authentication or where can I "set" that the Outlook Clients default to NTLM Authentication and On fast networks......gets "checked" - hope that makes sense.

Thanks
0
 
LVL 104

Accepted Solution

by:
Sembee earned 2000 total points
ID: 21371530
Outlook Anywhere client takes its information from autodiscover. Autodiscover builds it I believe from the Outlook Anywhere configuration in EMC. Therefore if you change the authentication type in EMC to NTLM/Integrated and then run IISRESET, autodiscover should change it.

I haven't worked out how to get both boxes ticked for the speed setting though. It is probably a PowerShell command. One of the very long list of things that I want to look at.

Simon.
0
 
LVL 3

Author Comment

by:tmorrison3
ID: 21722897
I used this link to conifugre Outlook Anywhere for NTLM on the Outlook 2007 Clients and the virtual directories in Exchange 2007 SP1 - http://technet.microsoft.com/en-us/library/bb124149.aspx

I tried to use the Outlook12.adm to create a GPO to check that second box - no dice. I might try using the Office Customization Tools - or just instruct users to check the box. Anyway, Thank you
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question