Solved

Questionable Outlook Anywhere log in prompt time

Posted on 2007-11-23
7
1,669 Views
Last Modified: 2010-08-05
Exchange 2007/Outlook 2007 - OWA and Outlook Anywhere are configured and using a commercial SAN cert.

Issue - When a user opens Outlook remotely it takes between 30 - 90 seconds before the log in box comes up and prompts for username and password. In Account Settings - Micsosoft Exchange proxy Settings - I only have "On slow networks, connect using HTTP first, then connect using TCP/IP" checked -However when I also check "On fast networks, connect using HTTP first, then connect using TCP/IP" - the log in box pops up as soon as you open Outlook outside the network - which is my goal.

Bad News - Then when your back on the network you always get prompted for username & password.

I was thinking of trying to set up a GPO or a site policy that disables "On fast network...." when connect to the corporate LAN - but I am not sure how to accomplish this or if this is the best solution to my issue.
0
Comment
Question by:tmorrison3
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 20340377
This is caused by Outlook's poor speed detection. It gets easily confused by home networks. When I deploy RPC over HTTPs I always set the two speed options to use HTTPS. Basically at the moment you are waiting for it to time out and try to use HTTPS.

To get round the authentication problem, try setting integrated authentication on the virtual directory and NTLM authentication in Outlook. You will need to see if the authentication passes through your firewall. It has on the sites I have used.

The feature was primary designed for hosted Exchange providers, who don't care about authentication in different locations because their clients need to authenticate every time.

Simon.
0
 
LVL 3

Author Comment

by:tmorrison3
ID: 20340794
I'll test it on Monday - FYI, we are using a Cisco ASA....
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20340943
I haven't tried it through an ASA, but I know it goes through Cisco PIX. Hopefully Cisco haven't changed too much.

Simon.
0
Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

 
LVL 3

Author Comment

by:tmorrison3
ID: 20686868
I am verifying if NTLM Authentication is allowed to pass through our ASA 5510.... then I will test - sorry for the delay.
0
 
LVL 3

Author Comment

by:tmorrison3
ID: 21368813
Sorry for the LOOOOONNNGGG delay. I have verified that NTLM Authentication is passing through our ASA 5510 - If I change the Exchange Proxy settings in my Outlook Client to NTLM Authentication and have On fast network.....and On slow network..... both checked - It passes through windows authentication - both outside the network and inside the network (which is what my boss wants).

So - my question is where - in IIS RPC site or OWA authentication or where can I "set" that the Outlook Clients default to NTLM Authentication and On fast networks......gets "checked" - hope that makes sense.

Thanks
0
 
LVL 104

Accepted Solution

by:
Sembee earned 500 total points
ID: 21371530
Outlook Anywhere client takes its information from autodiscover. Autodiscover builds it I believe from the Outlook Anywhere configuration in EMC. Therefore if you change the authentication type in EMC to NTLM/Integrated and then run IISRESET, autodiscover should change it.

I haven't worked out how to get both boxes ticked for the speed setting though. It is probably a PowerShell command. One of the very long list of things that I want to look at.

Simon.
0
 
LVL 3

Author Comment

by:tmorrison3
ID: 21722897
I used this link to conifugre Outlook Anywhere for NTLM on the Outlook 2007 Clients and the virtual directories in Exchange 2007 SP1 - http://technet.microsoft.com/en-us/library/bb124149.aspx

I tried to use the Outlook12.adm to create a GPO to check that second box - no dice. I might try using the Office Customization Tools - or just instruct users to check the box. Anyway, Thank you
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Utilizing an array to gracefully append to a list of EmailAddresses
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question