Solved

Outlook 2007 - cannot create profile after upgrading to 2008 R2 AD

Posted on 2010-08-24
2
626 Views
Last Modified: 2012-05-10
Upgraded domain from 2003 to 2008 R2 native.
1 Exchange 2003 server

Outlook 2003 clients can create new profiles to exchange 2003 with no problems.

Outlook 2007 clients - existing profiles work fine - if try to create a new profile manually, get to check name stage, and it keeps prompting for password.  It will not accept the credentials, it just keeps prompting.  Tried on several client with several different mailboxes.

Discovered that if during profile creation I click on More Settings, Security tab, and set the authentication to NTLM, and set the option to prompt for username/password everytime - then it will prompt for credentials and accept them.  

Also interesting is the fact that once this new profile is created and opened one time, then I can go back to the security settings and set them back to negotiate authentication and uncheck prompt for password and it will work fine.  This explains why the existing profiles all work (because they all have default security configuration).

I am not 100% sure that this happened immediately after domain upgrade to 2008 R2, but I suspect that it did.  All I know is that it worked recently.  They have only been upgraded for 2 weeks now.

Also, our plan is to migrate them to Exchange 2010.  So I figured this may just be a problem with the Exchange 2003 server.  So I went ahead and installed the Exchange 2010 in coexistence.  I have the same problem with mailboxes on both exchange servers.  Exact same symptoms.  That is why I think it has something to do with AD.

Also, just found out that activesync has an issue now too.  There is one user that uses activesync on his iPhone.  Trying to get clarification of exactly when, but at some point recently it stopped sync'ing.  It keeps prompting him for his password, and tells him it is incorrect.

Sorry for the long description, but hoping someone can point me in the right diretion!

Thanks
0
Comment
Question by:jeehole
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 8

Expert Comment

by:Mkris9
ID: 33511362
Have you checked this ?

http://support.microsoft.com/kb/956531
0
 
LVL 2

Accepted Solution

by:
jeehole earned 0 total points
ID: 33535957
Thanks for the comment, but that did not apply.

I ended up finding the solution on my own.  Turns out the SPNs in AD were set incorrectly.

This article helped me correct it:

http://support.microsoft.com/kb/927612

Hopefully this will help someone else....
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question