Solved

Exchange 2007 - prompts for password on Oulook open

Posted on 2010-09-07
32
1,202 Views
Last Modified: 2012-06-27
Hi All,

Brand new Exchange 2007 server, with single name SSL cert.  Problem:

Problem is with Autodiscover; if Basic authentication is turned on, then autodiscovery and Out of office works fine, but basic authentication also requires credentials when outlook starts.
So if you prefer to start outlook without logon then is appears Basic authentic must be disabled.  With Basic auth disabled, users can open Outlook with no password prompt, but autodiscover tests will fail and OOO is unavailable.
Logon window is showing that it is trying to connect to mail.domain.com which  - there is an A record on internal DNS to resolve mail.domain.com to Internal IP of Exchange server.  Local domain is domain.local

There is a single exchange server only running Exch sp3 on Server 2008R2.

AM sure more info will be require so please let me know what you need.

Thanks in anticipation.
0
Comment
Question by:dankilleen
  • 17
  • 11
  • 2
  • +2
32 Comments
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33621129
get-clientaccessserver | fl
get-autodiscovervirtualdirectory | fl

questions ?
a) single exchange server or a CAS array ?
b) did you install UCC/SAN cert of self-signed

thanks
0
 
LVL 20

Expert Comment

by:SatyaPathak
ID: 33621190
Please find IIS authentication type and the SSL requirement for Exchange 2007
 
1) Autodiscover: Basic and Integrated authentication   SSL Optional
2) EWS : Integrated authentication                     NO SSL
3) Exadmin : Basic and Integrated authentication       NO SSL
4) Exchange : Basic and Integrated authentication      SSL Optional
5) Exchweb : Basic and Integrated authentication       NO SSL
6) Microsoft-Server-ActiveSync: Basic authentication   SSL Optional
7) OAB : Integrated authentication                     NO SSL
8) OWA : Basic authentication                          SSL Optional
9) Public : Basic and Integrated authentication        SSL Optional

After that restart IIS and check it.
0
 

Author Comment

by:dankilleen
ID: 33621252
sunnyc7 - as per original post.

Just one server and a single name cert.

[PS] C:\Windows\system32>get-clientaccessserver | fl


Name                           : V4PCMAIL
OutlookAnywhereEnabled         : False
AutoDiscoverServiceCN          : v4PCMAIL
AutoDiscoverServiceClassName   : ms-Exchange-AutoDiscover-Service
AutoDiscoverServiceInternalUri : https://mail.domain.com/Autodiscover/Autodiscover.xml
AutoDiscoverServiceGuid        : 77378f46-2c66-4aa9-a6a6-3e7a48b19596
AutoDiscoverSiteScope          : {Default-First-Site-Name}
IsValid                        : True
OriginatingServer              : v4PCFILE.domain.local
ExchangeVersion                : 0.1 (8.0.535.0)
DistinguishedName              : CN=V4PCMAIL,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF2
                                 3SPDLT),CN=Administrative Groups,CN=First Organization,CN=Microsof
                                 t Exchange,CN=Services,CN=Configuration,DC=domain,DC=local
Identity                       : V4PCMAIL
Guid                           : d933cc57-7a75-4fbc-9072-875bb5a8348b
ObjectCategory                 : domain.local/Configuration/Schema/ms-Exch-Exchange-Server
ObjectClass                    : {top, server, msExchExchangeServer}
WhenChanged                    : 01/09/2010 22:42:27
WhenCreated                    : 14/08/2010 19:01:17
*************************************************************************

[PS] C:\Windows\system32>get-autodiscovervirtualdirectory | fl


Name                          : Autodiscover (Default Web Site)
InternalAuthenticationMethods : {Ntlm, WindowsIntegrated}
ExternalAuthenticationMethods : {Ntlm, WindowsIntegrated}
BasicAuthentication           : False
DigestAuthentication          : False
WindowsAuthentication         : True
MetabasePath                  : IIS://V4PCMAIL.domain.local/W3SVC/1/ROOT/Autodiscover
Path                          : D:\Program Files\Microsoft\Exchange Server\ClientAccess\Autodiscove
                                r
Server                        : V4PCMAIL
InternalUrl                   : https://v4pcmail.domain.local/Autodiscover/Autodiscover.xml
ExternalUrl                   :
AdminDisplayName              :
ExchangeVersion               : 0.1 (8.0.535.0)
DistinguishedName             : CN=Autodiscover (Default Web Site),CN=HTTP,CN=Protocols,CN=V4PCMAIL
                                ,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=A
                                dministrative Groups,CN=First Organization,CN=Microsoft Exchange,CN
                                =Services,CN=Configuration,DC=domain,DC=local
Identity                      : V4PCMAIL\Autodiscover (Default Web Site)
Guid                          : 11517374-a800-4dbd-9df7-2e7e0a7c8cdf
ObjectCategory                : domain.local/Configuration/Schema/ms-Exch-Auto-Discover-Virtual
                                -Directory
ObjectClass                   : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualDirectory}
WhenChanged                   : 06/09/2010 13:14:19
WhenCreated                   : 14/08/2010 19:09:09
OriginatingServer             : v4PCFILE.domain.local
IsValid                       : True




0
 

Author Comment

by:dankilleen
ID: 33621328
Satya,

Thanks.  verified all settings.  Only change was to remove SSL from EWS.

Ran IISREST and opened Outlook - the prompt is still there.

Thanks
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33621352
Run these 2 commands

Get-AutodiscoverVirtualDirectory | set-AutodiscoverVirtualDirectory -InternalUrl:"https://v4pcmail.domain.local/Autodiscover/Autodiscover.xml"

Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri:"https://v4pcmail.domain.local/Autodiscover/Autodiscover.xml"

------
Whats your external FQDN

Assuming it is mail.domain.com - replace mail.domain.com in the code below.

Get-AutodiscoverVirtualDirectory | set-AutodiscoverVirtualDirectory -ExternalUrl:"https://mail.domain.com/Autodiscover/Autodiscover.xml"

---
also output

get-exchangecertificate | fl

thanks
0
 

Author Comment

by:dankilleen
ID: 33621506
SunnyC - all done.  See output

NOTE - starting outlook now gives a MAIL CERT error and THEN prompts for username/password.  presumably because Exchange is bound to mail.domain.com cert not internal cert


[PS] C:\Windows\system32>Get-AutodiscoverVirtualDirectory | set-AutodiscoverVirtualDirectory -Intern
alUrl:"https://v4pcmail.domain.local/Autodiscover/Autodiscover.xml"
WARNING: The command completed successfully but no settings of 'V4PCMAIL\Autodiscover (Default Web
Site)' have been modified.
[PS] C:\Windows\system32>Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInterna
lUri:"https://v4pcmail.domain.local/Autodiscover/Autodiscover.xml"
[PS] C:\Windows\system32>Get-AutodiscoverVirtualDirectory | set-AutodiscoverVirtualDirectory -Extern
alUrl:"https://mail.domain.com/Autodiscover/Autodiscover.xml"
[PS] C:\Windows\system32>get-exchangecertificate | fl


AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessCont
                     rol.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {cjsm.domain.com}
HasPrivateKey      : True
IsSelfSigned       : False
Issuer             : E=raymond.edah@cwipapps.net, CN=Criminal Justice IT Root CA (CJSM), OU=CJIT Se
                     cure Mail, O=Cable & Wireless plc, L=Swindon, S=Wiltshire, C=GB
NotAfter           : 18/08/2013 02:56:24
NotBefore          : 18/08/2010 02:56:24
PublicKeySize      : 1024
RootCAType         : Registry
SerialNumber       : 011F
Services           : SMTP
Status             : Unknown
Subject            : CN=cjsm.domain.com, O=Judgment Ltd
Thumbprint         : F674217D434FFB45C2DE70C23D41D2C2FBC8A98A

AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessCont
                     rol.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {mail.domain.com}
HasPrivateKey      : True
IsSelfSigned       : False
Issuer             : OU=Equifax Secure Certificate Authority, O=Equifax, C=US
NotAfter           : 13/08/2012 20:36:16
NotBefore          : 16/08/2010 00:40:24
PublicKeySize      : 1024
RootCAType         : ThirdParty
SerialNumber       : 144817
Services           : IMAP, POP, IIS, SMTP
Status             : Valid
Subject            : CN=mail.domain.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.
                     rapidssl.com/resources/cps (c)10, OU=4245279748, O=mail.domain.com, C=GB,
                     SERIALNUMBER=TAvj3wq9-XFXNXV7SqjJvwaKuA5hKDsL
Thumbprint         : 8168D289C2BE70A6CFBD32A6B8F22FF17950165D

AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessCont
                     rol.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule, Sy
                     stem.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {v4PCMAIL, v4PCMAIL.domain.local}
HasPrivateKey      : True
IsSelfSigned       : True
Issuer             : CN=v4PCMAIL
NotAfter           : 14/08/2011 19:03:23
NotBefore          : 14/08/2010 19:03:23
PublicKeySize      : 2048
RootCAType         : None
SerialNumber       : 6B7BEBFCF721F99649EA0FE813441394
Services           : SMTP
Status             : Valid
Subject            : CN=v4PCMAIL
Thumbprint         : D64F3CB912996465CED5242335EF9385310ABA81
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33621543
ok
we need to make some changes :)

a) your cert is in the name of mail.domain.com
CertificateDomains : {mail.domain.com}
HasPrivateKey      : True
IsSelfSigned       : False
Issuer             : OU=Equifax Secure Certificate Authority, O=Equifax, C=US

--
What we will do is this.
a) Create a DNS entry for mail.domain.com (that is your external FQDN - in the name of which the cert is issued)

Create an A-Record
Assign it local LAN IP of exchange server.

b) Change the scripts above, to point to mail.domain.com - to get their autodiscover URL's

Get-AutodiscoverVirtualDirectory | set-AutodiscoverVirtualDirectory -InternalUrl:"https://mail.domain.com/Autodiscover/Autodiscover.xml"

Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri:"https://mail.domain.com/Autodiscover/Autodiscover.xml"

--
then start outlook and see what happens.


0
 

Author Comment

by:dankilleen
ID: 33621567
OK will do - but isn't that just changing it back (internal URL) to what is was before we started!?  Will update you shortly
0
 

Author Comment

by:dankilleen
ID: 33621599
OK, all done.  DNS A record already existed.  Back to swuare 1.  i.e. start outlook and am immediately prompted for auth to mail.domain.com

If I enter the details in domain\username format, everything works.  But users should not have to and will not enter that every time outlook starts.  If I cancel it, OOO does not function and outlook displays "need password" in botton right hand side.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33621638
hmm

so you have domain\username thing.

will post back :)
0
 

Author Comment

by:dankilleen
ID: 33621645
correct.  please do - I have tried every KB article and blog on the subject and cannot see where I went wrong....
0
 

Author Comment

by:dankilleen
ID: 33622278
see attached image - it gives error 401 UNAUTHORISED.
ews-error.JPG
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33622322
try

Test-OutlookWebServices -Identity:user@domain.com

0
 

Author Comment

by:dankilleen
ID: 33622363
[PS] C:\Windows\system32>Test-OutlookWebServices -Identity:cbond@domain.com | fl


Id      : 1003
Type    : Information
Message : About to test AutoDiscover with the e-mail address CBond@domain.com.

Id      : 1013
Type    : Error
Message : When contacting https://autodiscover.domain.com/autodiscover/autodiscover.xml receive
          d the error The remote name could not be resolved: 'autodiscover.domain.com'

Id      : 1006
Type    : Error
Message : The Autodiscover service could not be contacted.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33622391
thats fine - you dont have a autodiscover DNS entry.

I will post back on the NTLM thing
0
 

Author Comment

by:dankilleen
ID: 33622439
autodiscover A record added for domain.com

autodiscover A record already existed for domain.local
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 

Author Comment

by:dankilleen
ID: 33622486
ah - have removed the A record for autodiscover.domain.com as it resulted in Cert prompt when opening outlook, looking for mail.domain.com

Interested to hear thoughts on ntlm idea.
0
 
LVL 9

Expert Comment

by:v_9mhdrf
ID: 33624531
Please check the following steps mentioned below:-

Autodiscover = Basic + Windows Integrated + SSL Forced == Disable - Kernel Mode Authentication.
OAB= Windows Integrated = Disable - Kernel Mode Authentication.
EWS= Windows Integrated = Disable - Kernel Mode Authentication + SSL forced.

Follow the kb-940726, and run the following command on the server.

Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUri https://mail.contoso.com/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://mail.contoso.com/ews/exchange.asmx

Set-OABVirtualDirectory -Identity "CAS_Server_name\oab (Default Web Site)" -InternalUrl https://mail.contoso.com/oab

Please run the following command in the management shell:-

test-outlookWebserivces | fl and see the result. If you get 401 Unauthorized please follow the below link and restart the server.

DisableLoopbackcheck registry.
key as per the article <http://support.microsoft.com/kb/896861>.


Then perform "SetSPN -a http/(Exchange server FQDN) (Exchange server name)"

Check the HTTP keep alive in IIS 7 in the following place:-
HTTP response headers on Default WebSite == set common headers.

If still the issue persists, please follow this steps:-

Delete and recreate the Autodiscover/ EWS Virtual Directories.
Remove-AutodiscoverVirtualDirectory -identity "CAS server name\Autodiscover (Default Web Site)"
Remove-WebservicesVirtualDirectory -identity "CAS server name\EWS (Default Web Site)"

new-AutodiscoverVirtualDirectory
new-WebservicesVirtualDirectory
And follow the kb-940726 again to set the InternalUri.
Perform IISreset.

And also please check whether you have 3.5 .netFramework, if yes please download and install the following hotfix.
KB- 958934

And Run Test EmailAutoconfiguration  from outlook 2007 client, and please select only Autodiscover. Remove Guessmart and Secure Guess mart.

Please check out these steps and revert back if the issue persists.

Thanks.
Mohammed
0
 
LVL 2

Accepted Solution

by:
maz_ee earned 500 total points
ID: 33625870
Hello,

Plz. follow these steps to resolve the issue

In IIS => Go to Autodiscover => Ensure that Windows Authentication is selected => rt. click on  Windows Authentication => Select Providers => Add the Negotiate, NTLM & Kerberos authentication.

Do the same for EWS virtual directory

Do a iisreset
0
 

Author Comment

by:dankilleen
ID: 33626124
maz_ee,

You legend.

I added NTLM to both Autodiscover and EWS.

Had a choice between:
1. Negotiate
2, Negotiate; Kerberos

Which should be selected?

I selected 2. and ran IISRESET.  outlook starting to work with no prompts and out of office works.

However, testing from Command Shell still failrs with 401 Unauthorised.....?  Ideas?

cheers
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33626914
dan
can you copy paste the 401 errors.

Also - run this test again please and lets see if all issues are resolved.

[PS] C:\Windows\system32>Test-OutlookWebServices -Identity:cbond@domain.com | fl

thanks
0
 

Author Comment

by:dankilleen
ID: 33627669
hi - pls see below/code[PS] C:\Windows\system32>Test-OutlookWebServices |fl


Id      : 1003
Type    : Information
Message : About to test AutoDiscover with the e-mail address Administrator@domain.com.

Id      : 1007
Type    : Information
Message : Testing server V4PCMAIL.domain.local with the published name https://mail.domain.
          com/EWS/exchange.asmx & https://mail.domain.com/EWS/Exchange.asmx.

Id      : 1019
Type    : Information
Message : Found a valid AutoDiscover service connection point. The AutoDiscover URL on this object
          is https://mail.domain.com/Autodiscover/autodiscover.xml.

Id      : 1013
Type    : Error
Message : When contacting https://mail.domain.com/Autodiscover/autodiscover.xml received the er
          ror The remote server returned an error: (401) Unauthorized.

Id      : 1013
Type    : Error
Message : When contacting https://mail.domain.com/Autodiscover/autodiscover.xml received the er
          ror The specified target is unknown or unreachable

Id      : 1006
Type    : Error
Message : The Autodiscover service could not be contacted.
[PS] C:\Windows\system32>Test-OutlookWebServices -Identity:cbond@domain.com | fl





Id      : 1003

Type    : Information

Message : About to test AutoDiscover with the e-mail address CBond@domain.com.



Id      : 1013

Type    : Error

Message : When contacting https://mail.domain.com/Autodiscover/autodiscover.xml received the er

          ror The remote server returned an error: (401) Unauthorized.



Id      : 1013

Type    : Error

Message : When contacting https://mail.domain.com/Autodiscover/autodiscover.xml received the er

          ror The specified target is unknown or unreachable



Id      : 1006

Type    : Error

Message : The Autodiscover service could not be contacted.

Open in new window

0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33627682
run this again please

Get-AutodiscoverVirtualDirectory | fl

thanks
0
 

Author Comment

by:dankilleen
ID: 33627700
If I browse to https://mail.domain.com/Autodiscover/autodiscover.xml I am prompted for username and PW

If I cancel this prompt, I get HTTP Error 401.2 - Unauthorized

If I enter username / PW, it rejects them a few times and then returns - HTTP Error 401.1 - Unauthorized

Outlook IS working without prompts now though, and OOO IS available.

thanks
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33627708
when you ping mail.domain.com - does it show your external FQDN or internal ?
0
 

Author Comment

by:dankilleen
ID: 33627712
here you go for Get-AutodiscoverVirtualDirectory | fl
[PS] C:\Windows\system32>Get-AutodiscoverVirtualDirectory | fl





Name                          : Autodiscover (Default Web Site)

InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}

ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}

BasicAuthentication           : True

DigestAuthentication          : False

WindowsAuthentication         : True

MetabasePath                  : IIS://V4PCMAIL.domain.local/W3SVC/1/ROOT/Autodiscover

Path                          : D:\Program Files\Microsoft\Exchange Server\ClientAccess\Autodiscove

                                r

Server                        : V4PCMAIL

InternalUrl                   : https://mail.domain.com/Autodiscover/Autodiscover.xml

ExternalUrl                   : https://mail.domain.com/Autodiscover/Autodiscover.xml

AdminDisplayName              :

ExchangeVersion               : 0.1 (8.0.535.0)

DistinguishedName             : CN=Autodiscover (Default Web Site),CN=HTTP,CN=Protocols,CN=V4PCMAIL

                                ,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=A

                                dministrative Groups,CN=First Organization,CN=Microsoft Exchange,CN

                                =Services,CN=Configuration,DC=domain,DC=local

Identity                      : V4PCMAIL\Autodiscover (Default Web Site)

Guid                          : 11517374-a800-4dbd-9df7-2e7e0a7c8cdf

ObjectCategory                : domain.local/Configuration/Schema/ms-Exch-Auto-Discover-Virtual

                                -Directory

ObjectClass                   : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualDirectory}

WhenChanged                   : 07/09/2010 21:16:55

WhenCreated                   : 14/08/2010 19:09:09

OriginatingServer             : v4PCFILE.domain.local

IsValid                       : True

Open in new window

0
 

Author Comment

by:dankilleen
ID: 33627776
yes, ping resolves fine (internal)


Microsoft Windows [Version 6.1.7600]

Copyright (c) 2009 Microsoft Corporation.  All rights reserved.



C:\Users\sproutit>ping mail.domain



Pinging mail.domain [128.10.20.1] with 32 bytes of data:

Reply from 128.10.20.1: bytes=32 time<1ms TTL=128

Reply from 128.10.20.1: bytes=32 time<1ms TTL=128

Reply from 128.10.20.1: bytes=32 time<1ms TTL=128

Reply from 128.10.20.1: bytes=32 time<1ms TTL=128



Ping statistics for 128.10.20.1:

    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms



C:\Users\sproutit>

Open in new window

0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33627794
Also
get-webservicesvirtualdirectory | fl

thanks
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33627843
Dan
start > run > appwiz.cpl

Check windows updates installed.
See if this kb is installed
KB948609

If it is there - uninstall it.

then try this again
Test-OutlookWebServices -Identity:cbond@domain.com | fl

thanks
0
 

Author Comment

by:dankilleen
ID: 33628530
get-webservicesvirtualdirectory | fl
[PS] C:\Windows\system32>get-webservicesvirtualdirectory | fl





InternalNLBBypassUrl          : https://v4pcmail.domain.local/ews/exchange.asmx

Name                          : EWS (Default Web Site)

InternalAuthenticationMethods : {Ntlm, WindowsIntegrated, Basic}

ExternalAuthenticationMethods : {Ntlm, WindowsIntegrated, Basic}

BasicAuthentication           : True

DigestAuthentication          : False

WindowsAuthentication         : True

MetabasePath                  : IIS://V4PCMAIL.domain.local/W3SVC/1/ROOT/EWS

Path                          : D:\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\EWS

Server                        : V4PCMAIL

InternalUrl                   : https://mail.domain/EWS/exchange.asmx

ExternalUrl                   : https://mail.domain/EWS/Exchange.asmx

AdminDisplayName              :

ExchangeVersion               : 0.1 (8.0.535.0)

DistinguishedName             : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=V4PCMAIL,CN=Serve

                                rs,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administra

                                tive Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services

                                ,CN=Configuration,DC=domain,DC=local

Identity                      : V4PCMAIL\EWS (Default Web Site)

Guid                          : 2ac6b1d9-5818-45bd-a1fb-b6ef41bb352c

ObjectCategory                : domain.local/Configuration/Schema/ms-Exch-Web-Services-Virtual-

                                Directory

ObjectClass                   : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory}

WhenChanged                   : 07/09/2010 16:00:50

WhenCreated                   : 14/08/2010 19:09:19

OriginatingServer             : v4PCFILE.domain.local

IsValid                       : True

Open in new window

0
 

Author Comment

by:dankilleen
ID: 33628567
KB948609 is not installed.
0
 
LVL 2

Expert Comment

by:maz_ee
ID: 33647282
Hello dankilleen,

Plz. follow these steps to get a successful output when using the shell cmd

# Click Start, click Run, type regedit, and then click OK.
# In Registry Editor, locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
# Right-click Lsa, point to New, and then click DWORD Value.
# Type DisableLoopbackCheck, and then press ENTER.
# Right-click DisableLoopbackCheck, and then click Modify.
# In the Value data box, type 1, and then click OK.
# Quit Registry Editor, and then restart your computer.

Then run the shell cmd and it would not give any errors :)

0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now