Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Outlook 2007 client asks for password when it is opend

Posted on 2010-09-16
Medium Priority
Last Modified: 2012-05-10
I have a 2008 R2 server with Exchange 2007 SP 3 and IIS 7.  I am not using any external mail such as Outlook Anywhere.
All my client PCs use Outlook 2007.  
When I open Outlook I get prompted for a username and password.  I can cancel it and everything works fine, however when I go to open Out of Office Assistant it prompts me again.  If I enter the correct domain user and pass then it lets me in with no problem.  My EWS virtual directory is using both basic and Windows Authentication when this happens.  If I disable basic authentication on the EWS Virtual Directory then I am not prompted for a user and pass, however the Out of Office replies with, "Your Out of Office settings cannot be displayed, because the server is currently unavailable.  Tray again later.”
I have recreated the Virtual Directories, and still have the same issue.
Any help would be greatly appreciated.
Question by:Kalmeradmin
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
LVL 16

Expert Comment

ID: 33695356
check for stored passwords by opening run command and type control userpasswords2, make sure there are no managed passwords.

Also you might have to change the authentication type to kerbos etc.  Another thing to watch out for is if you have a filter (proxy), I ran into this issue because default proxy also added the address to ftp and such when it only need to be in the http:
LVL 28

Expert Comment

ID: 33695494
get-clientaccessserver | fl
get-autodiscovervirtualdirectory | fl
get-exchangecertificate | fl

Please post results of all these commands.
Run them from exchange shell.


Author Comment

ID: 33695791

Here is a file of the requested information.
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

LVL 28

Expert Comment

ID: 33695800
This is the reason you are getting prompts

[PS] C:\Windows\system32>get-autodiscovervirtualdirectory |fl

InternalUrl                   :
ExternalUrl                   :

Please confirm if exchange server FQDN is -
LVL 28

Assisted Solution

sunnyc7 earned 1000 total points
ID: 33695836
this is what you need to do :
a) run these 2 commands
replace internal and external FQDN with your own in appropriate places.

Get-AutodiscoverVirtualDirectory | set-AutodiscoverVirtualDirectory -InternalUrl:"https://ExchSRV.domain.local/Autodiscover/Autodiscover.xml"

Get-AutodiscoverVirtualDirectory | set-AutodiscoverVirtualDirectory -ExternalUrl:"https://mail.domain.com/Autodiscover/Autodiscover.xml"

b) Your get-exchangecertificate | fl
shows - isSelfSigned - True

So you need to buy a UCC/SAN cert from someone like Godaddy / Digicert and then install it for all services.
After you download the Cert from Godaddy, you can use this tool to install it.


Author Comment

ID: 33696210
I have set the Internal and External Urls in the autodiscover virtual directory and confirmed that they are both correct.  I already had an internal dns zone for my external domain and have the mail.externaldomain.com pointed to the internal IP.  This works fine from local PCs on the domain.
I have tested e-mail autoconfiguration from Outlook and it found the autodiscover.xml through SCP.

I still have the exact same problem after adding the URLs.
I don't see where adding a new certificate will fix this problem, is there something to the cert that I am not aware of?

UESCOMP - I had already checked most of what you recommended and none were the issue.

Everything seems to be working fine other than the authentication from Outlook to the server when needing to open Out of Office Assistant.  It is my understanding that Basic Authentication should be disabled for the EWS Virtual Directory, however if I do disable it then Out of Office Assitant gets the message stated in the original question.
LVL 28

Expert Comment

ID: 33696225
you need UCC/SAN Cert
for outlook to work.

The name on your cert has to match the name on exchange server.
If you are using RPC/HTTPS - it has to match the external FQDN of your domain.

If you just want a hack and want to get it done with -- here it is.

If “Remember my password” doesn’t work and you keep getting prompted:
a) close outlook
b) go to Start... Run and type 'control userpasswords2' (without the quotes) and press OK
c) click on the Advanced tab and press 'Manage Passwords'
d) find the entry for your mail server and click ‘Properties’
e) erase the Server name and type in the name of your DC /  global catalog server
f) leave the password blank and click OK
g) start Outlook, enter your password and check off ‘Remember my password’ one last time. It should not prompt again.


Author Comment

ID: 33697182
I have requested a UCC cert and waiting for validation.  Once I get it installed on the server and tested.  I will let you know how it looks.

Author Comment

ID: 33703487
I have got a UCC Cert from Godaddy and went through their instructions for installing.  I then enabled it int the powershell for all services.  The Cert shows up good and all the name match my Netowrk information, however I am still getting the same problem with Out of Office Assistant.  Is there anything else with the Cert that I need to look at?

Accepted Solution

Kalmeradmin earned 0 total points
ID: 33713684
I have finally got it fixed.  I must have had a corrupt EWS virtual directory.  I had already recreated the Autodiscover but I must not have redone the EWS.  I removed it with following command:

Remove-WebServicesVirtualDirectory -Identity "EWS (Default Web Site)" -Confirm:$false

and recreated it with the following:

New-WebServicesVirtualDirectory -WebsiteName "Default Web Site"
-InternalUrl "https://INTERNAL_FQDN_OF_EXCHANGE/EWS/Exchange.asmx" -windowsauthentication 1

(all one line)

After this I restarted IIS and it worked.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question