Link to home
Create AccountLog in
Avatar of Longshot9
Longshot9

asked on

Outlook users being asked to login

Hi everyone,

For some reason over the last few hours, the users in my office have been receiving prompts from Outlook (2007 and 2010) to login... usually to our webmail server for some strange reason.  We never had this issue before upgrading to Exchange 2010.  Why would they be getting a login request from our webmail server when they are just using Outlook?  

FYI, closing and re-opening Outlook fixes it temporarily.
Avatar of alongacre
alongacre

Here are two things to check on the local workstations.  It almost sounds like the workstations have the 2007 Exchange user pws stored?

Option #1

1.Open the Registry Editor by clicking Start > Run. Type regedit in the box, and then press Enter.
2.Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\
3.In the right pane, double-click lmcompatibilitylevel.
4.In the Value data box, type a value of 2 and then click OK.
5.Close Registry Editor and restart your computer.

Option #2

1.go to start run keymgr.dll and click enter
2.Click and and then Enter your Server Name from Step 1, then enter your domain\mailbox name and enter your mailbox password.
Avatar of Longshot9

ASKER

We never purposely stored any exchange passwords on the users desktops.  When we were using Exchange 2003 our users were never prompted to login to use outlook.  This hasn't been a problem so far with Exchange 2010, but for some reason today it started happening.  

What does option #1 and 2 do specifically?

Thanks for the response.
On your CAS do:
Get-exchangecertificate |fl
And make sure the IIS one is still valid


Time to test outlook autoconfig:
With outlook open, hold down CTRL key and right click on the Outlook icon in the bottom right hand side of your screen, them on the popup menu select the "Test Autoconfiguration". Select that, enter valid credentials and select the "autodiscover" option only and test.

See if you get any errors from the above
Hi Meganuk,

thanks for the response.  Assuming CAS is Client Access Server, we don't run one of those.

MegaNuk3:
On your CAS do:
Get-exchangecertificate |fl
And make sure the IIS one is still valid
You do have a CAS otherwise no Outlook users would be able to access their mailboxes and OWA wouldn't work.
That command shows IIS as one of the services and at the bottom says status: valid.  Is there anything else I should be looking for?


MegaNuk3:
On your CAS do:
Get-exchangecertificate |fl
And make sure the IIS one is still valid
Cert sounds OK
Now try the outlook autoconfig test I mentioned above and see if you get any errors for that.
No errors when running this test.


Time to test outlook autoconfig:
With outlook open, hold down CTRL key and right click on the Outlook icon in the bottom right hand side of your screen, them on the popup menu select the "Test Autoconfiguration". Select that, enter valid credentials and select the "autodiscover" option only and test.

See if you get any errors from the above
Ok, can you see Free Busy time without being prompted for login? What about setting an Out of office message and what about downloading the OAB?

Does a noncached client get prompted for credentials more than a cached mode Outlook client?
Users are prompted for the login as soon as they open outlook fyi.

I've never viewed free/busy time in outlook, I apologize for my stupidity ;)  I don't even know how to.

I set an OOO message for someone yesterday while this was happening and it is working (at least it's sending out replies)

OAB has been trying to download for the past 15 minutes and is just sitting on "connecting to microsoft exchange server"
Task 'user@domain.com' reported error (0x80080005) : 'The program for the attachment may not have been installed properly or may have been moved or deleted.  Reinstall the program in which the attachment was created.'
Also just another note, the login screen they are prompted with changes randomly from the webmail address to the autodiscover address.  
Is the webmail the Exchange CAS server name?

Hold down the CTRL key with outlook open and then Right-click on the outlook icon and then choose " connection status". See if Outlook is connecting over HTTP or TCP/IP
It is connected over tcp/ip

I'm sorry, i don't know the answer to the first one.
How many Exchange servers do you have? If it is just 1 then that is your client access server. Are the names that Outlook is displaying on your certificate? Are the names resolvable internally to the internal IP address of your CAS server?
We have 2.  One here in San Francisco, the other in Los Angeles.  I can resolve both names internally to their IP addresses.  Where do I check the certificate?  I'm sorry for the stupid questions, my firm hired outside consultants to migrate us, haven't trained me on exchange 2010 yet, but expect me to fix it when problems arise.  
Get-exchangecertificate |fl
Should show you "subject" on the cert which is the names it is valid for. Look at the common name too.
Does Outlook ever show the name of the LA server?
ASKER CERTIFIED SOLUTION
Avatar of Longshot9
Longshot9

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Solution found with help from an outsource vendor we use.