?
Solved

Outlook users being asked to login

Posted on 2011-03-09
20
Medium Priority
?
449 Views
Last Modified: 2012-05-11
Hi everyone,

For some reason over the last few hours, the users in my office have been receiving prompts from Outlook (2007 and 2010) to login... usually to our webmail server for some strange reason.  We never had this issue before upgrading to Exchange 2010.  Why would they be getting a login request from our webmail server when they are just using Outlook?  

FYI, closing and re-opening Outlook fixes it temporarily.
0
Comment
Question by:Longshot9
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 8
20 Comments
 

Expert Comment

by:alongacre
ID: 35089977
Here are two things to check on the local workstations.  It almost sounds like the workstations have the 2007 Exchange user pws stored?

Option #1

1.Open the Registry Editor by clicking Start > Run. Type regedit in the box, and then press Enter.
2.Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\
3.In the right pane, double-click lmcompatibilitylevel.
4.In the Value data box, type a value of 2 and then click OK.
5.Close Registry Editor and restart your computer.

Option #2

1.go to start run keymgr.dll and click enter
2.Click and and then Enter your Server Name from Step 1, then enter your domain\mailbox name and enter your mailbox password.
0
 

Author Comment

by:Longshot9
ID: 35090458
We never purposely stored any exchange passwords on the users desktops.  When we were using Exchange 2003 our users were never prompted to login to use outlook.  This hasn't been a problem so far with Exchange 2010, but for some reason today it started happening.  

What does option #1 and 2 do specifically?

Thanks for the response.
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35092734
On your CAS do:
Get-exchangecertificate |fl
And make sure the IIS one is still valid

0
What Is Blockchain Technology?

Blockchain is a technology that underpins the success of Bitcoin and other digital currencies, but it has uses far beyond finance. Learn how blockchain works and why it is proving disruptive to other areas of IT.

 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35092748

Time to test outlook autoconfig:
With outlook open, hold down CTRL key and right click on the Outlook icon in the bottom right hand side of your screen, them on the popup menu select the "Test Autoconfiguration". Select that, enter valid credentials and select the "autodiscover" option only and test.

See if you get any errors from the above
0
 

Author Comment

by:Longshot9
ID: 35095813
Hi Meganuk,

thanks for the response.  Assuming CAS is Client Access Server, we don't run one of those.

MegaNuk3:
On your CAS do:
Get-exchangecertificate |fl
And make sure the IIS one is still valid
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35097158
You do have a CAS otherwise no Outlook users would be able to access their mailboxes and OWA wouldn't work.
0
 

Author Comment

by:Longshot9
ID: 35097875
That command shows IIS as one of the services and at the bottom says status: valid.  Is there anything else I should be looking for?


MegaNuk3:
On your CAS do:
Get-exchangecertificate |fl
And make sure the IIS one is still valid
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35097918
Cert sounds OK
Now try the outlook autoconfig test I mentioned above and see if you get any errors for that.
0
 

Author Comment

by:Longshot9
ID: 35097996
No errors when running this test.


Time to test outlook autoconfig:
With outlook open, hold down CTRL key and right click on the Outlook icon in the bottom right hand side of your screen, them on the popup menu select the "Test Autoconfiguration". Select that, enter valid credentials and select the "autodiscover" option only and test.

See if you get any errors from the above
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35098088
Ok, can you see Free Busy time without being prompted for login? What about setting an Out of office message and what about downloading the OAB?

Does a noncached client get prompted for credentials more than a cached mode Outlook client?
0
 

Author Comment

by:Longshot9
ID: 35098631
Users are prompted for the login as soon as they open outlook fyi.

I've never viewed free/busy time in outlook, I apologize for my stupidity ;)  I don't even know how to.

I set an OOO message for someone yesterday while this was happening and it is working (at least it's sending out replies)

OAB has been trying to download for the past 15 minutes and is just sitting on "connecting to microsoft exchange server"
0
 

Author Comment

by:Longshot9
ID: 35098733
Task 'user@domain.com' reported error (0x80080005) : 'The program for the attachment may not have been installed properly or may have been moved or deleted.  Reinstall the program in which the attachment was created.'
0
 

Author Comment

by:Longshot9
ID: 35098767
Also just another note, the login screen they are prompted with changes randomly from the webmail address to the autodiscover address.  
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35098919
Is the webmail the Exchange CAS server name?

Hold down the CTRL key with outlook open and then Right-click on the outlook icon and then choose " connection status". See if Outlook is connecting over HTTP or TCP/IP
0
 

Author Comment

by:Longshot9
ID: 35098931
It is connected over tcp/ip

I'm sorry, i don't know the answer to the first one.
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35099087
How many Exchange servers do you have? If it is just 1 then that is your client access server. Are the names that Outlook is displaying on your certificate? Are the names resolvable internally to the internal IP address of your CAS server?
0
 

Author Comment

by:Longshot9
ID: 35099121
We have 2.  One here in San Francisco, the other in Los Angeles.  I can resolve both names internally to their IP addresses.  Where do I check the certificate?  I'm sorry for the stupid questions, my firm hired outside consultants to migrate us, haven't trained me on exchange 2010 yet, but expect me to fix it when problems arise.  
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35099520
Get-exchangecertificate |fl
Should show you "subject" on the cert which is the names it is valid for. Look at the common name too.
Does Outlook ever show the name of the LA server?
0
 

Accepted Solution

by:
Longshot9 earned 0 total points
ID: 35219422
Turned out to be an issue with IIS forwarding everything to owa address instead of just forwarding owa to it.  Solved.
0
 

Author Closing Comment

by:Longshot9
ID: 35252822
Solution found with help from an outsource vendor we use.
0

Featured Post

Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses
Course of the Month12 days, 13 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question