Avatar of Longshot9
Longshot9
 asked on

Outlook users being asked to login

Hi everyone,

For some reason over the last few hours, the users in my office have been receiving prompts from Outlook (2007 and 2010) to login... usually to our webmail server for some strange reason.  We never had this issue before upgrading to Exchange 2010.  Why would they be getting a login request from our webmail server when they are just using Outlook?  

FYI, closing and re-opening Outlook fixes it temporarily.
HardwareOutlookExchange

Avatar of undefined
Last Comment
Longshot9

8/22/2022 - Mon
alongacre

Here are two things to check on the local workstations.  It almost sounds like the workstations have the 2007 Exchange user pws stored?

Option #1

1.Open the Registry Editor by clicking Start > Run. Type regedit in the box, and then press Enter.
2.Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\
3.In the right pane, double-click lmcompatibilitylevel.
4.In the Value data box, type a value of 2 and then click OK.
5.Close Registry Editor and restart your computer.

Option #2

1.go to start run keymgr.dll and click enter
2.Click and and then Enter your Server Name from Step 1, then enter your domain\mailbox name and enter your mailbox password.
Longshot9

ASKER
We never purposely stored any exchange passwords on the users desktops.  When we were using Exchange 2003 our users were never prompted to login to use outlook.  This hasn't been a problem so far with Exchange 2010, but for some reason today it started happening.  

What does option #1 and 2 do specifically?

Thanks for the response.
MegaNuk3

On your CAS do:
Get-exchangecertificate |fl
And make sure the IIS one is still valid

This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
MegaNuk3


Time to test outlook autoconfig:
With outlook open, hold down CTRL key and right click on the Outlook icon in the bottom right hand side of your screen, them on the popup menu select the "Test Autoconfiguration". Select that, enter valid credentials and select the "autodiscover" option only and test.

See if you get any errors from the above
Longshot9

ASKER
Hi Meganuk,

thanks for the response.  Assuming CAS is Client Access Server, we don't run one of those.

MegaNuk3:
On your CAS do:
Get-exchangecertificate |fl
And make sure the IIS one is still valid
MegaNuk3

You do have a CAS otherwise no Outlook users would be able to access their mailboxes and OWA wouldn't work.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Longshot9

ASKER
That command shows IIS as one of the services and at the bottom says status: valid.  Is there anything else I should be looking for?


MegaNuk3:
On your CAS do:
Get-exchangecertificate |fl
And make sure the IIS one is still valid
MegaNuk3

Cert sounds OK
Now try the outlook autoconfig test I mentioned above and see if you get any errors for that.
Longshot9

ASKER
No errors when running this test.


Time to test outlook autoconfig:
With outlook open, hold down CTRL key and right click on the Outlook icon in the bottom right hand side of your screen, them on the popup menu select the "Test Autoconfiguration". Select that, enter valid credentials and select the "autodiscover" option only and test.

See if you get any errors from the above
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
MegaNuk3

Ok, can you see Free Busy time without being prompted for login? What about setting an Out of office message and what about downloading the OAB?

Does a noncached client get prompted for credentials more than a cached mode Outlook client?
Longshot9

ASKER
Users are prompted for the login as soon as they open outlook fyi.

I've never viewed free/busy time in outlook, I apologize for my stupidity ;)  I don't even know how to.

I set an OOO message for someone yesterday while this was happening and it is working (at least it's sending out replies)

OAB has been trying to download for the past 15 minutes and is just sitting on "connecting to microsoft exchange server"
Longshot9

ASKER
Task 'user@domain.com' reported error (0x80080005) : 'The program for the attachment may not have been installed properly or may have been moved or deleted.  Reinstall the program in which the attachment was created.'
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Longshot9

ASKER
Also just another note, the login screen they are prompted with changes randomly from the webmail address to the autodiscover address.  
MegaNuk3

Is the webmail the Exchange CAS server name?

Hold down the CTRL key with outlook open and then Right-click on the outlook icon and then choose " connection status". See if Outlook is connecting over HTTP or TCP/IP
Longshot9

ASKER
It is connected over tcp/ip

I'm sorry, i don't know the answer to the first one.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
MegaNuk3

How many Exchange servers do you have? If it is just 1 then that is your client access server. Are the names that Outlook is displaying on your certificate? Are the names resolvable internally to the internal IP address of your CAS server?
Longshot9

ASKER
We have 2.  One here in San Francisco, the other in Los Angeles.  I can resolve both names internally to their IP addresses.  Where do I check the certificate?  I'm sorry for the stupid questions, my firm hired outside consultants to migrate us, haven't trained me on exchange 2010 yet, but expect me to fix it when problems arise.  
MegaNuk3

Get-exchangecertificate |fl
Should show you "subject" on the cert which is the names it is valid for. Look at the common name too.
Does Outlook ever show the name of the LA server?
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
ASKER CERTIFIED SOLUTION
Longshot9

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Longshot9

ASKER
Solution found with help from an outsource vendor we use.