Solved

infamous password prompt in outlook 2007

Posted on 2011-03-15
5
502 Views
Last Modified: 2012-05-11
I have a client running sbs 2008 for the past 8 months without issues. About a month ago they started getting the password prompt on their outlook 2007 client. I had already installed the update rollup 9 for exchange when the server was first set up and there was no issues with the password prompt. I am using a self-signed cert on the sbs server.

 I have done the following in an attempt to fix it without success:

- created a new self-signed certificate

- ran the fix network wizard with no issues

- rant the interent connection wizard

- installed exchange 2007 sp3 and any updates

- disabled the connect via http in outlook

- disabled outook anywhere

- setup A recored for autodiscover.vbis.ca

- tried adding 127.0.0.1 autodiscover.vbis.ca to the local hosts file

- tried disabling the loopback test in registry

- enable kernel-mode authentication on

When I run the outlook test email autoconfiguration I get a security alert about the cerificate name being invalid or not matching the name of the site. The autodiscover failes on all it's checks.
0
Comment
Question by:linknetworks
  • 3
5 Comments
 

Expert Comment

by:christi3
Comment Utility
In the Outlook client under Microsoft Exchange Settings - > Microsft Exchange - > Security tab, what method are you using for Logon network security? Have you tried using NTLM?
0
 
LVL 3

Expert Comment

by:shjacks55
Comment Utility
Normally I consider standard SBS Server configuration as 5 user client desktops connected through a hub to the server, 10.x.x.x domain IP address, DHCP provided by the SBS,  Users log in to the SBS Domain at start of their day.

Since all "local"(are they?) users experience this it would seem to be server issue (or issue with server path).

nslookup
vbis.ca is 69.49.101.57; but mail.vbis.ca  69.49.101.233
all attempts to get MX record timed out
CNAME record =
primary name server = ns1.meganameservers.com
responsible mail addr = postmaster.meganameservers.com

http://www.robtex.com/dns/vbis.ca.html#summary
"Incoming mail for vbis.ca is handled by three mail servers at megamailservers.com. All three of them are on the same IP network. vbis.ca has one IP number (69.49.101.57) , but the reverse is hostedc11.megawebservers.com."
no "A" record.
MX=      
10      mx1c11.megamailservers.com 69.49.101.234 3days old
100      mx2c11.megamailservers.com 69.49.101.235 186 days old
110      mx3c11.megamailservers.com 69.49.101.236 12 days old
per RFC priorities 1 thru 10 are supported, priority 100? generally the first mx server reported by nslookup is the one used.

SBS allows only one domain and no trusts/replication to a different Exchage server or different domain.  There are workarounds that have been implemented say with Microsoft Online Services and work fairly well but the workarounds are not officially supported by Microsoft.

It appears you first reported this problem on this site 1/12/2011?
why has your provider been messing with your mx records and why no a and cname (for mail) records?

perhaps a more accurate description of your environment would clarify things?

else from your error message: certificate expired and the clients are still caching the old certificate.or time issue on the server.





0
 

Author Comment

by:linknetworks
Comment Utility
They have one server. Their email is offsite and the retrieve via pop. The switched service providers and email hosts about 6 months ago. I have created a new certificate even though the old one had not expired. Not sure about caching the old one on the workstations. How do you remove an old certificate cache?

The certificate says remote.vbis.ca and I have set up an A record on the server pointing to the servers ip address.

The outlook client is set to auto negotiate, but I have tried also using ntlm.
0
 

Accepted Solution

by:
linknetworks earned 0 total points
Comment Utility
After some research we found the problem to be update KB2412171.  
0
 

Author Closing Comment

by:linknetworks
Comment Utility
Found solution on my own.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
how to add IIS SMTP to handle application/Scanner relays into office 365.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now