[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 518
  • Last Modified:

infamous password prompt in outlook 2007

I have a client running sbs 2008 for the past 8 months without issues. About a month ago they started getting the password prompt on their outlook 2007 client. I had already installed the update rollup 9 for exchange when the server was first set up and there was no issues with the password prompt. I am using a self-signed cert on the sbs server.

 I have done the following in an attempt to fix it without success:

- created a new self-signed certificate

- ran the fix network wizard with no issues

- rant the interent connection wizard

- installed exchange 2007 sp3 and any updates

- disabled the connect via http in outlook

- disabled outook anywhere

- setup A recored for autodiscover.vbis.ca

- tried adding 127.0.0.1 autodiscover.vbis.ca to the local hosts file

- tried disabling the loopback test in registry

- enable kernel-mode authentication on

When I run the outlook test email autoconfiguration I get a security alert about the cerificate name being invalid or not matching the name of the site. The autodiscover failes on all it's checks.
0
linknetworks
Asked:
linknetworks
  • 3
1 Solution
 
christi3Commented:
In the Outlook client under Microsoft Exchange Settings - > Microsft Exchange - > Security tab, what method are you using for Logon network security? Have you tried using NTLM?
0
 
shjacks55Commented:
Normally I consider standard SBS Server configuration as 5 user client desktops connected through a hub to the server, 10.x.x.x domain IP address, DHCP provided by the SBS,  Users log in to the SBS Domain at start of their day.

Since all "local"(are they?) users experience this it would seem to be server issue (or issue with server path).

nslookup
vbis.ca is 69.49.101.57; but mail.vbis.ca  69.49.101.233
all attempts to get MX record timed out
CNAME record =
primary name server = ns1.meganameservers.com
responsible mail addr = postmaster.meganameservers.com

http://www.robtex.com/dns/vbis.ca.html#summary
"Incoming mail for vbis.ca is handled by three mail servers at megamailservers.com. All three of them are on the same IP network. vbis.ca has one IP number (69.49.101.57) , but the reverse is hostedc11.megawebservers.com."
no "A" record.
MX=      
10      mx1c11.megamailservers.com 69.49.101.234 3days old
100      mx2c11.megamailservers.com 69.49.101.235 186 days old
110      mx3c11.megamailservers.com 69.49.101.236 12 days old
per RFC priorities 1 thru 10 are supported, priority 100? generally the first mx server reported by nslookup is the one used.

SBS allows only one domain and no trusts/replication to a different Exchage server or different domain.  There are workarounds that have been implemented say with Microsoft Online Services and work fairly well but the workarounds are not officially supported by Microsoft.

It appears you first reported this problem on this site 1/12/2011?
why has your provider been messing with your mx records and why no a and cname (for mail) records?

perhaps a more accurate description of your environment would clarify things?

else from your error message: certificate expired and the clients are still caching the old certificate.or time issue on the server.





0
 
linknetworksAuthor Commented:
They have one server. Their email is offsite and the retrieve via pop. The switched service providers and email hosts about 6 months ago. I have created a new certificate even though the old one had not expired. Not sure about caching the old one on the workstations. How do you remove an old certificate cache?

The certificate says remote.vbis.ca and I have set up an A record on the server pointing to the servers ip address.

The outlook client is set to auto negotiate, but I have tried also using ntlm.
0
 
linknetworksAuthor Commented:
After some research we found the problem to be update KB2412171.  
0
 
linknetworksAuthor Commented:
Found solution on my own.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now