mrcjc951
asked on
Exchange 07 with ISA 06 Password prompt issue
Good evening,
I am having and internal issue with my outlook 2007 clients, they can connect to their mailbox however they are getting prompted for their username/password when they open Outlook.
The interesting thing about this issue is, when I remove my OWA DNS pointer, pointing to my ISA in my DNS which is mail.domain.com it doesn’t prompt them for their password anymore.
I do use mail.domain.com for Outlook Anywhere / OWA and that is the CN of my Cert. We host 8 company domains so I have a UCC with Godaddy and I have it configured as followed.
CN = mail.domain.com
Alt’s =
autodiscover.domain1.com
autodiscover.domain2.com
autodiscover.domain3.com
autodiscover.domain4.com
autodiscover.domain5.com
autodiscover.domain6.com
autodiscover.domain7.com
autodiscover.domain8.com
Now I also added in mail.domain 1-8.com as well in the UCC but I am thinking this is pointless as I have my ISA06 configured to redirect all to mail.domain.com for OWA. So I believe I can remove those from the SSL and free up some room.
I noticed a lot of articles state that you should add your “internal server” however because I manage my internal DNS I have my Client Access Server configured for the same “Internal / External address of mail.domain.com” is this wrong?
My outlook anywhere works perfectly outside of the company and I don’t mind that my laptop users using this feature must enter their password each time. However my internal users shouldn’t be getting prompted for this.
Also the outlook anywhere clients are able to configure them self so this means auto discover must be working.
I am not 100% sure what other information you may need to help me solve this issue but please let me know and I will post whatever maybe needed.
Thank you,
Chris
I am having and internal issue with my outlook 2007 clients, they can connect to their mailbox however they are getting prompted for their username/password when they open Outlook.
The interesting thing about this issue is, when I remove my OWA DNS pointer, pointing to my ISA in my DNS which is mail.domain.com it doesn’t prompt them for their password anymore.
I do use mail.domain.com for Outlook Anywhere / OWA and that is the CN of my Cert. We host 8 company domains so I have a UCC with Godaddy and I have it configured as followed.
CN = mail.domain.com
Alt’s =
autodiscover.domain1.com
autodiscover.domain2.com
autodiscover.domain3.com
autodiscover.domain4.com
autodiscover.domain5.com
autodiscover.domain6.com
autodiscover.domain7.com
autodiscover.domain8.com
Now I also added in mail.domain 1-8.com as well in the UCC but I am thinking this is pointless as I have my ISA06 configured to redirect all to mail.domain.com for OWA. So I believe I can remove those from the SSL and free up some room.
I noticed a lot of articles state that you should add your “internal server” however because I manage my internal DNS I have my Client Access Server configured for the same “Internal / External address of mail.domain.com” is this wrong?
My outlook anywhere works perfectly outside of the company and I don’t mind that my laptop users using this feature must enter their password each time. However my internal users shouldn’t be getting prompted for this.
Also the outlook anywhere clients are able to configure them self so this means auto discover must be working.
I am not 100% sure what other information you may need to help me solve this issue but please let me know and I will post whatever maybe needed.
Thank you,
Chris
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Okay I gave that a try and that does work, but now my users that use internal OWA for our Order Desks etc... Do not get routed to the OWA form login page, it just pops up an authentication window and then takes them directly into their mailbox.
Correct me if I am wrong but, If I go ahead and add my internal Client Access Server on the UCC Cert I should be able to reconfigure the "internal URL" and point my users thru the ISA listener? Or would this bring the Outlook pop up back?
Or is there another way to correct this all together for internal OWA users?
Thanks
Correct me if I am wrong but, If I go ahead and add my internal Client Access Server on the UCC Cert I should be able to reconfigure the "internal URL" and point my users thru the ISA listener? Or would this bring the Outlook pop up back?
Or is there another way to correct this all together for internal OWA users?
Thanks
ASKER
I went a head and changed in Internal URL on my CAS to mail.domain2.com and used ISA to point to mail.domain2.com/owa/ then did a my redirection / deny rules to point to this new path, this fixed my OWA interal issue.
Thanks for your help!
Thanks for your help!
ASKER