Exchange 07 with ISA 06 Password prompt issue

Posted on 2011-04-26
Last Modified: 2012-05-11
Good evening,

I am having and internal issue with my outlook 2007 clients, they can connect to their mailbox however they are getting prompted for their username/password when they open Outlook.
The interesting thing about this issue is, when I remove my OWA DNS pointer, pointing to my ISA in my DNS which is it doesn’t prompt them for their password anymore.
I do use for Outlook Anywhere / OWA and that is the CN of my Cert. We host 8 company domains so I have a UCC with Godaddy and I have it configured as followed.

CN =
Alt’s =

Now I also added in mail.domain as well in the UCC but I am thinking this is pointless as I have my ISA06 configured to redirect all to for OWA. So I believe I can remove those from the SSL and free up some room.

I noticed a lot of articles state that you should add your “internal server” however because I manage my internal DNS I have my Client Access Server configured for the same “Internal / External address of” is this wrong?

My outlook anywhere works perfectly outside of the company and I don’t mind that my laptop users using this feature must enter their password each time. However my internal users shouldn’t be getting prompted for this.
Also the outlook anywhere clients are able to configure them self so this means auto discover must be working.

I am not 100% sure what other information you may need to help me solve this issue but please let me know and I will post whatever maybe needed.

Thank you,

Question by:mrcjc951

    Author Comment

    I should also state that when I remove the internal DNS pointer to my "" my users who use webmail internally cant access it because I removed the pointer however my external users OWA still works flawlessly... I just seems like my outlook clients internally are requesting information from which I don’t understand when I have them configured to my Exchange mail server of "Exchsrv07.domain.local."
    LVL 32

    Accepted Solution

    your users are being routed thru ISA for Autodiscover and web services which will require basic authentication

    your internal DNS for should point to your CAS server or load balancer


    Author Comment

    Okay I gave that a try and that does work, but now my users that use internal OWA for our Order Desks etc... Do not get routed to the OWA form login page, it just pops up an authentication window and then takes them directly into their mailbox.

    Correct me if I am wrong but, If I go ahead and add my internal Client Access Server on the UCC Cert I should be able to reconfigure the "internal URL" and point my users thru the ISA listener? Or would this bring the Outlook pop up back?

    Or is there another way to correct this all together for internal OWA users?


    Author Comment

    I went a head and changed in Internal URL on my CAS to and used ISA to point to then did a my redirection / deny rules to point to this new path, this fixed my OWA interal issue.

    Thanks for your help!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Suggested Solutions

    Use these top 10 tips to master the art of email signature design. Create an email signature design that will easily wow recipients, promote your brand and highlight your professionalism.
    Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
    In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
    To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now