Outlook 2007 Password Prompt and Certificate error after upgrade to Exchange 2010
We just upgraded from Exchange 2003 to 2010. Our configuration has the Client Access Server with two certificates of which one is for External Access and the other is for the Internal Access. When starting Outlook 2007 client I receive two certificate errors which they are trying to talk to the internal name and the certificate contains the external FQDN.
I am also receiving a password prompt which makes me believe it is forcing outlook to connect to the https: proxy. I disable https proxy and it keeps re-enabling automatically.
I would like to have internal clients have the https proxy settings configured but only effective on slow networks.
I am also receiving a password prompt which makes me believe it is forcing outlook to connect to the https: proxy. I disable https proxy and it keeps re-enabling automatically.
I would like to have internal clients have the https proxy settings configured but only effective on slow networks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi There
This problem occurs because the default Exchange Server 2010 Release to Manufacturing (RTM) configuration requires RPC encryption. However, by default, Microsoft Office Outlook 2003 does not use RPC encryption.
Note This problem can also occur if you are using Microsoft Office Outlook 2007 and you disable the Encrypt data between Microsoft Office Outlook and Microsoft Exchange profile setting.
Note In Exchange Server 2010 Service Pack 1, the RPC encryption requirement is disabled, by default. Any new Client Access Servers (CAS) deployed in the organization will not require encryption. However, any CAS servers deployed prior to Service Pack 1, or upgraded to Service Pack 1, will retain the existing RPC encryption requirement setting.
You can also automate this settings by using Microsoft .adm template to configure it through Group Policy.
Many Thanks
Binish Varghese
Many Thanks
This problem occurs because the default Exchange Server 2010 Release to Manufacturing (RTM) configuration requires RPC encryption. However, by default, Microsoft Office Outlook 2003 does not use RPC encryption.
Note This problem can also occur if you are using Microsoft Office Outlook 2007 and you disable the Encrypt data between Microsoft Office Outlook and Microsoft Exchange profile setting.
Note In Exchange Server 2010 Service Pack 1, the RPC encryption requirement is disabled, by default. Any new Client Access Servers (CAS) deployed in the organization will not require encryption. However, any CAS servers deployed prior to Service Pack 1, or upgraded to Service Pack 1, will retain the existing RPC encryption requirement setting.
You can also automate this settings by using Microsoft .adm template to configure it through Group Policy.
Many Thanks
Binish Varghese
Many Thanks
ASKER
Thank you both for your comments. After reading about the certs I have found that I should have done the SAN certificate and probably will when I want to take advantage of Auto Discover.
I had already purchased two certificates and made them work. I found that by having the external certificate bound to port 443 on the CAS that was causing Outlook to give the name mismatch warning. Fortunately we have a Netscaler from Citrix that does SSL off loading so I was able to remove the external certificate from the CAS and bind the internal cert to port 443. Cert error resolved.
The password prompt is from having shared mailboxes. I have a couple service mailboxes such as Helpdesk and terminated users added into Outlook. When I remove them the prompt disappears. Now I need to figure out how to have shared mailboxes added in Outlook without the prompts.
I had already purchased two certificates and made them work. I found that by having the external certificate bound to port 443 on the CAS that was causing Outlook to give the name mismatch warning. Fortunately we have a Netscaler from Citrix that does SSL off loading so I was able to remove the external certificate from the CAS and bind the internal cert to port 443. Cert error resolved.
The password prompt is from having shared mailboxes. I have a couple service mailboxes such as Helpdesk and terminated users added into Outlook. When I remove them the prompt disappears. Now I need to figure out how to have shared mailboxes added in Outlook without the prompts.
Hi There
In Exchange you can do Full Access Permission for the mailbox you want to configure as an additional mailbox.
Many Thanks
Binish
In Exchange you can do Full Access Permission for the mailbox you want to configure as an additional mailbox.
Many Thanks
Binish
Outlook connection issues with Exchange 2010 mailboxes because of the RPC encryption requirement
http://support.microsoft.com/kb/2006508/en-us
http://support.microsoft.com/kb/2006508/en-us
Any progress on this issue?
Followed procedure on MS KB:
Set-RpcClientAccess –Server Exchange_server_name –EncryptionRequired $False
Problem Solved
Set-RpcClientAccess –Server Exchange_server_name –EncryptionRequired $False
Problem Solved
ASKER
This is the way is "should' be configured from the start. Since I didn't plan for this in the beginning I now have a complicated configuration. We have a Netscaler that is doing the SSL offload for OWA certificate and the autoconfig.<domain>.com certificate which I purchased cheaply from GoDaddy and I also purchased a GoDaddy cert for our internal certificate which I installed on the CAS for internal access.
If I didn't have the Netscaler this would have been a hug headache unless as the working solution suggested I was to buy a SAN install in on the CAS and assign the 3 roles to it.
Thanks for the help and sorry for the delayed response.
If I didn't have the Netscaler this would have been a hug headache unless as the working solution suggested I was to buy a SAN install in on the CAS and assign the 3 roles to it.
Thanks for the help and sorry for the delayed response.
https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2300-Outlook-continually-prompting-for-username-and-password.html