Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Password required after enabling outlook anywhere for linked mailboxes

Posted on 2011-09-05
5
Medium Priority
?
1,497 Views
Last Modified: 2012-05-12
Hello,
we have implemented a mail structure based on  exchange 2010. Domain A containing the account and domain B with the exchange server 2010 containing mailbox . Mailboxes are linked mailbox.
After you enable Outlook Anywhere all users with the linked mailbox must enter a username and password several times a day. A user created directly in the domain B with mailbox user does not have the problem
How can I prevent users linked password is sought? thank you very much
0
Comment
Question by:pozlu0
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 7

Expert Comment

by:BobintheNoc
ID: 36483429
This was the behavior I saw in as far back as Exchange 2003 on 2003 server after activating rpc over https.  Kind of got used to the inability to save password for users not of the Exhange server's home domain.  Not positive, but could be a failing of the client, from a "foreign" domain not being able to do a kerberos authentication?  Or maybe a security ehancement that is "in our best interest"  Never have foound a real answer, but the problem isn't new to 2010.

Watching eagerly to see if an expert has a solution!
0
 
LVL 7

Expert Comment

by:BobintheNoc
ID: 36515112
Some further research, there appears to be a condition that when authenticating, if you present credentials, those credentials are being saved for the backend server only in a frontend/backend configuration.  A potential workaround that I found on a site:

On your client, you need to go into your Mail settings, then check your Exchange Proxy Settings.
Ensure that Connect using SSL only and Mutually authenticate the session when connecting with SSL are both checked on.
Enter in the Principal name for proxy server: in the msstd:frontend.domain.com format.
Select both the Fast and Slow settings.
Make sure the Proxy authentication settings is set to NTLM Authentication.
 

Now the real trick. Outlook will, when you select Remember my Password, store your password for the Back-end Mailbox server. But it does not save your password for the Front-end Proxy server.
Go into your Control Panel > User Accounts > Advanced > Manage Passwords.
Click Add, then type out the name of your Front-end server. This should be the same name as your SSL certificate on the default web site that contains the RPC virtual directory, put in your username and password.
 
A Microsoft KB article on the issue w/2003, may apply to 2008 condition since it's very similar:

http://support.microsoft.com/default.aspx?scid=kb;en-us;820281
0
 

Author Comment

by:pozlu0
ID: 36517206
Thank's I'll try this as soon as possible
0
 

Author Comment

by:pozlu0
ID: 36523063
I've noticed that the problem is related to the computer account on witch the user log on.
If the workstation is joined to domain B password if not required but if workstation is joined to domain A it is
0
 
LVL 7

Accepted Solution

by:
BobintheNoc earned 2000 total points
ID: 36533095
Yep, been a long time that this happens, since 2003.  On the native domain workstation, it appears that auto passthrough takes care of the password,  however on a non native domained or workgroup pc, the SAVE password check box is only saving the password for the literal domain account--the front end webserver credentials is left to the system to recall, which isn't part of the SAVE PASSWORD function.  In order to cache/save the front end server web password, you have to create an entry for the literal owa public dns name, like mail.company.com (the entity that the certificate iis issued to)

Visit the owa web interface site, view the cert, look for the "issued to" value and manually create a saved entry using the Issued To value.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This video discusses moving either the default database or any database to a new volume.

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question