User cannot connect to new 2010 Exchange woth Outlook 2010

How are you configuring Outlook?  Cached Exchange mode?  POP3 / SMTP?  IMAP4?

What mailbox features are enabled for both of the problem accounts via the Exchange Management Console?

Cached mode and SMTP

Both cached mode AND SMTP?

Usually it would be either or.

What about the Mailbox Features enabled via the EMC?

From the Exchange Management Shell, please type the following (for each of the problem user accounts):

test-outlookwebservices -identity:problemuser@yourdomain.com

Outlook web is working fine.  The Outlook 2010 client is asking for a password for the exchange server and will not accept the Active Dir password

Please can you answer the question in the above comment http:#a36525796

Mailbox features

Outlook Web App
Exchange ActiveSync
MAPI
POP3
IMAP4

Ok - thanks.

Do they have their inherited permissions check box enabled?

If you open up Active Directory Users and Computers and locate one of your users that is not working, Double-Click into the account and click on the Security Tab (if this is not visible, Click on View> Advanced Features from the Menu at the top of the screen then navigate back to your user).

Once on the security tab, click on the Advanced Button and make sure that the ‘Include Inheritable Permissions From This Object’s Parent’ is ticked. Click OK twice to close the user account.

"Outlook web is working fine.  The Outlook 2010 client is asking for a password for the exchange server and will not accept the Active Dir password"

If this is the case you should be seeing  authentication failures under the event viewer on the server
Post the failure please

include inheritable permissions from the object is checked

So the users can login to OWA happily, which suggests the issue isn't password related.

Can the problem users login and configure Outlook on a known good working users PC?

Can the problem users login and configure Outlook on a known good working users PC?

No matter what PC they go to they fail, when others can connect on the same PC

Okay - just to confirm - can these problem users login to OWA okay?

If this is the case you should be seeing  authentication failures under the event viewer on the server
Post the failure please

None found?

Set the following registry keys to enable exchange dianostics
Set the values to 7
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeDSAccess\Diagnostics
1 General
4 Config
5 Ldap

And then try to connect the users outlook and check event logs on exchange server

Okay - just to confirm - can these problem users login to OWA okay? YES

the users that are broken were working when they were on Exchange 2007

Can a working user see the problem users in their Global Address List?

Do you have a Broadcom network card in the Exchange Server?

If so - can you check the server manufacturer's website for a newer driver please.

Okay - just to confirm - can these problem users login to OWA okay? YES

this erver is only 2 month old and is up to date

HP NC-Series Broadcom 1Gb Multifunction
Driver for Windows Server 2008 x64 Editions

  6.2.8.0

What is the exact server model please?

HP ProLiant DL360 G6

Are you running Windows 2008 R2?

Are you running Windows 2008 R2?  YES

Okay - you have the latest drivers!  Saw a similar issue relating to the NIC drivers being out of date - so that rules that out :(

I am assuming this is only happening on your internal network....
Have you done the exchange registry edits? It can fill your logs up quickly, but will give you much more detail.
Authentication is failing because you are repeatedly being prompted for the password, OWA might be succeeding, but its auth process starts at IIS.
Are these machines that have cached credentials enabled? If so try resetting the password on one of the non-working clients

Cannot find this registry key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeDSAccess\Diagnostics
 did you mean

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchange ADAccess\Diagnostics

Yes, sorry the other key is for exchange 2003

Do I enable the keys on the transport role or mailbox role or both

Mailbox

Here is the GUI way
http://www.howexchangeworks.com/2009/07/diagnostic-logging-in-exchange-2010.html

Enablw logs for about 3 minutes while I tried Outlook but did not get any errors pertaiing to that user or omputer

If you run outlook.exe /rpcdiag what do you see on the user who can't connect?

running outllok with /rpcdiag show the transport server name and status conneciting as it keeps asking for password

on a working client does it show connecting to the same server as the failing client?

on a working client does it show connecting to the same server as the failing client?

a good client shows 4 items 3 with the CA server and one with the mailbox server

Server             Type         Interface   Connection Status
CA                 Mail            LAN          TCP/IP       Establsihed  
CA                 Mail            LAN          TCP/IP       Establsihed
CA                 Directory     LAN          TCP/IP       Establsihed  
Mailbox          Public F      LAN          TCP/IP       Establsihed

Ok, are these client connecting via http?
I wonder why the client is hitting the transport server first...should be hitting the CAS

I wonder why the client is hitting the transport server first...should be hitting the CAS

My explanation was fuzzy,  the transport and CAS are the same

Change the users outlook account to  connect via http, and see if there is any change

Change the users outlook account to  connect via http, and see if there is any change?

don't have htat option in Control Panel item

Its in account settings, more settings, connection, in outlook
Capture.JPG

under More setting- connection iin hte Outlook Anywhere I check HTTP box still no work

If you give your account send as and full access rights to the non-working users account can you open it as an additional mailbox in your outlook ?

If you give your account send as and full access rights to the non-working users account can you open it as an additional mailbox in your outlook ?

When I try to add the account as an additional mailbox my Outloook hangs

I will let the nightly backup run and will move those users to a new database in hte morning

New-MailboxRepairRequest
First try the above powershell

Did not see you lst comment but moved users to new databases with no luck.

will try to MailboxRepairRequest

crested new user and moved mailbox to the new user.