?
Solved

outlook 2010 prompting for credentials when downloading the OAB.  and not accepting them.

Posted on 2011-10-10
17
Medium Priority
?
1,077 Views
Last Modified: 2012-05-12
I have outlook 2010 and exchange 2010/2003mixed env.  my mailbox is on exch2010 and I use outlook 2010 in cached mode.  When in cached mode, outlook will not download the OAB.  it prompts for credentials but won't accept them.  I have rebuilt the OAB from scratch and repointed all of the databases to the new one and it didn't fix it.
We have windows authentication turned on for the OAB in IIS.   outlook 2003 has no issues as it is generated to the public folder.  OWA seems fine.  it is getting to the OAB and it is up to date.

Any help is appreciated!
0
Comment
Question by:cdshreve
  • 7
  • 6
  • 4
17 Comments
 
LVL 3

Expert Comment

by:mwiener1
ID: 36946062
Do you have an ssl certificate with autodiscover.yourdomain.com?

Thats a common problem if your ssl cert isn't correct. Self signed certs just dont work. There are workarounds, but its almost never worth the hassle.
0
 

Author Comment

by:cdshreve
ID: 36946142
We are using a wildcard cert.   *.domain.com
0
 
LVL 10

Accepted Solution

by:
SuperTaco earned 2000 total points
ID: 36946259
Exchange 2010 really needs a UCC/SAN sert for operations.  i would also check type of authentication use by the OAB virtual directory.
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 

Author Comment

by:cdshreve
ID: 36946353
Everything else seems to be working fine with the wildcard but I'll see about changing it.  here are the perms in IIS:  
 OAB Permissions
0
 
LVL 10

Expert Comment

by:SuperTaco
ID: 36946358
YUp, those look good.    Try running this command as well

Get-OutlookAnywhere | Set-OutlookAnywhere –IISAuthenticationMethods: Basic, ntlm
0
 
LVL 3

Expert Comment

by:mwiener1
ID: 36946359
wildcard is no good for autodiscover.

I have no idea why to be honest, but i knw you need a good UCC cert for exchange 2007/2010.

you need
domain.com
autodiscover.domain.com
mail.domain.com   -  if you use mail.domain.com to connect to owa (replace with whatever you set in dns for owa access.
0
 

Author Comment

by:cdshreve
ID: 36946382
SuperTaco, do i need to cycle  IIS after that?

mwiener1,  I'll try to talk my win admin into it tomorrow and we'll give it a try.

Thanks guys!
0
 
LVL 10

Expert Comment

by:SuperTaco
ID: 36946384
yes you do. iisreset /noforce.  i would still recommend a UCC/SAN cert.
0
 
LVL 3

Expert Comment

by:mwiener1
ID: 36946392
You're welcome - I remember fighting with certs for that same issue numerous times. I always end up just paying godaddy the $89 or whatever it costs for the UCC/SAN cert. I think you can get them cheaper at www.exchangecertificates.com but i haven't used them personally.
0
 

Author Comment

by:cdshreve
ID: 36946415
OK now it is just hanging when I try to download the addressbook.   it hasn't asked for credentials like it was but it just hangs.
0
 
LVL 10

Expert Comment

by:SuperTaco
ID: 36946442
are you able to browse to https:mailserver.domain.com/oab?  you may need to check your folder permissions or enable browsing on the oab virtual directory.
0
 

Author Comment

by:cdshreve
ID: 36946472
When I browse to https:mailserver.domain.com/oab I get a 403 forbidden.

How do I enable browsing on the virtual directory and what should the permissions be?

0
 
LVL 10

Expert Comment

by:SuperTaco
ID: 36947982
on the actual physical directory, users should have at least read and execute.  

here's instruciton for directory browsing

http://technet.microsoft.com/en-us/library/cc731109%28WS.10%29.aspx

when you get to where you can enable it, look to the top left. (in IIS)

if you still get errors, try rebuilding the OAB.  

here's another link to some OAB troubleshooting steps:

http://support.microsoft.com/kb/811870

If you end up getting any other erros trying to donwload it, post it up here and we'll get you pointing in the right direction.
0
 

Author Comment

by:cdshreve
ID: 36949213
Attached are the permissions and I did enable browsing on the OAB virtual directory and can now browse to it.  Still having issues with the prompting. :(

That article is for 2000 and 5.5 oab...



oabpermissions.PNG
0
 
LVL 3

Expert Comment

by:mwiener1
ID: 36952743
You need a valid SSL cert with autodiscover on it or you will always get the prompts.
0
 
LVL 10

Expert Comment

by:SuperTaco
ID: 36952763
cdshreve, please remeber i also recommended getting the UCC/SAN cert.  The script I gave resolves the issues for about 12-24 hours so you can get time to get the cert.
0
 

Author Closing Comment

by:cdshreve
ID: 37508423
We finally got an explicit SAN Cert and all is working now.

Thank you to all who helped!!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange database can often fail to mount thereby halting the work of all users connected to it. Finding out why database isn’t mounting is crucial and getting the server back online. Stellar Phoenix Mailbox Exchange Recovery is a champion product t…
What is the biggest problem in managing an exchange environment today? It is the lack of backups, disaster recovery (DR) plan, testing of the DR plan or believing that it won’t happen to us.
This video tutorial shows you the steps to go through to set up what I believe to be the best email app on the android platform to read Exchange mail.  Get the app on your phone: The first step is to make sure you have the Samsung Email app on your …
In this video I will demonstrate how to set up Nine, which I now consider the best alternative email app to Touchdown.
Suggested Courses

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question