Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Exchange 2010 SP2 prompting Outlook users to login

Posted on 2013-01-10
11
Medium Priority
?
424 Views
Last Modified: 2013-01-21
Hi,

Beginning yesterday morning, it seems that most of the users are being prompted to login when they launch their Outlook 2007 clients.  We migrated to Exchange back in October and up until now, users would launch their Outlook clients and it would automatically open for them as long as their PCs were attached to the domain and inside our network.

I have a 2 site environment with each site having an Exchange server.  Each server has all the necessary roles to function on its own. While users are fine when they enter their credentials, it is still causing us a lot of phone calls so I would love to get this fixed.  I installed UR5v2 last night and rebooted the boxes to see if that would help, but it didnt.

The only thing that was done the night before this happened was a reboot of the domain contollers in each office to upgrade their VMware tools.  Im guessing it has something to do with that.

Any help is greatly appreciated.
0
Comment
Question by:TakedaT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 17

Expert Comment

by:Chris Millard
ID: 38762774
How do your clients connect? Do they use RPC over HTTP at all? If so, it might be checking to see if the security certificate on the Exchange server has expired.
0
 
LVL 7

Expert Comment

by:viveksahu
ID: 38762973
Hi,

Did you check the authentication of the Outlook under Exchange Proxy Settings? Basic or NTLM? That should be the same as the server side which you configured on the Outlook Anywhere.
0
 
LVL 10

Author Comment

by:TakedaT
ID: 38763272
I have verified that my certs are not expired.

They are mostly laptops, so we have OA turned on on the client side with NTLM as the auth.  I also verified that the server side is the same.  But even the desktops that have OA off it is happening on.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38763584
Have you rebooted the Exchange server since rebooting the domain controllers?
Did you install Windows Updates last night?

Simon.
0
 
LVL 10

Author Comment

by:TakedaT
ID: 38763892
Yes, that was my first thought.  I rebooted both exchange servers last night, which didnt help.  I then proceeded to install UR5v2 after that and rebooted again.  Still no luck.
0
 
LVL 10

Author Comment

by:TakedaT
ID: 38774823
Ok, I think I have it narrowed down to being Outlook Anywhere.  After verifying that the 'Connect to Microsoft Exchange using HTTP' option was unchecked earlier, when I went back to check again, it was checked.  After some searching, I found that this is normal behavior on Exchange 2010 with OA enabled.

So what I did so far is use GPO to disable it on all PCs and then another GPO to enable it for a specific group.  This works for the most part as the popups went away for everyone with OA disabled, but besides being really slow, it is still prompting these OA enabled users for their credentials.  Is it normal for a PC that is attached to the domain to still prompt users for credentials?
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 1500 total points
ID: 38782575
On the network, Outlook Anywhere shouldn't be used. Yes it is enabled, but it would only be used if the connection on TCP/IP couldn't be made for some reason.
The modification you have made is something I have seen people do before, but it is not something I have ever done, because it is fixing the symptoms, and not the cause (aka my leg hurts becuase there is a knife in it, so I will take pain killers rather than remove the knife).

You need to verify that connections are being made with HTTPS, and not TCP/IP and see why that is.

If you are using basic authentication for Outlook Anywhere then they will get authentication prompts. If you want no authentication prompts AND the client machines are members of the domain then you can try using NTLM authentication. However be aware that some firewalls will block the NTLM traffic and/or authentication packets.

Simon.
0
 
LVL 10

Author Comment

by:TakedaT
ID: 38782657
I agree that what I have done is a bandaid and hasnt fixed the cause.  I have been testing with a few different machines on and off the network and am not getting anywhere.  

Maybe you are correct in that my firewall is blocking the auth packets.  I have watched all traffic sourcing from their addresses and dont see any thing blocked or failing.  The auth box pops up and i put in the pass and them im fine.  

Funny thing is that this only started happening last week while we have been on Exchange since last October.  I guess I will just tell the OA users that they need to auth from now on.
0
 

Expert Comment

by:MrGD
ID: 38785086
I had a situation with one client experiencing exactly the same thing.  Went through many of the steps that you have and pinpointed an issue with McAfee's firewall.  Shut off it's firewall and enable Microsoft's no problem.  Turn the McAfee back on and within 30 seconds a pop-up.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38785233
The firewalls don't block the packets but more like damage them with their scanning. So you wouldn't see anything in the logs, but put a different firewall in place as a test and it works.

Simon.
0
 
LVL 10

Author Closing Comment

by:TakedaT
ID: 38801108
The cause remains undiscovered, but I am able to get users working using OA.  They just need to auth each time they open Outlook.  Thanks for following up Simon
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question