Link to home
Start Free TrialLog in
Avatar of awilderbeast
awilderbeastFlag for United Kingdom of Great Britain and Northern Ireland

asked on

OAB NTLM authentication failing, all settings are set to MS recomendations

Hi All,

Some users are getting OAB prompts, ive checked the logs and have attached the event screen.
User generated image
I have set OAB authentication permissions as per MS recommendations
and the OAB permissiosn as per

It may be worth noting that our primary email addresses are, and our actual domain name is, could it be possible that is being sent as part as the username for ntlm auth? can we make it do domain\username for OAB? that possible?

Avatar of Imtiaz Hasham
Imtiaz Hasham
Flag of United Kingdom of Great Britain and Northern Ireland image

Are you using the domain on the username?  e.g. DOMAIN\Username or Username@Domain?
Avatar of awilderbeast


What do you mean using? using where?

when the user gets the prompt we put in domain\username and oab authentciates correctly until next reboot, but after reboot NTLM failures again
Thanks for the update?

How do you get it working after the reboot?  I am really confused.

Also, Best Practice is not to use an external domain on an internal network.   I would've used OurDomain.Local (rather than but as long as you put the login credentials as "OURDOMAIN.CO.UK\Username".

The other thing you need to look at is the domain under the NTLM Authentication.
After the reboot we have to type credentials in again. this only happens with OAB, all other outlook features work fine.

Changing the domain name is not an option.

yes to bypass the error we use domain\user and it works, but next time the address book tries to download again after a reboot it fails and we get prompted again.

where is the domain under ntlm set?
The domain under NTLM wouldnt help.

Have you got any SSL Certificate? And is it trusted root?
Yeah we have a cert installed and it is trusted. OAB doesnt use certificates anyway does it?
any update?
Sorry for the delay in coming back to you.

Can we arrange for remote access the systems and you can show me where the problem is.
Sorry not possible, can i provide you any more info that may help?
Please post the OAB prompts you are getting
You there?
hi, yes, im just waiting for a user to report the prompt again and i will get a screen, but i can describe it in the meantime

connecting to MAIL (this is the bit that makes me think its sending instead of to the mail server and this is why its failing)

and as shown above you can see the NTLM fail in event viewer.

heres a screen cap of the prompt edited
User generated image
I am not sure what's happening and why.  What is the Internal URI and External URI on your exchange server?
Internal URL is:, only happening for some users, id say ~10-15%
Avatar of awilderbeast
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
outlook profiles recreated