Outlook client asks for a username and password. Exchange server 2013

Posted on 2013-06-13
Medium Priority
Last Modified: 2013-07-01

Currently in the process of migrating from Exchange 2007 to Exchange 2013, everything is working as expected, except outlook clients are prompted for username and password.

To explain further. We have a split DNS configuration as we have a non route-able internal domain name (domain.local). Split DNS is configured as follows:

mail.domain.com internally points to the exchange 2013 server
mail.domain.com externally points to the external address of the 2013 server which is behind a firewall.

We have a secure certificate with mail.domian.com and autodiscover.domain.com installed and OWA and Active sync are all working as expected.

All the virtual directories are configured both externally and internally to match mail.domain.com so we don't get any certificate warnings internally etc.

When I set up a test mailbox on Exchange 2013 and then set up a clients outlook, autodiscover goes off and finds the account and then tries to authenticate. The problem is that outlook tries to log in with the following account:

user@domain.com - which is the users email address not the users AD account.

In order to get the user connected I have to change the login to user@domain.local

How can we get round this problem so that outlook doesn't need to prompt for the username and password?

Thanks in advance.
Question by:vmdude
  • 2
  • 2
LVL 13

Expert Comment

by:Michael Machie
ID: 39244481
If your Outlook clients are configured to use the public facing OWA name, such as 'mail.domain.com', you cannot avoid the login credential request and this is normal behavior.

The same thing applies to Exchange 2010.

Author Comment

ID: 39244509
Ok thanks I just wanted clarification. So there is no way round this without putting the internal server name on the certificate and changing the internal outlook clients to use that address?

This is fine with domains that have route-able active directory owned domains that they own but no so good with non route-able AD domains then as local names on certificate are not allowed going forward. :(
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39244528
You cannot put the internal names on the SSL certificate, so that isn't the solution.
You need to ensure that Exchange has been configured with the external host name everywhere. There are quite a few places where it needs to be changed.
I haven't written a version for Exchange 2013, but the 2010 list is the same:

Do ensure that you have the correct host name for Outlook Anywhere as well.

As for being unable to avoid the login request - that isn't the case either. With the correct authentication setup and SSL you will not get the prompts IF the client is on the domain.


Author Comment

ID: 39244796

I have double checked all the external host-names are configured everywhere and have confirmed this with the fact that I do not receive any certificate warnings and that the test email auto configuration shows only the external host names.
The hostname for Outlook Anywhere is also configured correctly

That brings me to a conclusion that it might be authentication

I have set both external and internal and external client authentication methods to NTLM

Still getting prompted
LVL 63

Accepted Solution

Simon Butler (Sembee) earned 2000 total points
ID: 39244991
After you changed the authentication settings, did you run IISRESET? If not then you should, as the change doesn't take effect immediately.

Otherwise you are going to have to identify which element is causing the prompt. An Autodiscover test (hold down CTRL, right click on icon in system tray) may help.


Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Upgrading from older Exchange server to the latest Exchange server can be tiresome, error-prone and risky, without being a seasoned exchange server administrators. It can become even problematic if you're an organization that runs on tight timeline…
Migrating Exchange data from one Exchange Server to another server is complicated. Though Exchange administrators can try manual methods to migrate their data from one version of Exchange to another, these manual methods are not that reliable. That…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question