Solved

Outlook client asks for a username and password. Exchange server 2013

Posted on 2013-06-13
5
1,378 Views
Last Modified: 2013-07-01
Hi

Currently in the process of migrating from Exchange 2007 to Exchange 2013, everything is working as expected, except outlook clients are prompted for username and password.

To explain further. We have a split DNS configuration as we have a non route-able internal domain name (domain.local). Split DNS is configured as follows:

mail.domain.com internally points to the exchange 2013 server
mail.domain.com externally points to the external address of the 2013 server which is behind a firewall.

We have a secure certificate with mail.domian.com and autodiscover.domain.com installed and OWA and Active sync are all working as expected.

All the virtual directories are configured both externally and internally to match mail.domain.com so we don't get any certificate warnings internally etc.

When I set up a test mailbox on Exchange 2013 and then set up a clients outlook, autodiscover goes off and finds the account and then tries to authenticate. The problem is that outlook tries to log in with the following account:

user@domain.com - which is the users email address not the users AD account.

In order to get the user connected I have to change the login to user@domain.local

How can we get round this problem so that outlook doesn't need to prompt for the username and password?

Thanks in advance.
0
Comment
Question by:vmdude
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 13

Expert Comment

by:Michael Machie
ID: 39244481
If your Outlook clients are configured to use the public facing OWA name, such as 'mail.domain.com', you cannot avoid the login credential request and this is normal behavior.

The same thing applies to Exchange 2010.
0
 
LVL 6

Author Comment

by:vmdude
ID: 39244509
Ok thanks I just wanted clarification. So there is no way round this without putting the internal server name on the certificate and changing the internal outlook clients to use that address?

This is fine with domains that have route-able active directory owned domains that they own but no so good with non route-able AD domains then as local names on certificate are not allowed going forward. :(
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39244528
You cannot put the internal names on the SSL certificate, so that isn't the solution.
You need to ensure that Exchange has been configured with the external host name everywhere. There are quite a few places where it needs to be changed.
I haven't written a version for Exchange 2013, but the 2010 list is the same:
http://semb.ee/hostnames

Do ensure that you have the correct host name for Outlook Anywhere as well.

As for being unable to avoid the login request - that isn't the case either. With the correct authentication setup and SSL you will not get the prompts IF the client is on the domain.

Simon.
0
 
LVL 6

Author Comment

by:vmdude
ID: 39244796
Thanks,

I have double checked all the external host-names are configured everywhere and have confirmed this with the fact that I do not receive any certificate warnings and that the test email auto configuration shows only the external host names.
The hostname for Outlook Anywhere is also configured correctly

That brings me to a conclusion that it might be authentication

I have set both external and internal and external client authentication methods to NTLM

Still getting prompted
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39244991
After you changed the authentication settings, did you run IISRESET? If not then you should, as the change doesn't take effect immediately.

Otherwise you are going to have to identify which element is causing the prompt. An Autodiscover test (hold down CTRL, right click on icon in system tray) may help.

Simon.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question