Solved

Outlook Anywhere Authentication Issue NTLM/Basic

Posted on 2013-07-02
13
3,259 Views
Last Modified: 2013-07-31
Hey,

I have configured Outlook anywhere to run NTLM Authentication  but the settings on the local outlook keep reverting back to basic to which point Outlook stops working. I believe I have checked all the settings and look via the exchange command shell to which all have shown the correct NTLM setting.

Any ideas why the outlook client would keep reverting back to Basic Authentication

Thanks
0
Comment
Question by:Dan130
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
13 Comments
 
LVL 2

Expert Comment

by:JayCarter82
ID: 39292981
Are the settings on the local Outlook being governed by a GPO? If so that would be where I'd start.
0
 
LVL 1

Author Comment

by:Dan130
ID: 39293294
Hi Jay,

I double checked by no GPO is controlling the local outlook config.
0
 
LVL 1

Author Comment

by:Dan130
ID: 39296170
any ideas on this ?
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39296489
Do an Autodiscover test from a client first:
http://semb.ee/adt

See what is being returned to the client by the server.
How did you change the authentication settings? In EMC, EMS or IIS? Did you run IISRESET afterwards?

Simon.
0
 
LVL 1

Author Comment

by:Dan130
ID: 39297491
Hi Simon,

I have changed the settings in the EMC and EMS, I didn't touch the IIS manager. I have not run an IIS reset recently on the exchange server. the settings appear fine in both EMC and EMS both are set to NTLM but something is setting it back to basic so user cannot then log in to outlook.

the results. I can see in XML it says <OWAUrl AuthenticationMethod="Basic, Fba">https://mydomain.local.

is this related?

ill continue to review your webpage linked but its their anything else to try.

Thanks
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39297954
No, that isn't correct.
When you run the test you should see a line for Outlook Anywhere.

It will say Protocol: Exchange HTTP and then further down Auth Package. That is what Exchange is configuring the client to use.

Simon.
0
 
LVL 1

Author Comment

by:Dan130
ID: 39299268
ok thanks yes I can see that's the Auth Package is "unspecified" how would I go about changing this. if this is unspecified is this why it keeps reverting back to basic?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39299519
That is probably the problem - it hasn't been configured correctly.
Your best option here is probably to disable and then re-enable Outlook Anywhere. You can do that through EMC. However you must wait until the event log on the server reports that it has been disabled (About 15 minute after making the change in Exchange) before enabling it again.

Simon.
0
 
LVL 1

Author Comment

by:Dan130
ID: 39299521
this is what I also got when using the command get-outlookanywhere
outlookanywhere.PNG
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39299536
Do you have the RPC virtual directory in place?
It might be that there is an issue with IIS instead.
In that case, disable Outlook Anywhere in Exchange, wait for the event log.
In Roles and Features, remove the RPC Proxy component from IIS.
Run IISRESET.
In IIS manager, remove (if present) the RPC and RPC-with-cert virtual directories.
Run IISRESET again.
Reinstall the RPC Proxy.
Finally enable Outlook Anywhere.

Simon.
0
 
LVL 1

Author Comment

by:Dan130
ID: 39299553
Ok I have disabled outlookanywhere

removed the RPC proxy
run iisreset
I have removed RPC and RPC with cert as they were both present
run iisreset

are removing the role the server needs a restart during the day i will not be able to preform this on a live server, so will need to restart exchange install the feature and then enable outlookanywhere
0
 
LVL 1

Author Comment

by:Dan130
ID: 39300320
Followed as planned but still the issue persists. the issue does look related to IIS rather than EMC all of the correct settings are in place.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 260 total points
ID: 39303826
You are getting the same issue - the authentication setting is coming back as unspecified?
That is unusual, and would point at an issue with the IIS metabase. The only way I know to fix that is to remove IIS completely. That means removing the CAS role on Exchange first.

Simon.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Find out what you should include to make the best professional email signature for your organization.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question