Dan130
asked on
Outlook Anywhere Authentication Issue NTLM/Basic
Hey,
I have configured Outlook anywhere to run NTLM Authentication but the settings on the local outlook keep reverting back to basic to which point Outlook stops working. I believe I have checked all the settings and look via the exchange command shell to which all have shown the correct NTLM setting.
Any ideas why the outlook client would keep reverting back to Basic Authentication
Thanks
I have configured Outlook anywhere to run NTLM Authentication but the settings on the local outlook keep reverting back to basic to which point Outlook stops working. I believe I have checked all the settings and look via the exchange command shell to which all have shown the correct NTLM setting.
Any ideas why the outlook client would keep reverting back to Basic Authentication
Thanks
Are the settings on the local Outlook being governed by a GPO? If so that would be where I'd start.
ASKER
Hi Jay,
I double checked by no GPO is controlling the local outlook config.
I double checked by no GPO is controlling the local outlook config.
ASKER
any ideas on this ?
Do an Autodiscover test from a client first:
http://semb.ee/adt
See what is being returned to the client by the server.
How did you change the authentication settings? In EMC, EMS or IIS? Did you run IISRESET afterwards?
Simon.
http://semb.ee/adt
See what is being returned to the client by the server.
How did you change the authentication settings? In EMC, EMS or IIS? Did you run IISRESET afterwards?
Simon.
ASKER
Hi Simon,
I have changed the settings in the EMC and EMS, I didn't touch the IIS manager. I have not run an IIS reset recently on the exchange server. the settings appear fine in both EMC and EMS both are set to NTLM but something is setting it back to basic so user cannot then log in to outlook.
the results. I can see in XML it says <OWAUrl AuthenticationMethod="Basi c, Fba">https://mydomain.local.
is this related?
ill continue to review your webpage linked but its their anything else to try.
Thanks
I have changed the settings in the EMC and EMS, I didn't touch the IIS manager. I have not run an IIS reset recently on the exchange server. the settings appear fine in both EMC and EMS both are set to NTLM but something is setting it back to basic so user cannot then log in to outlook.
the results. I can see in XML it says <OWAUrl AuthenticationMethod="Basi
is this related?
ill continue to review your webpage linked but its their anything else to try.
Thanks
No, that isn't correct.
When you run the test you should see a line for Outlook Anywhere.
It will say Protocol: Exchange HTTP and then further down Auth Package. That is what Exchange is configuring the client to use.
Simon.
When you run the test you should see a line for Outlook Anywhere.
It will say Protocol: Exchange HTTP and then further down Auth Package. That is what Exchange is configuring the client to use.
Simon.
ASKER
ok thanks yes I can see that's the Auth Package is "unspecified" how would I go about changing this. if this is unspecified is this why it keeps reverting back to basic?
That is probably the problem - it hasn't been configured correctly.
Your best option here is probably to disable and then re-enable Outlook Anywhere. You can do that through EMC. However you must wait until the event log on the server reports that it has been disabled (About 15 minute after making the change in Exchange) before enabling it again.
Simon.
Your best option here is probably to disable and then re-enable Outlook Anywhere. You can do that through EMC. However you must wait until the event log on the server reports that it has been disabled (About 15 minute after making the change in Exchange) before enabling it again.
Simon.
ASKER
this is what I also got when using the command get-outlookanywhere
outlookanywhere.PNG
outlookanywhere.PNG
Do you have the RPC virtual directory in place?
It might be that there is an issue with IIS instead.
In that case, disable Outlook Anywhere in Exchange, wait for the event log.
In Roles and Features, remove the RPC Proxy component from IIS.
Run IISRESET.
In IIS manager, remove (if present) the RPC and RPC-with-cert virtual directories.
Run IISRESET again.
Reinstall the RPC Proxy.
Finally enable Outlook Anywhere.
Simon.
It might be that there is an issue with IIS instead.
In that case, disable Outlook Anywhere in Exchange, wait for the event log.
In Roles and Features, remove the RPC Proxy component from IIS.
Run IISRESET.
In IIS manager, remove (if present) the RPC and RPC-with-cert virtual directories.
Run IISRESET again.
Reinstall the RPC Proxy.
Finally enable Outlook Anywhere.
Simon.
ASKER
Ok I have disabled outlookanywhere
removed the RPC proxy
run iisreset
I have removed RPC and RPC with cert as they were both present
run iisreset
are removing the role the server needs a restart during the day i will not be able to preform this on a live server, so will need to restart exchange install the feature and then enable outlookanywhere
removed the RPC proxy
run iisreset
I have removed RPC and RPC with cert as they were both present
run iisreset
are removing the role the server needs a restart during the day i will not be able to preform this on a live server, so will need to restart exchange install the feature and then enable outlookanywhere
ASKER
Followed as planned but still the issue persists. the issue does look related to IIS rather than EMC all of the correct settings are in place.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.