Solved

User gets prompted credentials from HT-CAS server roles

Posted on 2013-12-01
11
230 Views
Last Modified: 2013-12-09
Hi Folks,

Can anyone here please assist me with some explanation as to why after I changed the HT-CAS server role in my DR site, some of my users gets prompted to retype their credentials in their Outlook ?

Here’s the setting as at the moment

Physical SiteA – Domain.com (Main HQ)
HT-CAS1-Prod-VM (AD-Site-A)
HT-CAS2-Prod-VM (AD-Site-A)

CCR-MBX1-Prod-VM (AD-Site-A)

Physical SiteB – Domain.com (DR remote site)
HT-CAS1-DR-VM (AD-Site-A)
CCR-MBX2-DR-VM (AD-Site-A)
Previously the setting is bit different:

Physical SiteB – Domain.com (DR remote site)
HT-CAS1-DR-VM (AD-Site-B)
CCR-MBX2-DR-VM (AD-Site-B)
This was due to the CCR mailbox server needs to be in the same domain for me to be able to upgrade to SP3
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
11 Comments
 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39689175
Have you tried auto discover ?
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 39689187
Why do I need to so that ?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39689629
When you added the new CAS/HT server in the DR site do you have the appropriate Certificates present on these servers?

You should have a SAN/UCC cert that has the following entries...
- autodiscover.domain.com
- mail.domain.com

Will.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 39689701
Will, what is that certificate for ?

this prompt is from outlook internal user, there is no Outlook Anywhere enabled in all of my CAS server.

Somehow the only server who ask the credential is the DR HT-CAS server, both servers in production are ok.
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 500 total points
ID: 39689729
Is this DR site isolated from your production network?

Are the virtual directories on the CAS server set accordingly? Where are they being prompted, from Outlook client?. Have you looked at the connection status on the outlook client to see what servers the client is authenticating to? Also what are your authentication settings set to on your DR servers?

Will.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 39689900
Well during the DR test, the core switch link is disconnected so practically there is no connection. That is the reason why we hard coded all of the DR site exchange servers with Site-A to resume the mail flow.

And now the DR test has finished, the link back up and running again, the users across the company is now randomly prompted for pop up to type in their credentials? Not all just random people.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 39689905
Yes the users is prompted in Outlook the first time they open the application.

Service Desk team ask those users to close and re open outlook but somehow the issue still remains, more random people is prompted with credentials pop up ?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39689912
Are the users using Outlook cached mode? Have you treid to re-create the OST file or have your users. Try changing that and seeing if that corrects it.

Will.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 39691255
Yes they are all using cached mode Exchange Outlook connection.
0
 
LVL 8

Accepted Solution

by:
Senior IT System Engineer earned 0 total points
ID: 39694048
ok, I have fixed the issue by setting the following:

Set-ClientAccessServer -AutoDiscoverSiteScope {AD-Site-A}

Open in new window

0
 
LVL 8

Author Closing Comment

by:Senior IT System Engineer
ID: 39705679
I have found my solution based on the finding that I did myself.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Here's a look at newsworthy articles and community happenings during the last month.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

689 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question