Solved

User gets prompted credentials from HT-CAS server roles

Posted on 2013-12-01
11
228 Views
Last Modified: 2013-12-09
Hi Folks,

Can anyone here please assist me with some explanation as to why after I changed the HT-CAS server role in my DR site, some of my users gets prompted to retype their credentials in their Outlook ?

Here’s the setting as at the moment

Physical SiteA – Domain.com (Main HQ)
HT-CAS1-Prod-VM (AD-Site-A)
HT-CAS2-Prod-VM (AD-Site-A)

CCR-MBX1-Prod-VM (AD-Site-A)

Physical SiteB – Domain.com (DR remote site)
HT-CAS1-DR-VM (AD-Site-A)
CCR-MBX2-DR-VM (AD-Site-A)
Previously the setting is bit different:

Physical SiteB – Domain.com (DR remote site)
HT-CAS1-DR-VM (AD-Site-B)
CCR-MBX2-DR-VM (AD-Site-B)
This was due to the CCR mailbox server needs to be in the same domain for me to be able to upgrade to SP3
0
Comment
  • 7
  • 3
11 Comments
 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39689175
Have you tried auto discover ?
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 39689187
Why do I need to so that ?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39689629
When you added the new CAS/HT server in the DR site do you have the appropriate Certificates present on these servers?

You should have a SAN/UCC cert that has the following entries...
- autodiscover.domain.com
- mail.domain.com

Will.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 39689701
Will, what is that certificate for ?

this prompt is from outlook internal user, there is no Outlook Anywhere enabled in all of my CAS server.

Somehow the only server who ask the credential is the DR HT-CAS server, both servers in production are ok.
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 500 total points
ID: 39689729
Is this DR site isolated from your production network?

Are the virtual directories on the CAS server set accordingly? Where are they being prompted, from Outlook client?. Have you looked at the connection status on the outlook client to see what servers the client is authenticating to? Also what are your authentication settings set to on your DR servers?

Will.
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 39689900
Well during the DR test, the core switch link is disconnected so practically there is no connection. That is the reason why we hard coded all of the DR site exchange servers with Site-A to resume the mail flow.

And now the DR test has finished, the link back up and running again, the users across the company is now randomly prompted for pop up to type in their credentials? Not all just random people.
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 39689905
Yes the users is prompted in Outlook the first time they open the application.

Service Desk team ask those users to close and re open outlook but somehow the issue still remains, more random people is prompted with credentials pop up ?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39689912
Are the users using Outlook cached mode? Have you treid to re-create the OST file or have your users. Try changing that and seeing if that corrects it.

Will.
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 39691255
Yes they are all using cached mode Exchange Outlook connection.
0
 
LVL 7

Accepted Solution

by:
Senior IT System Engineer earned 0 total points
ID: 39694048
ok, I have fixed the issue by setting the following:

Set-ClientAccessServer -AutoDiscoverSiteScope {AD-Site-A}

Open in new window

0
 
LVL 7

Author Closing Comment

by:Senior IT System Engineer
ID: 39705679
I have found my solution based on the finding that I did myself.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
how to add IIS SMTP to handle application/Scanner relays into office 365.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question