Solved

Outlook 2010 Exchange 2010 Outlook anywhere password prompt

Posted on 2013-12-18
23
539 Views
Last Modified: 2014-09-22
We have just migrated from Exchange 2003 to Exchange 2010 on Server 2012.
We only have the single server 2003 and now 2010 servers without any proxy etc so its a simple setup..

I’m yet to decommission the old server and all appears to be working fine apart from when an outlook 2010 users use outlook while out of the domain environment they get prompted for a password shortly after opening outlook 2/3 mins. Email still flows but the prompt keeps popping up.

I’ve tried deleting everything in credential manager and also deleting the outlook profile and recreating but with no joy.

Autodiscover is configured and appears to be working fine with a GoDaddy certificate.
Webmail is working fine externally (I’ve changed it so users only enter in their username rather that the domain too)

I’m guessing I’ll have to give you more information so please just let me know what you need to know.
0
Comment
Question by:Glyn Merritt
  • 12
  • 10
23 Comments
 
LVL 9

Expert Comment

by:Sean
ID: 39726721
I am assuming the popup is internally? I have had this happen many many many times with offline address books. Did you move the OAB to the new server? Are permissions correct on the OAB folder on the CAS? are things replicating for the OAB? There are a lot of things that can go wrong with an OAB to cause popups like this. I would first try to manually download the OAB. if you get a password prompt then that is your issue. now narrowing down what the cause of the issue is can be a bit more difficult but you will at least know what is causing the problem. a lot of the time it will be an issue with your OAB virtual directory or permissions on the OAB folder. If it is not your OAB then it seems like something is wrong with autodiscover but i would start with OAB.
0
 
LVL 1

Author Comment

by:Glyn Merritt
ID: 39726869
Hi Zindel1

OAB has moved to the new server but if there is a get command I can run to confirm this that would be hand.

The pop up happens when the laptops are out of the office connecting to exchange over outlookanywhere. Internally they are fine with no popups.

Cheers
G
0
 
LVL 9

Expert Comment

by:Sean
ID: 39726880
On the Tools menu, point to Send/Receive, and then click Download Address Book.

As it is working internally but not externally it sounds more like a authentication issue on one of the virtual directories. I would still try the OAB thing just to be sure but make sure your virtual directories have the correct auth methods.

http://technet.microsoft.com/en-us/library/gg247612%28v=exchg.150%29.aspx
0
 
LVL 1

Author Comment

by:Glyn Merritt
ID: 39727336
I get the feeling that it is the OAB I've disabled we-based distribution downloading of the address book to see if that stops the popups. If the pop up does stop I guess I'll need to start looking at the folders in IIS.
0
 
LVL 9

Expert Comment

by:Sean
ID: 39727351
I would also check to make sure that your OAB URL is not pointed to the exchange 2003 server, or even the internal server name for that matter. It needs to point to mail.domain.com/oab (assuming your using mail.domain.com that is) you will need to run this command in exchange powershell:

get-oabvirtualdirectory
0
 
LVL 1

Author Comment

by:Glyn Merritt
ID: 39727476
I ran get-oabvirtualdirectory and got the expected results for internal and external url's

Turning off the OWB didn't work unfortunately.
0
 
LVL 9

Expert Comment

by:Sean
ID: 39727483
On the external computer can you right click the outlook icon in the bottom right of your computer and select test email auto configuration and uncheck everything but use autodiscover and post the results, you can change the urls if you need to.
0
 
LVL 1

Author Comment

by:Glyn Merritt
ID: 39727512
Interestingly this causes the prompt to appear!

I can only get the autodiscover to complete if I authenticate with domain\username and password, not email address and password.

Do you still want the output?
0
 
LVL 9

Expert Comment

by:Sean
ID: 39727650
No that tells me there is an issue with autodiscover not OAB. I would check your autodiscover virtual directory as well as your autodiscover external url

get-autodiscovervirtualdirectory as well as get-clientaccessserver

make sure both those show correct information.
0
 
LVL 1

Author Comment

by:Glyn Merritt
ID: 39727673
Both show the new server "Exch10"
0
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 39728646
Check your authentication setting on exchange and also try to reset password.
0
Integrate social media with email signatures

Is your company active on social media? Do you also use email signatures? Including social media icons in your email signature is a great way to get fans for free. Let all your email users know you’re on social media quickly and easily, in a single click.

 
LVL 1

Author Comment

by:Glyn Merritt
ID: 39728820
The authentication settings in Exchange for OWA are

Use forms-based authentication

Logon format - User name only

Logon domain: to.local
0
 
LVL 9

Expert Comment

by:Sean
ID: 39729138
if it shows the server name this will not resolve externally. the external autodiscover url needs to be your mail.domain.com
0
 
LVL 1

Author Comment

by:Glyn Merritt
ID: 39729273
My apologies I'm a little confused.

From what I can tell the external domain is ok and is correctly set in the

Server Configuration - Client Access - Server Properties

Outlook Anywhere Tab

External host Name: mail.domain.com

Client authentication NTML
0
 
LVL 1

Author Comment

by:Glyn Merritt
ID: 39729282
The internal and external URL's are also fine in the OWA General tab too.
0
 
LVL 9

Expert Comment

by:Sean
ID: 39729285
Your outlook anywhere might be correct but you need to make sure your autodiscover external URL is able to be resolved externally. If you have your server name for the autodiscover URL then external users will not be able to resolve it.

here is good list of commands:
http://asifgohar.blogspot.com/2013/07/set-exchange-urls-owa-activesync-oab.html
0
 
LVL 1

Author Comment

by:Glyn Merritt
ID: 39729344
I can confirm the A record for our autodiscover is resolving correctly. Autodiscover is working fine from iPads and outlook externally but not for android though.

Having done a bit more googling could this be a result of setting up a http://mail.domain.com  redirect to OWA (https://mail.domain.com/owa)?
0
 
LVL 9

Expert Comment

by:Sean
ID: 39729363
From my experience setting up a redirect doesn't cause this issue but you may need to turn off the require SSL on some of the virtual directories. The autodiscover virtual directory should require ssl and the external URL for the autodiscover service should be using https. I believe you only need to turn the require ssl off on the default website and maybe the OWA page. (someone maybe correct me if i am wrong on that) but its worth a try.
0
 
LVL 1

Author Comment

by:Glyn Merritt
ID: 39731244
Is it possible to confirm the SSL for the directories

Just to confirm it is only happening on the outlook 2010 clients not the 2007....
0
 
LVL 9

Expert Comment

by:Sean
ID: 39731703
this only happens on outlook 2010 and not 2007?

here are the default settings...but if you do the redirect i believe your default website need to have it turned off to do the redirect.

http://technet.microsoft.com/en-us/library/gg247612%28v=exchg.150%29.aspx
0
 
LVL 1

Author Comment

by:Glyn Merritt
ID: 39732185
My apologies the error is happening with Outlook 2007 and 2010.

Ok so I've set the folders to the default in the link provided and resetiis but no joy. If it stop MSExchangeAutodiscoverAppPool in the application pools the popup stops, presumably because I've killed the autodiscover.
0
 
LVL 9

Accepted Solution

by:
Sean earned 500 total points
ID: 39735982
What i would try is to uninstall exchange from your 2003 server if everything else is working properly. I still think something is trying to point to your 2003 server and if you remove exchange from it you might solve the issue by doing that or at least make it obvious as to what the issue is.
0
 
LVL 1

Author Comment

by:Glyn Merritt
ID: 39751153
I've uninstalled Exchange 2003. I have also had to recreate the Offline Address List as it was referring to the old server. Unfortunately I still get the prompt when opening Outlook 2010 externally.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now