Outlook 2010/2007 prompting for authentication with Exchange 2010

So I did the migration of one of our clients from Exchange 2003 to Exchange 2010 and managed to get mailflow and everything working.
One issue that I have not been able to sort out is the Outlook 2010/2007 random authentication prompts.

When opening Outlook, it would sometimes prompt for your username and password (not always) and proceed to open your mail client and able to read your emails.
While working on Outlook, it would prompt for a username and password again, typing in the username and password would make the box disappear, but later return.

Note, this is not for ALL Outlook clients, it's random and no way I can replicate it by doing something. Exchange Proxy is unticked (users are stationary). Checked the connection status, attached are 2 files, 1 before password, 1 after.
Before:
 Before Password
After:
 After Password
LVL 2
fulloutputAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Simon Butler (Sembee)Connect With a Mentor ConsultantCommented:
Sounds like you don't have the URLs configured correctly within Exchange.
You need to correct them to match the SSL certificate. Authentication prompts are also a sign of an SSL certificate issue, such as a name mismatch - basically Outlook cannot cope with the SSL prompt.

Go through my guide here:
http://semb.ee/hostnames

You will need to have a SPLIT DNS system in place.

Simon.
0
 
Sushil SonawaneCommented:
Please check the under IIS on the Exchange server.  Under Autodiscover properties> Directory Security> Authentication Methods> "Integrated Windows Authentication".  must be selected.


Make sure exchange server update with latest service pack and outlook also. You exchange services also started state.

Your exchange installation folder and database and log path folder exclude in antivirus scan.

If still issue is not resolved then please recreate the following directory in iis.


    Autodiscover
    EWS
    RPC
    OAB


The above mention directory authentication method should be Integrated Windows Authentication"
0
 
pcmghouseCommented:
Please check if your clients are getting the correct URLS "test e-mail auto configuration".
May be one of the links is pointing to the wrong place.

Do you have any public folders?

Then we can troubleshoot from there.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
fulloutputAuthor Commented:
I tried running the test email auto config, but it just seems to hang half way through.
Although, what I did see is, the OWA link differs from the one that we actually use externally to access OWA.

The link on test auto config: exchange.domain.com
The link I use to access owa externally: exchange10.domain.com

Would this cause any issues?

Yes, I needed to migrate all public folders as the client uses it extensively.
0
 
hecgomrecCommented:
I think the issue here is with credentials authentications.

Try this:

Opene IIS on the Exchange server and check the following directories under the
default website:
             default web site
             oab
             autodiscover

Under the directory security tab of each of them, click Edit in the Secure
Communications section,  under Client Certificates set to Accept for each of the folders.
Stop an restart IIS.

Post your results.
0
 
fulloutputAuthor Commented:
Hi Simon,

I followed your advice and the random authentication prompts were resolved :) However, to rub salt in my wounds, a smartcard prompt started with some of the users, completely random.
I managed to get it sorted by changing the ssl settings of the default, oab and autodiscover sites to Require Cert, and Ignore.

Thanks,
HS
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.