AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of zookeepa1
zookeepa1
 asked on

Ongoing Exchange 2010 to 2013 Migration - Outlook Security POPups

Hi All -

We have a customer in an ongoing migration from Exchange 2010 to Exchange 2013.  With a mixture of Outlook 2010 and 2013 clients.  There are 2 Exchange 2010 servers and 2 Exchange 2013 servers.  End users from day to day with no clear logic receive pop boxes requesting they enter their user names and password....but as some many have stated in the past...putting in username and password does nothing as the pop comes right back.

At first the issue was just with the migrated users however now the Exchange 2010 users are receiving the same security popup.

I've read numerous articles and links about how to address this issue.  Nothing seems to be working...OR I have not implemented the suggested changes correctly.  I have basic command line knowledge so any suggestions please provide step by step instructions.
ExchangeOutlookWindows Server 2012
Avatar of undefined
Last Comment
Guy Lidbetter
8/22/2022 - Mon
Guy Lidbetter
Hi zookeepa,

This sounds like an authentication issue with the outlook connections. Is it everyone receiving popups or only specific users i.e. Outlook 2010 users

Please provide the output for these:
get-outlookprovider
get-autodiscovervirtualdirectory | fl name, *auth*
zookeepa1
ASKER
Hmmm....

[PS] C:\Windows\system32>Get-AutodiscoverVirtualDirectory | fl name, *auth*


Name                          : Autodiscover (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
LiveIdNegotiateAuthentication : False
WSSecurityAuthentication      : True
LiveIdBasicAuthentication     : False
BasicAuthentication           : True
DigestAuthentication          : False
WindowsAuthentication         : True
OAuthAuthentication           : False
AdfsAuthentication            : False

Name                          : Autodiscover (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
LiveIdNegotiateAuthentication : False
WSSecurityAuthentication      : True
LiveIdBasicAuthentication     : False
BasicAuthentication           : True
DigestAuthentication          : False
WindowsAuthentication         : True
OAuthAuthentication           : False
AdfsAuthentication            : False

Name                          : Autodiscover (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
LiveIdNegotiateAuthentication : False
WSSecurityAuthentication      : True
LiveIdBasicAuthentication     : False
BasicAuthentication           : True
DigestAuthentication          : False
WindowsAuthentication         : True
OAuthAuthentication           : True
AdfsAuthentication            : False

Name                          : Autodiscover (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
LiveIdNegotiateAuthentication : False
WSSecurityAuthentication      : True
LiveIdBasicAuthentication     : False
BasicAuthentication           : True
DigestAuthentication          : False
WindowsAuthentication         : True
OAuthAuthentication           : True
AdfsAuthentication            : False
zookeepa1
ASKER
[PS] C:\Windows\system32>Get-OutlookProvider

Name                          Server                        CertPrincipalName             TTL
----                          ------                        -----------------             ---
EXCH                                                                                      1
EXPR                                                                                      1
WEB                                                                                       1


[PS] C:\Windows\system32>
Your help has saved me hundreds of hours of internet surfing.
fblack61
Guy Lidbetter
Can you confirm the autodiscover records are going to the 2013 CAS boxes?

And could you confirm the scope of affected users? Client type etc... or is it just everyone?
zookeepa1
ASKER
autodiscover is pointed to the 2013 CAS server.
The clients impacted are both migrated and non-migrated users (everyone).

Thoughts?
Should the Get-OutlookProvider be blank?
Will Szymkowski
For a user that is running into this issue can you try the following..
- hold ctrl+right click the Outlook icon in the system tray
- select connection status
- check to see what servers the client is making a connection to
- also run the Test Email Auto Config as well for the client to see what virtual directories it is using to get Exchange data

I have seen this issue a lot when users that have been migrated from 2010 to 2013 and they are connecting to 2010 for public folders. Again check the authentication types on your virtual directories as well.

Will.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
zookeepa1
ASKER
Hi Will -

Yes...there is one 2010 Exchange server with public folders.
zookeepa1
ASKER
Any other thoughts?  We have 3rd party SSL certs installed.  At the present migrated and new users are only using the store on one of the 2013 exchange servers.

Will is correct in that the migrated clients are connecting to the 2010 server to access public folders.  I was under the impression the Public folders should migrated after the users.
ASKER CERTIFIED SOLUTION
Guy Lidbetter
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
zulea
We just finished our 2010 to 2013 migration. While the 2010 box was still running with Public folders on it we too had this pop up security box. It only went away once the public folders had been migrated and the server decommissioned. I spent weeks trying to find good info on migrating the public folders and finishing this quickly. There are errors in almost every document I found out there.
My best advice would be to just finish the migration of users and public folders then shutdown the 2010 boxes for a week to make sure they are done. Then remove them.
Note: Public folders with contacts or calendar items cannot be viewed over OWA.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
zookeepa1
ASKER
Thanks Guy -

That link seems to be promising.  I'm heading into the client's office today and will dig in and provide an update later.

Zulea - Thanks...not what I wanted to hear but you may be right.
zookeepa1
ASKER
This link did it for me...not sure if it was the wording or the examples.  But this drove home the changes that I needed to make.  - THANKS!
Guy Lidbetter
Great to hear it's resolved!

Happy to help!
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent