Jason
asked on
Exchange 2010 Terminal Server Constant Credentials Request
Hi,
I've inherited a 2010 Exchange Server in house that hosts a mailbox that has 3 calendars that everybody uses. I'm not sure why but instead of just sharing the calendars to each user, everybody logs into a terminal server and opens outlook 2010 to view the calendar. Users can access the calendars but the problem is that every couple of minutes, outlook is prompting the user for the mailbox credentials. Anybody have any experience with this?
Thanks for looking!
I've inherited a 2010 Exchange Server in house that hosts a mailbox that has 3 calendars that everybody uses. I'm not sure why but instead of just sharing the calendars to each user, everybody logs into a terminal server and opens outlook 2010 to view the calendar. Users can access the calendars but the problem is that every couple of minutes, outlook is prompting the user for the mailbox credentials. Anybody have any experience with this?
Thanks for looking!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You shouldn't be getting Autodiscover prompts - particularly if that is an external site you are seeing in the address.
That suggests that the server isn't configured correctly.
Check the value of this command:
get-clientaccessserver | select identity, autodiscoverserviceinterna luri
Ensure that the host name returned
a. Resolves internally to the Exchange server
b. Has a matching trusted SSL certificate.
Ensure it resolves correctly on the terminal server.
Do you have a trusted SSL certificate on the server? If so, ensure the host name resolves internally via split DNS.
Simon.
That suggests that the server isn't configured correctly.
Check the value of this command:
get-clientaccessserver | select identity, autodiscoverserviceinterna
Ensure that the host name returned
a. Resolves internally to the Exchange server
b. Has a matching trusted SSL certificate.
Ensure it resolves correctly on the terminal server.
Do you have a trusted SSL certificate on the server? If so, ensure the host name resolves internally via split DNS.
Simon.
ASKER
Sorry, I forgot to clarify, the user email is hosted on Appriver but this "Service" account that they share the calendars on, is hosted internally. It is like 1 of 5 mailboxes. So I'm pretty sure it's screwed up because the autodiscovery should point to the exchange server normally but since they have their appriver hosted email configured in outlook along with a secondary mailbox for this "service" account on the local exchange box they have the autodiscovery pointed out to appriver.
ASKER
Identity has two servers listed. Trying to find out what the other one is.
ASKER
So it appears that the second server that shows up in the identities is an old server that wasn't decommissioned properly.
ASKER
So I did an adsi edit and deleted the server that doesn't exist anymore but it still shows up in the get-clientaccess command. Any ideas?
ASKER
It hasn't popped up on my computer today, so it appears to just be on the terminal server now, I believe.
Is there anything different between the workstations and the terminal server that could account for the difference? DNS server configuration on the NIC would be one example.
Simon.
Simon.
ASKER
I'm connecting via the vpn but my dns server is the same, utilizing the DC at 192.168.1.1.
ASKER
Can you tell me how to renew this certificate? It gives me an enrollment error, request contains no certificate template information.
The expired cert is in Personal>Certificates. It's issued to itself, by itself for "server authentication". Exchange server.
The mail.domain.com cert is a godaddy and has been expired since December. I assume they were just updating their SSL certs and stuff for the hosted exchange and left this one to rot. If this is related, why wouldn't they experience the problem a long time ago?
And if this is the cause, why would my laptop not be experiencing the issue? Ugh
The expired cert is in Personal>Certificates. It's issued to itself, by itself for "server authentication". Exchange server.
The mail.domain.com cert is a godaddy and has been expired since December. I assume they were just updating their SSL certs and stuff for the hosted exchange and left this one to rot. If this is related, why wouldn't they experience the problem a long time ago?
And if this is the cause, why would my laptop not be experiencing the issue? Ugh
If everything else is in the cloud - why not push those three mailboxes to the cloud as well? That would allow the server to be removed completely.
To renew the certificate you will need to go through the certificate wizard to generate a new request. Then that request is given to the SSL provider.
As to why it hasn't caused a problem - that is hard to say. A lot of problems with Exchange are caused by SSL certificate trust issues.
The fact that you are connecting over a VPN could be significant, as it could mean the traffic is going somewhere different or behaving in a different way. You really need to using the same connection process to see whether there is anything different.
Simon.
To renew the certificate you will need to go through the certificate wizard to generate a new request. Then that request is given to the SSL provider.
As to why it hasn't caused a problem - that is hard to say. A lot of problems with Exchange are caused by SSL certificate trust issues.
The fact that you are connecting over a VPN could be significant, as it could mean the traffic is going somewhere different or behaving in a different way. You really need to using the same connection process to see whether there is anything different.
Simon.
ASKER
SSL certs were the problem. Updated the expired ones and switched their .local domain to use a FQDN.
ASKER