Solved

Outlook 2010 prompts for password on existing profile when migrating from Exchange 2010 to 2016

Posted on 2016-07-25
5
53 Views
Last Modified: 2016-07-25
We're in the process of testing our new Exchange 2016 server.  Very basic, no DAGs, single server, etc.  We're actually migrating from SBS 2011 (Exchange 2010.)

Mail flow is good, everything is working well, except when we move a mailbox to 2016.  Once it's moved, the user is prompted for a password and can not access their Outlook profile no matter what.  If we build a new profile for this user, then it works fine.  This is for any mailbox we move for testing.

I've been through the following tips/tricks -

- Installed the latest hotfixes for Outlook 2010 to handle internal/external namespaces for Outlook Anywhere and TCP over HTTPS.
- Enabled kernel mode authentication for EWS and autodiscover.
- Changed the default app pool to run against network services.
- Adjusted authentication on both Exchange 2010 and 2016 for NTLM against Autodiscover and EWS in IIS and against "get-outlookanywhere".  
- Loopback check for autodiscover was already disabled.  
- Microsoft Remote Analyzer shows no errors.
- Set-OrganizationConfig -MapiHttpEnabled $false (Tried this, set it back to true later.)

https://localhost/Autodiscover/Autodiscover.xml works fine.  
https://mail.domain.com/Autodiscover/Autodiscover.xml prompts for credentials

Again, the issue is ONLY when we move mailboxes.  I'd rather not recreate profiles on each machine in Outlook but this does work.
0
Comment
Question by:dipersp
  • 2
  • 2
5 Comments
 
LVL 18

Expert Comment

by:suriyaehnop
ID: 41727941
Would try to move another user to exchange 2016. I'm sure you are using exchange 2016 console/powershell to move the user.

One migrated, leave it  for 2 hours suspect AD replication still not complete yet.

List of supported Outlookuclients are supported. Windows clients need Outlook 2010 with KB2965295, Outlook 2013 or Outlook 2016. As for Mac clients, you need Outlook for Mac 2011 or Outlook for Mac for Office 365. Upgrade your clients if needed. You’ll note here that Outlook 2007 was supported for Exchange 2013 but is no longer supported for Exchange 2016
0
 
LVL 15

Accepted Solution

by:
Ivan earned 500 total points
ID: 41728242
0
 
LVL 9

Author Comment

by:dipersp
ID: 41728283
suriyaehnop -

Thanks for the info.  Don't believe it's an Outlook problem (At least in terms of compatibility) because we're able to create a new profile and all is fine.  Left things alone for two hours and no difference.  

Ivan -

Thanks.  Everything I've found says when you're mixed with Ex2010, you need to set things to NTLM.  I looked at your KBs and the first one is for a proxy and Outlook 2013 (Neither of which apply.)  

Second KB also doesn't seem to apply - I checked the profile in Outlook and we're already checked for encrypt data.

Third KB is also for Outlook 2013 or 2016.  We did try disabling Mapi previously to see if it would help, but it did not.  So we've tried Mapi and RPC.  

Fourth KB also doesn't seem to apply.

I'll look more in to the basic authentication.  Here's some of what we were finding re: NTLM -
https://gonjer.com/2016/07/02/outlook-prompts-for-credentials-with-exchange-2010-and-20132016-coexistence/
https://jhmeier.com/2016/03/14/exchange-2016-and-2010-coexistenceoutook-shows-login-promt/
0
 
LVL 9

Author Closing Comment

by:dipersp
ID: 41728297
We have a winner.  All those hours and all I did was change Outlook Anywhere on 2016 to basic.  Came right up and all is well.  THANKS!!!!!!
0
 
LVL 15

Expert Comment

by:Ivan
ID: 41728346
:)
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now