Outlook and Skype for bussiness prompt for credentials after disconnecting VPN

We have a on-premise Lync 2010 environment and have all our account in the o365 cloud. Our Lync dns points to on-prem lync 2010. If a user running outlook and SFB drop vpn and reconnect, outlook and SFB would just reconnect.
But we just recently repointed the DNS from the on-premise lync to SFB clound, since then when a user drops vpn they get the windows credential prompt for outlook and skype.

Any idea why this is happening now and what I can do to suppress this until we finish decommissioning the on-prem environment?
rdefinoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tom CieslikIT EngineerCommented:
It's mean that if outlook have VPN (local) access to Exchange is using self signed certificate so after login through VPN has dirrect access to Exchange.

If outlook will lose VPN conection then is trying to get DNS resolve to External IP so certificate is diffrent because it's public so that's why is loosing credentials and asking for password.

If computer you're trying to connect from is not part of domain it doesn;t have casched server access credential, so it's quite normal.
I have same think. If I try connect my outlook to Exchange when my VPN is OFF then outlook is asking for password but if I try connect when my VPN is on then is not asking for password.

You can try to do this.

You can create in your local DNS additional local lookup zone

Let say your Exchange name is Exchange and external domain is domain.com

In DNS create new 2 forward lookup zones:

exchange.domain.com
(Same as parent Folder)     Host(A)    192.168.1.10    - this will be your local Exchange IP

second zone

autodiscover.domain.com
(Same as parent Folder)     Host(A)    192.168.1.10    - this will be your local Exchange IP

Run Ipconfig /flushdns when you conected to VPN


After that is should be no difference for remote outlook if connection is from inside or outside, It's going to use external name so is external certificate installed and shouldn't ask for password anymore.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Tom CieslikIT EngineerCommented:
Best solution provided. No more other questions from author
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Office 365

From novice to tech pro — start learning today.