Itxx
asked on
Exchange 2016 & 2010 coexistence Outlook credential pop up
Hi there,
I have read many articles about this but I cannot find the solution (I'm probably doing something wrong).
I have follow the Exchange Deployment Assistant.
Situation:
I have coexistence of Exchange 2010 and Exchange 2016.
Installation went fine without any problems.
There are no mailboxes yet on the Exchange 2016 server.
Both Exchange servers are configured using the same URL's for internal and external access. No Split-DNS (should I?)
As soon as I change the DNS record from Exchange 2010 to point to the IP of the new Exchange 2016 our users are getting the Outlook credential prompt asking for domain user and password.
After changing the DNS record I also ran this script on the Exchange 2010 server to remove the Virtual Directory URL's:
After the prompt Outlook usually starts to work like it should. Sometimes the prompt does not go away and a new email profile is required.
I have reconfigured the DNS record and URL's to redirect back to the Exchange 2010 server for now until I can test again.
What I have done:
One of the articles I tried following was: This page and This page
Last night after changing all these settings everything started working for about 30 minutes and then the prompts were back.
It probably has to do something with authentication but I obviously can't find the solution.
Is there an easier way to test this? Would it help to change the hosts file to point to DNS record to the new Exchange 2016 server instead of changing the record for all users? There are around 800 mailboxes so it's hard to test this during working hours.
Thank you !!
I have read many articles about this but I cannot find the solution (I'm probably doing something wrong).
I have follow the Exchange Deployment Assistant.
Situation:
I have coexistence of Exchange 2010 and Exchange 2016.
Installation went fine without any problems.
There are no mailboxes yet on the Exchange 2016 server.
Both Exchange servers are configured using the same URL's for internal and external access. No Split-DNS (should I?)
As soon as I change the DNS record from Exchange 2010 to point to the IP of the new Exchange 2016 our users are getting the Outlook credential prompt asking for domain user and password.
After changing the DNS record I also ran this script on the Exchange 2010 server to remove the Virtual Directory URL's:
$Server = “Exchange2010”
$HTTPS_FQDN = “mail.ourdomain.com”
Get-OWAVirtualDirectory -Server $Server | Set-OWAVirtualDirectory -ExternalURL $null
Get-ECPVirtualDirectory -Server $Server | Set-ECPVirtualDirectory -ExternalURL $null
Get-OABVirtualDirectory -Server $Server | Set-OABVirtualDirectory -ExternalURL $null
Get-ActiveSyncVirtualDirectory -Server $Server | Set-ActiveSyncVirtualDirectory -ExternalURL $null
Get-WebServicesVirtualDirectory -Server $Server | Set-WebServicesVirtualDirectory -ExternalURL $null
Enable-OutlookAnywhere -Server $Server -ClientAuthenticationMethod Basic -SSLOffloading $False -ExternalHostName $HTTPS_FQDN -IISAuthenticationMethods NTLM, BasicAfter the prompt Outlook usually starts to work like it should. Sometimes the prompt does not go away and a new email profile is required.
I have reconfigured the DNS record and URL's to redirect back to the Exchange 2010 server for now until I can test again.
What I have done:
One of the articles I tried following was: This page and This page
- Outlook Anywhere on both servers is set to NTLM
- All arbitration mailboxes have been moved to Exchange 2016
- OAB is assigned to all databases
- IISAuthenticationMethods are set to NTLM and Basic
- Setting the identity of the DefaultAppPool in IIS on both Exchange servers to network service and recycling the pools
- Setting the Windows Authentication providers for RPC & autodiscover to NTLM and Negotiate with NTLM on top
- This goes back to Negotiate first and NTLM as second after 15 to 20 minutes.
Last night after changing all these settings everything started working for about 30 minutes and then the prompts were back.
It probably has to do something with authentication but I obviously can't find the solution.
Is there an easier way to test this? Would it help to change the hosts file to point to DNS record to the new Exchange 2016 server instead of changing the record for all users? There are around 800 mailboxes so it's hard to test this during working hours.
Thank you !!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Valentina,
Have you had the time to check my other question? Thx
Have you had the time to check my other question? Thx
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So I don't have to transfer any DNS records during coexistence and not remove the URL's of the virtual directories?
I have one mailbox residing on the new Exchange 2016 server for testing purposes. I cannot configure it in our LAN network with autodiscover. Outlook finds the mailbox, connects to it but then crashes on olmapi32.dll.
Any ideas?