Oulook 2007 Vs. Exchange 2010...always asked about login validation...

Status
Not open for further replies.
J

Jungle_men

Hi people,

We are migrating from exchange 2003 to exchange 2010. I moved some mailboxes from the exchange 2003 server to the exchange 2010 server. This users have Outlook 2007, and when they open the Outlook locally (LAN) or externally (WAN using outlookanywhere), always are asked about information login domain\user and password, and there is no check for remember the password, so its a big issue for our users.

The PCs logged to the same domain that is used in Exchange (domainTX.local), and we have the correct SAN certificate with the 4 needed names (serverEXC, serverEXC.domainTX.local, autodiscover.domainTX.es and mail.domainTX.es).

Any suggest about this issue?

thanks in advanced
 
A

AndyD_ [MVP]

So after you enter the credentials, are they connected? And if so, check the connection status for outlook. Is it TCP/IP or HTTPS?
 
J

Jungle_men

Yes, they are connected by TCP/IP (LAN) or HTTPS (WAN), there is no problema about that.

The main question is, if the user logged on the computer with his/her domain (and exchange and mail) name, and we have the certificate...why is always asked about that information?, and why there is no check to remember user/password?...

thanks...
 
J

Jungle_men

We have Exchange 2010 SP1 with IIS7, in Windows 200 R2.

I set kernel authentication as false, but still the same, it ask about authentication...
 
A

Andy_ch

when you remove the exchange proxy settings in outlook, its still prompting for credentials?

Which authentication have you set on your outlook anyhwere configuration? there are no certificates error when you launching outlook?
 
J

Jungle_men

If a remove all the proxy settings configuration, it works ok (well, im working in LAN now...), no credentials are requiered.

I had Basic authentication in the outlook anywhere client configuration (same as in the Outlook anywhere side server configuration). No certificate errors, I think that part its ok...

If I leave the NO proxy setting configuration, as its an Outlook 2007, there will not be autodiscover and outlookanywhere from outside?...no connection to exchange server...???
 
A

Andy_ch

y

es this was only for testing. if you leave no proxy settings, than outlook anywhere were never work. did you've manually configured IIS permissions to directories?

Please tell me your enabled authentication modes in your RPC directory.
 
J

Jungle_men

I didnt configure any IIS permissions on IIS, In the virtual directories are:

- Default Web Site : Anonymous authentication.

- Autodiscover : Anonymous authentication, basic authentication (Challenge- http 401), Windows authentication (Challenge- http 401)

- RPC : Basic Authentication (Challenge- http 401). No kerberos or default domains defined.

Another important clue: In Outlook 2010 there is no problem. No authentication is requiered. In fact, the autodiscover services configures automatically the proxy settings option with all the parameters needed to work...
 
J

Jungle_men

Well, I think that I have an autodiscover issue, because if I go to https://serverEXC/autodiscover/autodiscover.xml, we have an error:

<Autodiscover>
&minus;
<Response>
&minus;
<Error Time=" 13:23:16.1691556" Id=" 940700951" >
<ErrorCode>600</ErrorCode>
<Message>request not valid</Message>
<DebugData/>
</Error>
</Response>
</Autodiscover>

So this would be a point of start to resolve.

We regenerated the Virtual Directory , and then:

[PS] C:\Windows\system32>Set-ClientAccessServer -Identity serverEXC -AutoDiscoverServiceInternalUri " https://serverEXC
..domainTX.local/autodiscover/autodiscover.xml"

But when we launched the Get autodiscover, the urls stay in blank:

[PS] C:\Windows\system32>Get-AutodiscoverVirtualDirectory |f l
RunspaceId : 6d998f40-c6b1-4a00-b9c0-e13603a4af3d
Name : Autodiscover (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
LiveIdSpNegoAuthentication : False
WSSecurityAuthentication : False
LiveIdBasicAuthentication : False
BasicAuthentication : True
DigestAuthentication : False
WindowsAuthentication : True
MetabasePath : IIS://serverEXC.domainTX.local/W3SVC/1/ROOT/Autodiscover
Path : C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Autodiscover
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
Server :serverEXC
InternalUrl :
ExternalUrl :
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=Autodiscover (Default Web Site),CN=HTTP,CN=Protocols,CN=serverEXC,CN=Servers,CN=
Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=MAIL-GRUP
OTEC,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=grupotec,DC=local
Identity : serverEXC\Autodiscover (Default Web Site)
Guid : 9ba8e662-0c68-45f6-af8f-a59589ebabc3
ObjectCategory : domainTX.local/Configuration/Schema/ms-Exch-Auto-Discover-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualDirectory}
WhenChanged : 10/12/2010 12:39:56
WhenCreated : 10/12/2010 12:39:56
WhenChangedUTC : 10/12/2010 11:39:56
WhenCreatedUTC : 10/12/2010 11:39:56
OrganizationId :
OriginatingServer : srv-pdc01.domainTX.local
IsValid : True

Any suggestion?. We have the correct certificate, no certificates issues....
 
Status
Not open for further replies.
Top