Outlook Anywhere - Outlook prompts for password when opened

Hey,

We've setup Outlook Anywhere for our non-domain joined external users.  During the initial Outlook profile creation, Autodiscover works as expected by finding the relevant info.

However, everytime Outlook is closed and re-opened, it prompts for their credentials in a normal 'Windows Security' dialog.  I need to prevent this prompt.

Firewall is Windows Server 2008 R2 with TMG 2010 using the Exchange publishing wizard for Outlook Anywhere (using Kerberos delegation - Kerberos is configured internally)
Exchange server is Windows Server 2008 R2 with Exchange 2010 SP3
Remote Outlook clients are a mixture of Windows XP/7/8/10 with Outlook 2007/2010/2013

My personal test machine at home is Windows 10 with Outlook 2013.

Exchange server is setup for NTLM for Outlook Anywhere and the TMG publishing rule comes back as all green ticks when testing the rule.

Both mail.domain.com and autodiscover.domain.com are in the TMG publishing rule.

  • Edited by Lanky Doodle Friday, September 04, 2015 11:49 AM
September 4th, 2015 10:38am

We have a proper UC/SAN certificate from a trusted CA (DigiCert).  The common name is domain.com, which is the same as the value in the msstd: box in Outlook.

Despite the fact the Outlook profile has the username/password, TMG is discarding the initial request because it's not authenticated.

This is how Outlook gets configured:



  • Edited by Lanky Doodle Friday, September 04, 2015 11:24 AM
Free Windows Admin Tool Kit Click here and download it now
September 4th, 2015 10:43am

Are you enabling anonymous connections on TMG?  The connection is anonymous until it gets authenticated, so this may be necessary.
September 4th, 2015 1:05pm

How would I do that, while still have NTLM/Basic auth available?

I think you're right by the way, as I can see the initial request is denied in TMG, then the credentials prompt appears, then it's accepted in TMG.

Free Windows Admin Tool Kit Click here and download it now
September 4th, 2015 2:05pm

First, I'd go through the following Exchange Server Pro article and ensure you have things configured according to its recommendations:  http://exchangeserverpro.com/how-to-configure-exchange-server-2010-outlook-anywhere/  Once done, check your system and see if you still get the credential prompt.
September 4th, 2015 2:15pm

Hi Lanky,

Thank you for your question.

In the fourth snapshot which you post, please click Users table and make sure All Users has been added. Then check if the issue persist.

There are the following links for us to refer:

http://blogs.technet.com/b/exchange/archive/2012/11/21/publishing-exchange-server-2013-using-tmg.aspx 

https://social.technet.microsoft.com/Forums/forefront/en-US/36ddabce-53db-4339-826b-3e3e97a0bd20/publishing-outlook-anywhere-using-ntlm-authentication-with-forefront-tmg?forum=Forefrontedgegeneral

If there are any questions regarding this issue, please be free to let me know.

Best Regard,

Jim
Free Windows Admin Tool Kit Click here and download it now
September 7th, 2015 3:06am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics