Is all your autodiscover information updated? Are the mailboxes in Outlook showing that they are trying to connect to the 2007 side or the 2013 side? Also how did you perform the migration from 200
Is all your autodiscover information updated? Are the mailboxes in Outlook showing that they are trying to connect to the 2007 side or the 2013 side? Also how did you perform the migration from 2007 to 2
Hi,
Please try to clear credential in control pane.
Make sure all Microsoft Exchange services are running on your server.
Try these steps:
1. Go to Control Panel
2. Open Mail
3. Highlight your e-mail account and click on Change
4. Click on More Settings
5. Click on the Security Tab
6. Uncheck "ENCRYPT DATA BETWEEN MICROSOFT OUTLOOK AND MICROSOFT EXCHANGE"
7. Apply and OK.
8. Try to log into Outlook again
In Exchange server, please run the following command to check your certificate settings:
Get-ExchangeCertificate | fl
Best Regards,
David
- Edited by David Wang_Microsoft contingent staff 5 hours 14 minutes ago
AccessRules :Hi,
Please try to clear credential in control pane.
Make sure all Microsoft Exchange services are running on your server.
Try these steps:
1. Go to Control Panel
2. Open Mail
3. Highlight your e-mail account and click on Change
4. Click on More Settings
5. Click on the Security Tab
6. Uncheck "ENCRYPT DATA BETWEEN MICROSOFT OUTLOOK AND MICROSOFT EXCHANGE"
7. Apply and OK.
8. Try to log into Outlook again
In Exchange server, please run the following command to check your certificate settings:
Get-ExchangeCertificate | fl
Best Regards,
David
CertificateDomains : {MBOX-2, MBOX-2.X2.LOCAL}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=MBOX-2
NotAfter : 6/4/2020 4:40:11 PM
NotBefore : 6/4/2015 4:40:11 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 41C4D6C567A5578248D68E0210B64EEC
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=MBOX-2
Thumbprint : 02994BDC34DC4B8629AB7ACB3236E3F11030A4AB
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {WMSvc-MBOX-2}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=WMSvc-MBOX-2
NotAfter : 6/1/2025 4:17:58 PM
NotBefore : 6/4/2015 4:17:58 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 14566098AC6295B44E8D722FE8627FAF
Services : None
Status : Valid
Subject : CN=WMSvc-MBOX-2
Thumbprint : AB58EDEA75C96B40E7C4920EED46F11C069791CC
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=Microsoft Exchange Server Auth Certificate
NotAfter : 5/8/2020 10:00:16 AM
NotBefore : 6/4/2015 10:00:16 AM
PublicKeySize : 2048
RootCAType : None
SerialNumber : 1BD49A236FFD68B74CD2C68E0BDCAE63
Services : SMTP
Status : Valid
Subject : CN=Microsoft Exchange Server Auth Certificate
Thumbprint : D65EFB86D588032425915F2B8BAA6228291365B7
Hi,
Have you executed above steps on outlook side?
I have noticed your certificates are self-signed cert.
what is your outlook version?
Microsoft released the patch to solve outlook connectivity issue when mailbox moved to exchange 2013.
To resolve this issue, please apply the latest Outlook update:
For more detailed information, please refer to official article:
https://support.microsoft.com/en-us/kb/2934750?wa=wsignin1.0
Regards,
David
Hi,
Please try to clear credential in control pane.
Make sure all Microsoft Exchange services are running on your server.
Try these steps:
1. Go to Control Panel
2. Open Mail
3. Highlight your e-mail account and click on Change
4. Click on More Settings
5. Click on the Security Tab
6. Uncheck "ENCRYPT DATA BETWEEN MICROSOFT OUTLOOK AND MICROSOFT EXCHANGE"
7. Apply and OK.
8. Try to log into Outlook again
In Exchange server, please run the following command to check your certificate settings:
Get-ExchangeCertificate | fl
Best Regards,
David
- Edited by David Wang_Microsoft contingent staff Tuesday, June 30, 2015 2:10 AM
Hi,
Please try to clear credential in control pane.
Make sure all Microsoft Exchange services are running on your server.
Try these steps:
1. Go to Control Panel
2. Open Mail
3. Highlight your e-mail account and click on Change
4. Click on More Settings
5. Click on the Security Tab
6. Uncheck "ENCRYPT DATA BETWEEN MICROSOFT OUTLOOK AND MICROSOFT EXCHANGE"
7. Apply and OK.
8. Try to log into Outlook again
In Exchange server, please run the following command to check your certificate settings:
Get-ExchangeCertificate | fl
Best Regards,
David
- Edited by David Wang_Microsoft contingent staff Tuesday, June 30, 2015 2:10 AM
All outlook updates are there with service pack1 for 2013. I also tried about settings. Installed a proper UC CA Cert. I also checked all the settings for exchange, split dns works fine. Still asking for password. When I press cancel it works. but at the botton says need password connect to exchange server.
Thank you
Hi,
Please refer to the below picture to unchecked the highlight option on outlook side .
If it doesnt work,I suggest we can try to re-create a new profile to test.
David
- Can you access everything in Outlook without issues (most concerned about Public Folders)
- What's your Outlook Anywhere Config look like? (Get-OutlookAnywhere | fl server, *auth*, *SSL*
- let's look at your autodiscover config. (Get-ClientAccessServer | fl name, *auto*
- What CU are running Exchange on?
- Can you access everything in Outlook without issues (most concerned about Public Folders)
- What's your Outlook Anywhere Config look like? (Get-OutlookAnywhere | fl server, *auth*, *SSL*
- let's look at your autodiscover config. (Get-ClientAccessServer | fl name, *auto*
- What CU are running Exchange on?
Hi,
Can you provide the screenshot of outlook connection status?
I want to view the failed connection status for further analysis.
In addition,I have found a similar thread for your reference:
https://social.technet.microsoft.com/Forums/exchange/en-US/b9c1664a-a23e-4e7a-ab35-ca985631cc53/exhcnage-2013-migration-user-keep-keeping-prompted-for-credentials?forum=exchangesvrdeploy
Please try to change the authentication methods.
Thanks,
David
Hi,
Can you provide the screenshot of outlook connection status?
I want to view the failed connection status for further analysis.
In addition,I have found a similar thread for your reference:
https://social.technet.microsoft.com/Forums/exchange/en-US/b9c1664a-a23e-4e7a-ab35-ca985631cc53/exhcnage-2013-migration-user-keep-keeping-prompted-for-credentials?forum=exchangesvrdeploy
Please try to change the authentication methods.
Thanks,
David
I discovered a weird thing:
I manually added exchange mailbox by connecting to my 2007 CAS, it picks up my Exchange 2013 MBOX Server as the exchange servers and works well. I am starting to go crazy here. On Exchange CAS 2013. I tried all kinds of settings for Autodiscover and MAPI. Nothing worked.
Hi,
I beleive the password prompt must be for the Public Folder homed at legacy Server as others have mentioned it. I have seen such instances and we will get password prompt and when you hit cancel, it would work normally but would prompt again later.
To over come this permanently, you would need to get rid of the public folders from the 2007 server.
Else as a temporary fix, you can check to set the attribute: msexchhomepublicmdb to NOT SET on the Mailbox Database on the Exchange 2013 Server where the user mailbox is homed at.
To navigate to it, open ADSIEDIT -->> Configuration Partition --> Drill down to the Exchange Mailbox Database and go to the properties.
Let me know if it helps.
Reason:
There is an RPC call to the 2007 Mailbox Server for the Public Folders from the Exchange 2013 users, which 2007 Server will deem it to be unauthenticated. Hence a Trusted Subsystem like another Exchange Server has to requet the data on behalf of the user.
Hence there is another workaround/fix: You would need to enable the Outlook anywhere in Exchange 2007 Server and set the URLs to Exchange 2013 Server.
Set the internalclientauthentication method to NTLM.
Let me know if this helps,
Karthick
- Marked as answer by ABC1234567876 12 hours 40 minutes ago
[IMG]http://i62.tinypic.com/241qsly.png[/IMG]
[IMG]http://i60.tinypic.com/24q5vmc.png[/IMG]
Hi,
I beleive the password prompt must be for the Public Folder homed at legacy Server as others have mentioned it. I have seen such instances and we will get password prompt and when you hit cancel, it would work normally but would prompt again later.
To over come this permanently, you would need to get rid of the public folders from the 2007 server.
Else as a temporary fix, you can check to set the attribute: msexchhomepublicmdb to NOT SET on the Mailbox Database on the Exchange 2013 Server where the user mailbox is homed at.
To navigate to it, open ADSIEDIT -->> Configuration Partition --> Drill down to the Exchange Mailbox Database and go to the properties.
Let me know if it helps.
Reason:
There is an RPC call to the 2007 Mailbox Server for the Public Folders from the Exchange 2013 users, which 2007 Server will deem it to be unauthenticated. Hence a Trusted Subsystem like another Exchange Server has to requet the data on behalf of the user.Hence there is another workaround/fix: You would need to enable the Outlook anywhere in Exchange 2007 Server and set the URLs to Exchange 2013 Server.
Set the internalclientauthentication method to NTLM.
Let me know if this helps,
Karthick
I JUST tried this, I have set to none for all. Still doesnt work. Do I need to restart a service?
Thank you
- Edited by ABC1234567876 18 hours 51 minutes ago
This is what I think you should do... Coexistence really isn't configured the best here. I would do the following in a Maintenance Window:
- Enable Outlook Anywhere on the Exchange 2007 Servers
- Exchange 2013 can proxy Outook Anywhere and EAS to Exchange 2007 (OWA is a redirect) so I would set the OutlookAnywhere Address to your Exchange 2013 namespace.
- Set the AutodiscoverInternalServiceURi on the Exchange 2007 servers to the same URL as the Exchange 2013 Servers and make sure this resolves to Exchange 2013. We want Exchange 2013 to service ALL autodiscover requests for either server.
- Cycle IIS.
This is what I think you should do... Coexistence really isn't configured the best here. I would do the following in a Maintenance Window:
- Enable Outlook Anywhere on the Exchange 2007 Servers
- Exchange 2013 can proxy Outook Anywhere and EAS to Exchange 2007 (OWA is a redirect) so I would set the OutlookAnywhere Address to your Exchange 2013 namespace.
- Set the AutodiscoverInternalServiceURi on the Exchange 2007 servers to the same URL as the Exchange 2013 Servers and make sure this resolves to Exchange 2013. We want Exchange 2013 to service ALL autodiscover requests for either server.
- Cycle IIS.
This is what I think you should do... Coexistence really isn't configured the best here. I would do the following in a Maintenance Window:
- Enable Outlook Anywhere on the Exchange 2007 Servers
- Exchange 2013 can proxy Outook Anywhere and EAS to Exchange 2007 (OWA is a redirect) so I would set the OutlookAnywhere Address to your Exchange 2013 namespace.
- Set the AutodiscoverInternalServiceURi on the Exchange 2007 servers to the same URL as the Exchange 2013 Servers and make sure this resolves to Exchange 2013. We want Exchange 2013 to service ALL autodiscover requests for either server.
- Cycle IIS.
Hi,
I beleive the password prompt must be for the Public Folder homed at legacy Server as others have mentioned it. I have seen such instances and we will get password prompt and when you hit cancel, it would work normally but would prompt again later.
To over come this permanently, you would need to get rid of the public folders from the 2007 server.
Else as a temporary fix, you can check to set the attribute: msexchhomepublicmdb to NOT SET on the Mailbox Database on the Exchange 2013 Server where the user mailbox is homed at.
To navigate to it, open ADSIEDIT -->> Configuration Partition --> Drill down to the Exchange Mailbox Database and go to the properties.
Let me know if it helps.
Reason:
There is an RPC call to the 2007 Mailbox Server for the Public Folders from the Exchange 2013 users, which 2007 Server will deem it to be unauthenticated. Hence a Trusted Subsystem like another Exchange Server has to requet the data on behalf of the user.
Hence there is another workaround/fix: You would need to enable the Outlook anywhere in Exchange 2007 Server and set the URLs to Exchange 2013 Server.
Set the internalclientauthentication method to NTLM.
Let me know if this helps,
Karthick
- Marked as answer by ABC1234567876 Thursday, July 02, 2015 6:47 PM
Hi,
I beleive the password prompt must be for the Public Folder homed at legacy Server as others have mentioned it. I have seen such instances and we will get password prompt and when you hit cancel, it would work normally but would prompt again later.
To over come this permanently, you would need to get rid of the public folders from the 2007 server.
Else as a temporary fix, you can check to set the attribute: msexchhomepublicmdb to NOT SET on the Mailbox Database on the Exchange 2013 Server where the user mailbox is homed at.
To navigate to it, open ADSIEDIT -->> Configuration Partition --> Drill down to the Exchange Mailbox Database and go to the properties.
Let me know if it helps.
Reason:
There is an RPC call to the 2007 Mailbox Server for the Public Folders from the Exchange 2013 users, which 2007 Server will deem it to be unauthenticated. Hence a Trusted Subsystem like another Exchange Server has to requet the data on behalf of the user.
Hence there is another workaround/fix: You would need to enable the Outlook anywhere in Exchange 2007 Server and set the URLs to Exchange 2013 Server.
Set the internalclientauthentication method to NTLM.
Let me know if this helps,
Karthick
- Marked as answer by ABC1234567876 Thursday, July 02, 2015 6:47 PM
- Unmarked as answer by ABC1234567876 14 hours 42 minutes ago
Hi,
I beleive the password prompt must be for the Public Folder homed at legacy Server as others have mentioned it. I have seen such instances and we will get password prompt and when you hit cancel, it would work normally but would prompt again later.
To over come this permanently, you would need to get rid of the public folders from the 2007 server.
Else as a temporary fix, you can check to set the attribute: msexchhomepublicmdb to NOT SET on the Mailbox Database on the Exchange 2013 Server where the user mailbox is homed at.
To navigate to it, open ADSIEDIT -->> Configuration Partition --> Drill down to the Exchange Mailbox Database and go to the properties.
Let me know if it helps.
Reason:
There is an RPC call to the 2007 Mailbox Server for the Public Folders from the Exchange 2013 users, which 2007 Server will deem it to be unauthenticated. Hence a Trusted Subsystem like another Exchange Server has to requet the data on behalf of the user.Hence there is another workaround/fix: You would need to enable the Outlook anywhere in Exchange 2007 Server and set the URLs to Exchange 2013 Server.
Set the internalclientauthentication method to NTLM.
Let me know if this helps,
Karthick
I JUST tried this, I have set to none for all. Still doesnt work. Do I need to restart a service?
Thank you
- Edited by ABC1234567876 Thursday, July 02, 2015 12:37 PM
Hi,
I beleive the password prompt must be for the Public Folder homed at legacy Server as others have mentioned it. I have seen such instances and we will get password prompt and when you hit cancel, it would work normally but would prompt again later.
To over come this permanently, you would need to get rid of the public folders from the 2007 server.
Else as a temporary fix, you can check to set the attribute: msexchhomepublicmdb to NOT SET on the Mailbox Database on the Exchange 2013 Server where the user mailbox is homed at.
To navigate to it, open ADSIEDIT -->> Configuration Partition --> Drill down to the Exchange Mailbox Database and go to the properties.
Let me know if it helps.
Reason:
There is an RPC call to the 2007 Mailbox Server for the Public Folders from the Exchange 2013 users, which 2007 Server will deem it to be unauthenticated. Hence a Trusted Subsystem like another Exchange Server has to requet the data on behalf of the user.Hence there is another workaround/fix: You would need to enable the Outlook anywhere in Exchange 2007 Server and set the URLs to Exchange 2013 Server.
Set the internalclientauthentication method to NTLM.
Let me know if this helps,
Karthick
I JUST tried this, I have set to none for all. Still doesnt work. Do I need to restart a service?
Thank you
- Edited by ABC1234567876 Thursday, July 02, 2015 12:37 PM
Thanks alot your solution worked. I deleted the links for public folders on the datastore and restarted the Information Store Service. This really helped, thanks a millionHi,
I beleive the password prompt must be for the Public Folder homed at legacy Server as others have mentioned it. I have seen such instances and we will get password prompt and when you hit cancel, it would work normally but would prompt again later.
To over come this permanently, you would need to get rid of the public folders from the 2007 server.
Else as a temporary fix, you can check to set the attribute: msexchhomepublicmdb to NOT SET on the Mailbox Database on the Exchange 2013 Server where the user mailbox is homed at.
To navigate to it, open ADSIEDIT -->> Configuration Partition --> Drill down to the Exchange Mailbox Database and go to the properties.
Let me know if it helps.
Reason:
There is an RPC call to the 2007 Mailbox Server for the Public Folders from the Exchange 2013 users, which 2007 Server will deem it to be unauthenticated. Hence a Trusted Subsystem like another Exchange Server has to requet the data on behalf of the user.Hence there is another workaround/fix: You would need to enable the Outlook anywhere in Exchange 2007 Server and set the URLs to Exchange 2013 Server.
Set the internalclientauthentication method to NTLM.
Let me know if this helps,
Karthick
Guys,
Bad news: I started getting the login prompt again. This time it takes the password, and outlook continues to work. But its getting very frustrating for my users to have to enter the password.