I use Exchange Server 2007 sp1 RollUp 6 installedon Windows Server 2008. I need to use Outlook Anywhere from non-domain computers. I test Outlook Anywhere with Basic and NTLM Authenticationand all works fine. But when I use NTLM authentucation, Outlook promt user credential every time when it start, even "remember password" was checked. The login and password are remembered in the network password of user, but Outlook prompt password again and again, when it starts. Exchange published by 443 port directly (without any listeners)!When I connect by VPN, and use TCP/IP connection to the server, Outlook remeber password withoun any problems, and did not ask password again. get-OutlookAnywhere: ServerName : SRVEXCH2SSLOffloading : FalseExternalHostname : mail.my_domain.ruClientAuthenticationMethod : NtlmIISAuthenticationMethods : {Ntlm}MetabasePath : IIS://srvexch2.net.local/W3SVC/1/ROOT/RpcPath : C:\Windows\System32\RpcProxyServer : SRVEXCH2AdminDisplayName :ExchangeVersion : 0.1 (8.0.535.0)Name : srvexch2DistinguishedName : CN=srvexch2,CN=HTTP,CN=Protocols,CN=SRVEXCH2,CN=Servers,CN=Exchange Administrative Group ( FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=S ervices,CN=Configuration,DC=net,DC=localIdentity : SRVEXCH2\srvexch2Guid : 2c24f11b-852c-4948-b236-3f37d071d500ObjectCategory : net.local/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-DirectoryObjectClass : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}WhenChanged : 18.02.2009 14:17:55WhenCreated : 17.02.2009 14:53:36OriginatingServer : dc1.net.localIsValid : TrueI have tried this cases, but they have not helped for this issue:1) Disable kernel mode authentication with this command: %systemroot%\system32\inetsrv\AppCmd.exe set config /section:system.webServer/security/authentication/windowsAuthentication /useKernelMode:false, I also have unchecked Kernel mode authentication in the properties of Windows Authentication for Default Web site, \Rpc and \Autodiscovery virtual directories.2) Modify this registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa lmcompatibilitylevel=3 and 2.3) Set NTLM instead of Kerberos on the security tab in the properties of Outlook.4) Install domain controller and global catalog roles on the Exchange Server.Somebody have any solution for this issue? May be Outlook Anywhere and NTLM do not work at all?

Hi Sergey Erin,A few Weeks ago i had the same problem. You Must do the Following:DSProxy and IPv6 If you're in a multi-server scenario where the RPCProxy is not on the same server as the Mailbox, then you need to do the following: Unselect IPv6 from the properties of your NIC (on the RPC-over-HTTP Proxy machine); that will force the RPC-over-HTTP Proxy to use IPv4 to talk to Exchange and everything will be fine. In most cases, this step suffices. If it does not, continue with steps 2 and 3. Under the regkey HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters, add a 32 bit DWORD with the name DisabledComponents and value 0xFF Reboot the machine If you're in a single-server scenario where the RPCProxy and Mailbox are on the same machine, then the above does not work since the loopback interface still uses IPv6. In this case, you need to make the following changes in the system32\drivers\etc\hosts file: Comment out the line ":::1 localhost" Add the following two lines: <IPv4 address> <hostname of the computer> <IPv4 address> <FQDN of the computer> For more Information this is the Linkhttp://msexchangeteam.com/archive/2008/06/20/449053.aspxHope this Help. Regards.Jose Osorio R.

I know about problem with IPv6 and DsProxy. I have disabled IPv6, many times ago (RPCPING respons on 6001, 6002 and 6004 ports without any problem). Outlook Anywhere work with basic and with NTLM authentication. I have only one problem, Outlook ask password, when it start, even I use NTLM authentication with "save password" option checked. Jose Osorio R., are you have tuned Exchange, that Outlook Anywhere do not ask password, when it starts from non-domain computers?I am interested, somebody made this?

Is autodiscover.yourdomain.ru configured properly? I saw this once with a customer that had a wildcard cert in dns. We hadn't yet configured autodiscover but it was still pointing to the server?"For non domain joined clients or clients that are not able to directly access the domain, Outlook is hard coded to find the Autodiscover end point by looking up either https://company.com/Autodiscover/Autodiscover.xml or https://Autodiscover.company.com/Autodiscover/Autodiscover.xml (where company.com is the portion of the users SMTP address following the @ sign)."http://msexchangeteam.com/archive/2007/04/30/438249.aspx

Hi,I suggest that we save passwords by using following method on the client: 1. Run control userpasswords22. Under Advanced tab, click Manage Passwords3. Please add following entry: Log on to: *.domainname (such as *.microsoft.com)Username: domain\usernamePassword: password Then, please restart the client to check whether we still need to provide password when log on Outlook. ThanksAllen

Have you also seen this: You must provide Windows account credentials when you connect to Exchange Server 2003 by using the Outlook 2003 RPC over HTTP featurehttp://support.microsoft.com/kb/820281 1. Click Start, click Run, type regedit in the Open box, and then press ENTER. 2. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ 3. In the right pane, double-click lmcompatibilitylevel. 4. In the Value data box, type a value of 2 or 3 that is appropriate for your environment, and then click OK. 5. Quit Registry Editor. 6. Restart your computer. LmCompatibilityLevel settings The LmCompatibilityLevel registry entry can be configured with the following values: LmCompatibilityLevel value of 0: Send LAN Manager (LM) response and NTLM response; never use NTLM version 2 (NTLMv2) session security. Clients use LM and NTLM authentication, and never use NTLMv2 session security; domain controllers accept LM, NTLM, and NTLMv2 authentication. LmCompatibilityLevel value of 1: Use NTLMv2 session security, if negotiated. Clients use LM and NTLM authentication, and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication. LmCompatibilityLevel value of 2: Send NTLM response only. Clients use only NTLM authentication, and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication. LmCompatibilityLevel value of 3: Send NTLMv2 response only. Clients use NTLMv2 authentication, and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication. LmCompatibilityLevel value of 4: (Server Only) - Domain controllers refuse LM responses. Clients use NTLM authentication, and use NTLMv2 session security if the server supports it; domain controllers refuse LM authentication, and accept NTLM and NTLMv2 authentication. LmCompatibilityLevel value of 5: (Server Only) - Domain controllers refuse LM and NTLM responses, and accept only NTLMv2 responses. Clients use NTLMv2 authentication, use NTLMv2 session security if the server supports it; domain controllers refuse NTLM and LM authentication, and accept only NTLMv2 authentication. Mike Crowley: MCT, MCSE, MCTS, MCITP: Enterprise Administrator / Messaging Administrator

This solution help for me:http://social.technet.microsoft.com/Forums/en-US/exchangesvrclients/thread/bc67310e-8133-4b77-be3b-380f0b0b4184