We are working on installing a new Exchange 2013 environment.
Exchange 2013 SP1 Standard has been installed and then upgraded to CU7. It is a single box for the CAS and MB roles. It is running Windows Server 2012 R2.
The domain and forest are in 2003 native mode, all domain controllers are running 2003 SP2 to meet the minimums. Errors logs have been evaluated, DCDIAG runs on all DCs with no errors and repadmin is showing replication is error free.
We have a mixture of XP (service pack 3) and Windows 7 Clients. Both are running Microsoft Office Professional Plus 2010
Outlook Version 14.0.6023.1000 (32-bit). The Windows 7 clients open Outlook normally and are not prompted for credentials. Windows XP clients are prompted for credentials once, each time they launch Outlook. This is our problem we need to
fix.
Clients under both Windows 7 and XP have no problem setting up the initial profile. It finds the autodiscover quickly and configures the profile.
Because we have separate internal and external domain names (cofm.com and mab.com) we purchased a SAN certificate from GoDaddy. It contains the following:
exchange.cofm.com (this is the cn)
autodiscover.cofm.com
exchange.mab.com
autodiscover.mab.com
OWA works fine under either https://exchange.cofm.com or https://exchange.mab.com. Our users with Apple iPhones, Android and Windows phones have no problem creating connections to activesync.
Under the outlook clients, it doesn't seem to matter if we have selected cached exchange mode or not. We have changed the "Logon Network Security" to use Negotiate Authentication or Password Authentication (NTLM) and it doesn't seem to matter. Under the connection status it shows HTTP for Directory and Mail connections.
If we "Test E-mail Autoconfiguration" it connects using the credentials we provide and no errors seem to show up in the XML results.
None of the permissions on the default virtual directories differs from "https://technet.microsoft.com/en-us/library/gg247612(v=exchg.150).aspx"
Any thoughts?
Again...the authentication prompt only occurs with our Windows XP clients running the Outlook 2010...not the Windows 7 clients. Switching the clients to Windows 7 or later is not in the budget atm.