Setup an Exchange server 2013 (assuming set it up right ), can connect via the domain authentication using the OWA web interface to it, but when logged in to a computer with the domain user on the domain and launch outlook, it finds the account but fails to authenticate at the Log on to Server stage. The computer is part of the domain, and user logs in using domain\username on the computer running the outlook 2010 64 bit. It gives the exchange server random number strings such as fa2s32-xxxxx@domain.com and the mailbox has string =SMTP:username@domain.com I have SMTP running on 587 port for exchange server, is that what could be causing the problem ? Regards

Are you running XP?

Nope. Exchange 2013, AD 2008 and tried outlook 2010 and outlook 2013, it keeps prompting me for my domain login. Not sure if its something to do with autodiscovery or the fact that the domain I am using is an external domain with dns entries with mx records pointing to our old exchange server. But still I am on the same network as the servers and logged in as domain user so this is confusing me, not sure why the authentication prompt keeps coming up, there is no problem using ECP or the OWA web client.

Wanted to update that I can only attach and connect to outlook that is built in account on the exchange server (local account of the exchange server) using server\builtinuserlogin to attach to outlook instead of being able to connect via Domain\username to same mailbox. I am thinking some permissions might not be set right somewhere can someone help me here ? This is just downright frustrating ! Basically a local user on the exchange server and login using that servers login credentials let me connect via outlook :(. update: It would only allow the main local admin account to connect the mailbox i tried by creating new user as admin locally on server but it did not work, also noticed that emails sent via that one account via outlook will not work.. its like a placeholder only so there is no real connection it seems between exchange and the outlook :(.

Try to set authentication to basic in ecp for outlook anywhere. Then restart IIS and check if you can connect. Just to check if it works, settings it to basic auth. will prompt you for credentials once.

Tried that, also note that did a fresh reload of AD and Exchange server VMs ( i mean from scratch). Still same outlook authentication problem. Are there certain ports that I need to forward to my AD ? I have MX record on my internal DNS as well (but i have no real live external DNS working) this is in-house on VM infrastructure internal network test. Going insane at this point. Maybe I will need to go with Exchange 2010 Server instead, since no one from Microsoft seems to be attempting to help me here. AT this point I am close to giving up hope. If anyone is wondering my setup is : VM1 -> AD1 VM2 ->DNS1 VM3 -> DHCP and DNS 2 VM4 -> Exchange 2013 VM5 -> Test Operating system with Outlook 2010 32 bit. All VM's are on same network, and nslookups point to correct ip from the test vm. ECP/OWA via Web Work fine, import export of mailboxes also works, just connectivity from outlook client is the problem and if I cannot get this going what is the point of having Exchange server? None of our clients want to connect via web browser all the time.

Whar are the RPC settings in your Outlook Profile? Are they connecting to the right CAS, negotiation method and certificate?

Hey wanted to update, for some reason even after reboot last night of Exchange server after setting to basic I was not able to connect, i think the profile i was working with was not seeing the change. So today in the morning setup another fake user via ecp and this time on the test VM with outlook 2010 i attempted one more time. It worked but now everytime i launch the outlook it asks for password unless i check the remember option. Now I wish to get the auto setup to work without having the user to enter their password everytime (i think that is because of Basic Auth). I will set it to NTLM on OutlookAnywhere and Negotiate if that does not work at all. I know that Basic is working. PS: I have SSL offloading disabled , shall that be enabled. Also RPC settings where about do I go to find that as well as the CAS server, am thinking its something on the exchange server? Sorry not a certified exchange guru so these are bit new to me. UPDATE: Tried NTML setting with SSL offloading still disabled. And now the outlook client connects without the login prompt window asking them to login. I am not sure why these changes did not work last night but are working now. PS: For the Server address instead of my server.domain.com address its showing some random numbers such as asd2345-124asdag----etc et-c @domain.com << is that typical behavior of exchange 2013 now ? I enabled few disabled accounts on AD last night for example the Mailboxdiscovery one, and healthmailbox account they have anything to do with this working ? Can i safely disable them ?

Sounds great, you can read more about health mailbox here: http://www.expta.com/2012/12/exchange-2013-health-check-monitors-and.html and discovery mailbox here: http://www.howexchangeworks.com/2009/10/discovery-mailbox-in-exchange-2010.html I would leave them active. Regarding the server address, it is working as it should it is default in 2013. Hasan

I will activate the discovery and health mailbox ad account again wanted to see if that had anything to do with this finally working after struggling for close to 3 days and on my weekend :(. Good end to a weekend though :p. Now have to figure out how can i import end users mailboxes custom Rules (rwz files), there are not too many users and if all comes down to manually doing one by one by hand it will be not too bad, but means to do it automatically would be great. PS: for external url when we go live would i have to modify any settings i have already setup the "Specify the external host name such as contoso.com that users will use to connect to your organization:" to the one that this server will be replacing and is currently using and pointed to in our mx (2007 exchange ). I cannot believe that the negotiate authentication setting (default) was causing so much grief. Thanks for the help. Will be doing some imports on Tuesday and see if they go fine and outlook works out of the box !

I would leave them active. By that you mean enable them in active directory ? By default exchange creates them and marks them disabled in AD it seems, does that mean the discover feature is not working ?

Sorry, I would leave them as they are, I meant do not delete them. They are used for audits or search across all mailboxes, not for individual user search. Migrating mail should be very easy, it will also migrate rules. You can do it from the shell or from ecp. Have a look at this for the URLs: http://www.testlabs.se/blog/2012/07/25/exchange-server-2013-preview-part-3-how-to-configure-site-urls-databases-and-outlook-anywhere/ As long as you configure Outlook anywhere, you URLs and your certificate it should be easy to setup. Hasan

Sorry, I would leave them as they are, I meant do not delete them. They are used for audits or search across all mailboxes, not for individual user search. Migrating mail should be very easy, it will also migrate rules. You can do it from the shell or from ecp. Hasan I did export via shell to pst and import via shell as well, but atleast on the OWA web the rules did not show up, will they should up in outlook i do not know but this is what i am doing : For Export: Get-Mailbox -ResultSize Unlimited | Export-Mailbox -PstFolderPath E:\PSTExport -Baditemlimit 100 For Import : foreach ($i in (Get-Mailbox)) { New-MailboxImportRequest -Mailbox $i -FilePath "\\exchange\PSTExport\$($i.Alias).pst" } There is not direct network connection from 2007 exchange and 2013 exchange so have to do offline export and imports.

Hey, I realized that there is a message in outlook for clients wanting to send emails says "MailTips could not be retrieved" checked this out http://blogs.technet.com/b/exchange/archive/2010/01/06/troubleshooting-mailtips.aspx The external mail tips is disabled so enabled this : Set-OrganizationConfig -MailTipsExternalRecipientTipsEnabled $true. But that is only for those who are external clients, should not have anything to do with internal clients. What might be happening here ? My exchange server is not visible to the www via a proper dns but the client i am connecting with is part of the same domain this exchange is on and user is logging in as domain user and has a proper mailbox. Edit: Update, played around and set internal and external urls to be different and made sure NTLM was set for auth. on EWS Virtual Directory also set up autodiscovery to use ntlm too (probably need to use basic / form but will see how it goes after we go live and are accessible via web.)