I've recently finished an Exchange 2007 > 2013 migration. We are on CU9 with two multi-role CAS/Mailbox servers and a third Mailbox-only server. I've migrated public folders successfully and users can access them in Outlook 2013. However, they are always prompted ONCE during each Outlook launch for their username and password when accessing the public folders for the first time. The repeatable steps are:

1) Log in to PC
2) Open Outlook
3) Click Folders > Public Folders
4) Prompt for username/password appears
5) Enter username/password (either as domain\username or with e-mail/UPN - any combination works)
6) Access public folders

I have no idea why the prompt is coming up. You can click "remember password" option and it won't come back until you restart Outlook. It doesn't appear to be an authentication issue, Outlook just isn't automatically passing credentials for some reason.

Any

Hi Paul,

As we know, the public folder database concept is removed from Exchange Server 2013. The public folders are now stored in a new kind of mailbox that is known as the Public Folder mailbox. The Outlook client depends on information that is returned by the AutoDiscover service to access the Public Folder mailbox.

However, by default in exchange 2013 , outlook use RPC over HTTP to connect exchange server both for internal and external, more commonly known as Outlook Anywhere.

The prompted issue is triggered when the setting for Logon network security in the Outlook Profile is set to Anonymous Authentication. This setting cannot be manually changed because Autodiscover will change it back. The cause of this is the configuration settings of Outlook Anywhere.

You can try to run the following commands on all CAS servers and check if any helps:

Set-OutlookAnywhere -Identity <Server>\RPC (Default Web Site) -ExternalHostname <external URL>  -ExternalClientAuthenticationMethod ntlm -ExternalClientsRequireSsl $true -InternalClientAuthenticationMethod ntlm -InternalClientsRequireSsl $true

I also recommend you refer to the following article  :

Users Constantly Prompted for Credentials after Being Migrated to Exchange 2013

Best regards,

Hey Niko,

That solution actually would work (and helped point my in the right direction), but for slightly different reasons than what you describe. Our Outlook Anywhere login setting was configured for Basic external and NTLM internal (Defaults after the 2007 upgrade). However, there were two issues in our environment that combined to produce this problem during each user login:

1. Outlook was missing patches, specifically KB2839517. Among other things, this patch fixed a bug where Outlook 2013 (and 2010/2007) would use the external auth EXHTTP response instead of the internal when connecting to an alternate (shared) mailbox - an Exchange 2013 Public Folder is a shared mailbox technically.
2. We run in a VDI environment with non-persistent desktops, so things like saved passwords in the Credential Manager store are lost after each logout.

Because of issue #1, Outlook was picking up the "Basic" external authentication setting and prompting for a password instead of passing through Windows authentication with NTLM. And because of issue #2, clicking "Remember my password" would only work for that session, not the next one - as soon as the user logged out, they would be prompted again during the next login.

What we actually ended up doing was setting external authentication to Negotiate. Because we aren't accessing any legacy mailboxes (literally everything has been migrated to 2013, including public folders), we didn't run in to the issue you described.

Thanks for the help!