none
Autodiscover keep asking password when using outlook 2007 to connect to Exchange 2010

    Question

  • Hi Guys,

    We have rolled out Exchange 2010 sp 1 for two months now. Everything went smoothly until today some how the problem just came up. we have user who using outlook 2007 and 2010. Only user who using outlook 2007 get the problem.

    When they open the outlook it will keep asking their password trying to authen to autodiscover server, in result they can still connect to their inbox but can't download the offline address book.

    Please note that all machine is connecting by using outlook anywhere and is not running in domain.

    I have checked with https://www.testexchangeconnectivity.com/ and the autodiscover is working fine. Please see the result below.

     

     

    ExRCA is attempting to test Autodiscover for varut.atthakornpun@zerocorporation.com.
      Autodiscover was tested successfully.
     
    Test Steps
     
    Attempting each method of contacting the Autodiscover service.
      The Autodiscover service was tested successfully.
     
    Test Steps
     
    Attempting to test potential Autodiscover URL https://zerocorporation.com/AutoDiscover/AutoDiscover.xml
      Testing of this potential Autodiscover URL failed.
     
    Test Steps
     
    Attempting to resolve the host name zerocorporation.com in DNS.
      The host name resolved successfully.
     
    Additional Details
      IP addresses returned: 203.210.120.125
    Testing TCP port 443 on host zerocorporation.com to ensure it's listening and open.
      The port was opened successfully.
    Testing the SSL certificate to make sure it's valid.
      The SSL certificate failed one or more certificate validation checks.
     
    Test Steps
    Attempting to test potential Autodiscover URL https://autodiscover.zerocorporation.com/AutoDiscover/AutoDiscover.xml
      Testing of the Autodiscover URL was successful.
     
    Test Steps
     
    Attempting to resolve the host name autodiscover.zerocorporation.com in DNS.
      The host name resolved successfully.
     
    Additional Details
      IP addresses returned: 203.89.252.3
    Testing TCP port 443 on host autodiscover.zerocorporation.com to ensure it's listening and open.
      The port was opened successfully.
    Testing the SSL certificate to make sure it's valid.
      The certificate passed all validation requirements.
     
    Test Steps
     
    ExRCA is attempting to obtain the SSL certificate from remote server autodiscover.zerocorporation.com on port 443.
      ExRCA successfully obtained the remote SSL certificate.
     
    Additional Details
      Remote Certificate Subject: CN=webmail.zerocorporation.com, OU=Exchange, O=Zero Corporation.com, L=Melbourne, S=VIC, C=AU, Issuer: CN=zero-ZEROAD1-CA, DC=zero, DC=internal.
    Validating the certificate name.
      The certificate name was validated successfully.
     
    Additional Details
      Host name autodiscover.zerocorporation.com was found in the Certificate Subject Alternative Name entry.
    Testing the certificate date to confirm the certificate is valid.
      Date validation passed. The certificate hasn't expired.
     
    Additional Details
      The certificate is valid. NotBefore = 8/26/2011 1:47:49 AM, NotAfter = 8/25/2013 1:47:49 AM
    Checking the IIS configuration for client certificate authentication.
      Client certificate authentication wasn't detected.
     
    Additional Details
      Accept/Require Client Certificates isn't configured.
    Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
      ExRCA successfully retrieved Autodiscover settings by sending an Autodiscover POST.
    Wednesday, October 05, 2011 2:05 AM

Answers

  • I got my answer now.

    our testing domain controller accidentally turn on in our office, even all machine is not join the domain and nothing is link to this local domain somehow outlook client is talking to it.

    After turn off the machine all funny problem solve....

    Thursday, October 06, 2011 1:15 AM

All replies

  • Hi,
    I can see that you are using a certificate from your an own Certificate Authority and that you haven't specificed webmail.zerocorporation.com as the first Subject Alternative Name.

    Since the clients is not domain joined, you need to distribute your Root Certicate to them, cause they have to trust the certificate in order to to download the OAB etc. Not having webmail.zerocorporation.com as the Subject Alternative Name is fine for Vista SP1 and later, but if these users is running Windows XP, they will have problem to connect.


    Martina Miskovic - http://www.nic2012.com/
    Wednesday, October 05, 2011 4:18 AM
  • Hi Martina,

    Thank you for your answer, but that is not the case. We have added root certificate to all client and they are all windows 7.

    After i spent more time looking into the issue, the problem only happen with outlook 2007 in this office. We got another branch in India which using outlook 2007 still working fine.

    I have try the test e-mail autoconfiguration over here and get the error '0x80040413'

    Wednesday, October 05, 2011 4:49 AM
  • I would check two things:

    • That access to the CAS Server is not passing a Proxy server (it has to be bypassed)
    • That the users don't have any stored credentials on the computer (CMD: control userpasswords2)

    Martina Miskovic - http://www.nic2012.com/
    Wednesday, October 05, 2011 5:05 AM
  • Hi Martina,

    I have checked the two point you point out. there is no problem with it.

    I also found that in outlook 2010, when I create a new mail with Outlook 2010, I get "MailTips could not be retrieved" above "To..." field.

    Also, I get "Suggestion cannot be provided because free/busy data could not be retrieved" when I try to set up a new meeting

    already check with Test-OutlookWebServices and is all success

    RunspaceId : 485407f9-3267-4e1c-81ce-8ae341ecd8b8

    Id         : 1024

    Type       : Success

    Message    : [EXPR] Successfully contacted the AS service at https://webmail.zerocorporation.com/ews/exchange.asmx. The

                  elapsed time was 109 milliseconds.


    RunspaceId : 485407f9-3267-4e1c-81ce-8ae341ecd8b8

    Id         : 1026

    Type       : Success

    Message    : [EXPR] Successfully contacted the UM service at https://webmail.zerocorporation.com/ews/exchange.asmx. The

                  elapsed time was 31 milliseconds.


    Thursday, October 06, 2011 12:03 AM
  • I got my answer now.

    our testing domain controller accidentally turn on in our office, even all machine is not join the domain and nothing is link to this local domain somehow outlook client is talking to it.

    After turn off the machine all funny problem solve....

    Thursday, October 06, 2011 1:15 AM