RE: Problem with Exchange 5.5/NT/Outlook 2k Authentication - URGENT
From: Richard Roddy [MSFT] (rroddy_at_online.microsoft.com)
Date: 05/25/04
- Next message: Richard Roddy [MSFT]: "RE: Changing which server handles outgoing mail"
- Previous message: Richard Roddy [MSFT]: "RE: Alias for an external email adress Exchange 2003"
- In reply to: Nate: "Problem with Exchange 5.5/NT/Outlook 2k Authentication - URGENT"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 25 May 2004 13:26:19 GMT
Here's a stupid question, in the properties of the Outlook profile, in the
Advanced Properties of the Exchange Server settings, what is the security
setting?
Set it to NONE, and the users should always be prompted and should never
try to pass their NT Authentication. That should make it work.
Thanks,
Richard Roddy
Microsoft Exchange Support
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
>Content-Class: urn:content-classes:message
>From: "Nate" <anonymous@discussions.microsoft.com>
>Sender: "Nate" <anonymous@discussions.microsoft.com>
>Subject: Problem with Exchange 5.5/NT/Outlook 2k Authentication - URGENT
>Date: Fri, 21 May 2004 06:44:06 -0700
>Lines: 108
>Message-ID: <1032501c43f39$af74f520$a001280a@phx.gbl>
>
>I also posted this in the domain section under Win NT 4
>
>Ok, this is an odd one and hard to explain so bear with me.
>
>We have several users that are in workgroups and other
>domains that need access to our exchange server. They've
>been using Outlook and just have to type in a valid
>username, domain, and password. It had been working
>fine. All until one day we decided to patch our exchange
>server (win2k) with the latest security patches. When the
>exchange server was rebooted, the users in workgroups
>could no longer get email. After looking through the logs
>it was discovered that the clients were passing the local
>user and machine information instead of the domain
>information typed into outlook. Well, obviously, we
>thought we had a problem with the patches. Once we
>removed all of them and reinstalled SP4, it started
>working again. Of course, now we had a production
>exchange server with absolutely no security holes filled
>in. Everytime we tried to install security patches and
>reboot, it would stop working again. Well, at this point,
>I thought I had a bad Exchange server, corrupt registry or
>something. I built a temporary pdc and built a new
>exchange server in a offline network. I patched it with
>the latest security patches and tested it with a machine
>that was in a workgroup. Outlook worked. So I swapped
>exchange servers. I tested with a machine in a workgroup,
>DID NOT WORK!! AHHHH! Anyways, I decided to go to
>extremes and powered off the PDC...rebooted exchange and
>it machines in a workgroup started working again. Ok, bad
>PDC...so I promoted the BDC, turned off the old pdc, and
>tested with a machine in a workgroup, still worked. I
>then built a new BDC, brought it online, got WINS set up,
>all that stuff. Tested with a workgroup machine, DID NOT
>WORK AGAIN!! I powered off the new BDC and it started
>working again.
>
>I've left the BDC off so that people can work. I'm pretty
>confused on what this could be. I'm pretty sure the
>problem does lie in our domain controllers but I'm not
>sure where to look. I don't see any errors in the logs
>that really point me in the right direction. Here is some
>more info:
>
>(the old pdc is not listed, the promoted pdc now has the
>ip address of the old pdc)
>PDC
>192.168.1.2
>WINS
>DHCP
>
>BDC (local) (turned off for now)
>192.168.70.3
>WINS
>
>BDC (remote)
>192.168.250.2
>WINS
>
>WINS on the bdc's push/pull to the pdc
>
>Exchange
>192.168.1.18
>
>Everything pings everything else ok, no other problems
>that I'm aware of. We do not use any lmhost or host files.
>
>Here is what the Exchange server logs say when someone
>logs in with a machine in a workgroup, when everything is
>working properly:
>
>Successful Network Logon:
> User Name: temp
> Domain: DOMAIN
> Logon ID: (0x0,0x44B2F)
> Logon Type: 3
> Logon Process: NtLmSsp
> Authentication Package: NTLM
> Workstation Name: temppc
>
>Here is what the Exchange server logs when someone tries
>to log into Outlook with a machine in a workgroup. As you
>can see, it reports back the login for the machine, rather
>than the login for Outlook:
>
>The logon to account: administrator
> by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
> from workstation: temppc
> failed. The error code was: 3221225572
>
>Logon Failure:
> Reason: Unknown user name or bad password
> User Name: administrator
> Domain:
> Logon Type: 3
> Logon Process: NtLmSsp
> Authentication Package: NTLM
> Workstation Name: temppc
>
>
>Well, if you've read this far down, I appreciate you
>taking the time to understand my problem (and it's a
>doozy) I also, do appreciate suggestions, ideas, and
>solutions to this. If you have any questions about my
>setup, please don't hesitate to ask. Thanks for the help!
>.
>
>
>
- Next message: Richard Roddy [MSFT]: "RE: Changing which server handles outgoing mail"
- Previous message: Richard Roddy [MSFT]: "RE: Alias for an external email adress Exchange 2003"
- In reply to: Nate: "Problem with Exchange 5.5/NT/Outlook 2k Authentication - URGENT"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
