Re: Infinite series of login prompts for Outlook Anywhere
- From: Jon Fleming <jonf@xxxxxxxxxxxxxxxxxx>
- Date: 12 May 2009 11:31:01 -0500
OK, I went to GoDaddy and bought a single-domain certificate on which
my SBS server is the only name. And now Outlook Anywhere works from
Outlook 2003!
Outlook 2007 now complains that autodiscover.{domain}.com has a bad
cert, but I suppose I can live with that.
I guess Outlook 2003 wants to see the server's name as the primary
one.
On 11 May 2009 13:28:03 -0500, Jon Fleming <jonf@xxxxxxxxxxxxxxxxxx>
wrote:
Outlook Anywhere is driving me crazy..
SBS 2008 Standard, Swing-migrated from SBS 2003 Standard. I have a
GoDaddy multiple domain certificate issued to ww3.mydomain.com that
also covers mail.mydomain.com, remote.mydomain.com, and
vpn.mydomain.com (in the Subject Alternative Name field).
ww3.mydomain.com is actually a secondary server with a different
public IP than my main server. mail.mydomain.com,
remote.mydomain.com, and vpn.mydomain.com all point to my main server.
I installed the GoDaddy cert on the main server using the SBS wizard
and it is listed as correctly installed ("Trusted"). Outlook Anywhere
is enabled and set to use Basic Authentication.
Most of my users are using Outlook 2003 on XP Pro. I'm using Outlook
2007 on Vista Ultimate. All the users were successfully using RPC over
HTTP on the old server, using the self-signed cert.
I have always been able to connect to my email using Outlook Anywhere.
All the others get an infinite series of login prompts.
I set up a profile (in my Outlook 2007) which is the account of a real
user and tried it and got the same infinite series of login prompts.
Wow, now I can troubleshoot! I tried various things. Eventually I
tried "outlook.exe /rpcdiag" and got the expected dialog box with no
issues indicated ... and the connection worked with only one login
prompt! Since then I can't generate a failure on my system. And all my
users travel a lot, it's hard to get onto their computers to test.
Now I've got profiles set up for three of my users. All of them get
the infinite series of login prompts on their computers. On my
computer all of their profiles connect with only one login prompt.
I haven't installed any certs on any client computers. I've tried
deleting the profiles and recreating them and redownloading the OST
file on several client computers. At
https://testexchangeconnectivity.com/ I get a failure on the Outlook
2003 RPC over HTTP test:
Testing SSL Certificate for validity.
The SSL Certificate failed one or more certificate validation
checks.
Test Steps
Validating certificate name
Successfully validated the certificate name
Additional Details
Found hostname mail.mydomain.com in Certificate Subject Alternative
Name entry
Validating certificate trust
Certificate trust validation failed
Additional Details
The certificate chain has errors, Chain status = PartialChain
ExBPA complains that I haven't set maximum incoming and outgoing
message size, and a few warnings that don't seem relevant. It does
warn of a certificate mismatch for https://{domain}.com, but that's
because I have an A record for *.{domain}.com that points to our web
site on an external host, and I don't want to change that.
Get-ExchangeCertificate in the Exchange Management Shell returns the
expected information from the GoDaddy cert.
I'm almost ready to pay someone to help me fix this. The president and
two others will be at a big trade show next week and are worried about
connectivity; OWA is working and Outlook is working when they're on
the VPN, but the feel much more warm and fuzzy with the ability to use
Outlook any time.
- References:
- Infinite series of login prompts for Outlook Anywhere
- From: Jon Fleming
- Infinite series of login prompts for Outlook Anywhere
- Prev by Date: Re: Should I be able to log on to the local computer?
- Next by Date: Re: internal error 2825
- Previous by thread: Re: Infinite series of login prompts for Outlook Anywhere
- Next by thread: Re: Infinite series of login prompts for Outlook Anywhere
- Index(es):
Relevant Pages
|
Loading
