SBS 2008, Exchange 2007 & Outlook 2007...
in [Microsoft Exchange]
|
From: Rich Matheisen [MVP] on 19 Jun 2010 22:00 On Sat, 19 Jun 2010 17:32:38 -0700 (PDT), Mikey <texan767(a)hotmail.com> wrote: [ snip ] >No, it's not a san certificate, does it need to be? >I've heard yes & I've heard no. If buying a san certificate would fix >my problem, I'll do it, but I don't want to buy one & have the same >old problem. No, it doesn't have to be. But if you use the SRV record then Outlook needs a hot-fix if it's not been updated with SP1. http://msexchangeteam.com/archive/2007/09/21/447067.aspx http://support.microsoft.com/kb/940881 If that's all working okay then you may be looking at a mismatch in the authentication methods. How is the Exchange Proxy Settings configured for authentication, and how is the web site configured? If the web site uses only "backic" and Outlook uses NTLM (or vice-versa), well, you'll have problems authenticating. --- Rich Matheisen MCSE+I, Exchange MVP
From: Mikey on 20 Jun 2010 13:03 On Jun 19, 9:00 pm, "Rich Matheisen [MVP]" <richn...(a)rmcons.com.NOSPAM.COM> wrote: > On Sat, 19 Jun 2010 17:32:38 -0700 (PDT), Mikey <texan...(a)hotmail.com> > wrote: > > [ snip ] > > >No, it's not a san certificate, does it need to be? > >I've heard yes & I've heard no. If buying a san certificate would fix > >my problem, I'll do it, but I don't want to buy one & have the same > >old problem. > > No, it doesn't have to be. But if you use the SRV record then Outlook > needs a hot-fix if it's not been updated with SP1. > > http://msexchangeteam.com/archive/2007/09/21/447067.aspxhttp://support.microsoft.com/kb/940881 > > If that's all working okay then you may be looking at a mismatch in > the authentication methods. How is the Exchange Proxy Settings > configured for authentication, and how is the web site configured? If > the web site uses only "backic" and Outlook uses NTLM (or vice-versa), > well, you'll have problems authenticating. > --- > Rich Matheisen > MCSE+I, Exchange MVP Outlook shows as SP2. This is really going to spound stupid, but where can I check the authentication settings? SBS 2008 & Exchange 2007 are quite a bit different than 2003!
From: Rich Matheisen [MVP] on 20 Jun 2010 14:51 On Sun, 20 Jun 2010 10:03:47 -0700 (PDT), Mikey <texan767(a)hotmail.com> wrote: >On Jun 19, 9:00�pm, "Rich Matheisen [MVP]" ><richn...(a)rmcons.com.NOSPAM.COM> wrote: >> On Sat, 19 Jun 2010 17:32:38 -0700 (PDT), Mikey <texan...(a)hotmail.com> >> wrote: >> >> � � � � � � � � � � � � � � � � � � � � [ snip ] >> >> >No, it's not a san certificate, does it need to be? >> >I've heard yes & I've heard no. If buying a san certificate would fix >> >my problem, I'll do it, but I don't want to buy one & have the same >> >old problem. >> >> No, it doesn't have to be. But if you use the SRV record then Outlook >> needs a hot-fix if it's not been updated with SP1. >> >> http://msexchangeteam.com/archive/2007/09/21/447067.aspxhttp://support.microsoft.com/kb/940881 >> >> If that's all working okay then you may be looking at a mismatch in >> the authentication methods. How is the Exchange Proxy Settings >> configured for authentication, and how is the web site configured? If >> the web site uses only "backic" and Outlook uses NTLM (or vice-versa), >> well, you'll have problems authenticating. >> --- >> Rich Matheisen >> MCSE+I, Exchange MVP > >Outlook shows as SP2. Good. >This is really going to spound stupid, but where can I check the >authentication settings? >SBS 2008 & Exchange 2007 are quite a bit different than 2003! No, they're the same. What's different is the way that SBS deals with managing it. get-outlookanywhere is the cmdlet that will show you the authentication settings. Pipe the out put into "fl". --- Rich Matheisen MCSE+I, Exchange MVP
From: Russ SBITS.Biz [SBS-MVP] on 20 Jun 2010 16:48 If the users are getting Prompted for a password remotely and they are not a member of the domain (This is because there is no Cached credentials to use and you have to create one) I f you need instructions I'll try to find them. If the Remote systems are laptops that are configured with http://connect (They shouldn't have an issue because it sets all configuration for you.) if they were joined manually, then go into your RPC over HTTPS Connect settings and select NTLM Authentication instead of Basic and they won't be prompted anymore On the Certificate: Do yourself a Favor buy at least a 3 year Cheapest GoDaddy Cert for remote.yourdomain.com And install it http://sbs.seandaniel.com/2009/02/installing-godaddy-standard-ssl.html (Those instructions are close enough because GoDaddy has changed.) That should fix everything Russ -- Russell Grover - SBITS.Biz [SBS-MVP] MCP, MCPS, MCNPS, SBSC Small Business Server/Computer Support - www.SBITS.Biz BPOS - Microsoft Online Services - www.BPOSMadeEasy.com Easy Redirect to Microsoft's New SBS Public Support Forum - SBSRepair.com "Mikey" <texan767(a)hotmail.com> wrote in message news:8ffd6d34-55d5-4cbb-8aa9-c238ff3d1aa3(a)t10g2000yqg.googlegroups.com... > Sorry for the cross-posting, but I'm hoping someone out there will > have an answer for me. > Last weekend, I completed a migration from a 2003 SBS to a 2008 SBS. A > few glitches here & there, but one of the major problems is users at a > remote office cannot get their email now using Outlook 2007. It worked > fine with Exchange 2003, but not Exchange 2007 - why? > I have been on the Technet forums & last I was told this is not a > certificate error, as these clients are able to connect via OWA with > no problems or any warnings. Blackberries, iPhones, or any other kind > of smart phones have no problems, either. > When users try to open Outlook, they are prompted for a username & > password. I entered domain\username & then was prompted, twice, > something like would I like to allow > autodiscover.exchange.mydomain.xml to configure the settings (can't > remember exactly & can't get message to come up again), but I said > yes, twice & the in the lower right I get an alternating 'trying to > connect' message, followed by a 'disconnected' message. > I created an SRV record & deleted the * (All others) out of my public > DNS records. > When running the Test Email Configuration from one of the clients, I > get the following: > Autodiscover to https://mydomain.com/autodiscover/autodiscover.xml > starting > Autodiscover to https://mydomain.com/autodiscover/autodiscover.xml > FAILED (0x800C8203) > Autodiscover to > https://autodiscover.mydomain.com/autodiscover/autodiscover.xml > starting > Autodiscover to > https://autodiscover.mydomain.com/autodiscover/autodiscover.xml > FAILED (0x800C8203) > Local autodiscover for mydomain.com starting > Local autodiscover for mydomain.com FAILED (0x8004010F) > Redirect check to http://mydomain.com/autodiscover/autodiscover.xml > starting > Redirect check to http://mydomain.com/autodiscover/autodiscover.xml > FAILED (0x80072EE7) > Srv Record lookup for mydomain.com starting > Autodiscover URL redirection to > https://exchange.mydomain.com/autodiscover/autodiscover.xml > Autodiscover to > https://exchange.mydomain.com/autodiscover/autodiscover.xml > starting > Autodiscover to > https://exchange.mydomain.com/autodiscover/autodiscover.xml > succeeded (0x00000000) > Srv Record lookup for mydomain.com succeeded (0x00000000) > > I've been told it's a certificate error & then it's not, that I need a > different 3rd party certificate & then no I don't - what do I need to > get this to work?!?!?
From: Cliff Galiher - MVP on 21 Jun 2010 03:22
Looks like you are getting good advice from Rich and I do believe too many cooks can spoil, but since SBS is a somewhat unique beast, I'd like to jump in. Can you actually post your results from the testexchangeconnectivity website? As Rich said, it actually provides quite a bit of detail, and having a bit of experience setting this up with SBS, I think we can help get you cleared up relatively quickly. -- Cliff Galiher Microsoft has opened the Small Business Server forum on Technet! Check it out! http://social.technet.microsoft.com/Forums/en-us/smallbusinessserver/threads Addicted to newsgroups? Read about the NNTP Bridge for MS Forums. |