Remote User Authentication Required?

Email archiving software for Exchange

Moderators: JonathanWatts, richardjm, Robert, Matthew Flatt

Remote User Authentication Required?

Postby SJCAdmin » Tue Nov 23, 2010 10:23 pm

I am having a problem with a remote (laptop) user. The machine is Windows XP/SP2, ESA Outlook Client Add-In 3, and Outlook 2007.

When he is hard wired to the LAN Outlook opens as expected, no problems. When he opens Outlook from home using his broadband connection to the Internet he recieves up to four login prompts requiring authentication to one of the ESA Services (he did not give me a clear indication as to which). We are using Outlook RPC over HTTP(S) with cached mode enabled.

Shouldn't Windows authentication take care of this behind the curtain? I mean, he has never had to manually authenticate to Outlook!

Any Ideas?

Thanx in advance!

Michael
SJCAdmin
 
Posts: 5
Joined: Thu Nov 04, 2010 5:08 pm

Postby Linda Hawksworth » Thu Nov 25, 2010 10:15 am

It will be the UAA Service or the OWA add-in that he is connecting to. How does he connect to Outlook? If he uses Outlook, get him to check that he has the UAA Service URL in his Intranet Zone in his browser settings. If it is via OWA, please send the OWA add-in logs from the server.
Linda Hawksworth
 
Posts: 192
Joined: Mon Jun 25, 2007 11:32 am

Postby Brian Donahue » Wed Dec 15, 2010 4:10 pm

I would imagine to properly troubleshoot this, we would need an HTTP trace from Fiddler. On the local LAN, Windows will transparently pass credentials through the WinInet layer. If the UAAS URL is not in the local intranet zone, for instance if your Windows domain is mycompany.local and your UAAS is mailarchive.mycompany.com, you will have to add the UAAS URL to each computer's Local Intranet zone explicitly or you will be prompted for credentials.

The only reason I can think of for multiple prompts is that you have a web proxy between you and the UAAS, and that proxy does not have power to delegate credentials to the UAAS.

This is all entirely dependent on your network topology, which we know nothing about. I would recommend trying to trace the network activity using Fiddler, and from there you can configure any server inbetween your user and the UAAS so that it can pass credentials.
Brian Donahue
 
Posts: 6668
Joined: Mon Aug 23, 2004 10:48 am


Return to Exchange Server Archiver

Who is online

Users browsing this forum: No registered users and 0 guests