Exchange Authentication Prompts from 2013 back to 2007 Public Folders

By July 27, 2016September 11th, 2020Best Practices, Blog, Exchange
Exchange Authentication Prompt screenshot

Are you currently in a hybrid or mixed Exchange environment and getting authentication prompts when accessing Public Folders? I’ve been there too and it’s no fun, here’s how you fix it.

Look at your current OutlookAnywhere config by running the command below. Note your IISAuthenicationMethods

Get-OutlookAnywhere | fl Identity,*auth*

 

Identity                           : EXCHANGE2013\Rpc (Default Web Site)

ExternalClientAuthenticationMethod : Ntlm

InternalClientAuthenticationMethod : Ntlm

IISAuthenticationMethods           : {Ntlm, Basic, Negotiate}

 

Identity                           : EXCHANGE2007\Rpc (Default Web Site)

ExternalClientAuthenticationMethod : Ntlm

InternalClientAuthenticationMethod : Ntlm

IISAuthenticationMethods           : { Ntlm, Basic, Negotiate}

 

Resolution:

Change IISAuthMedthods from  Ntlm, Basic & Negotiate to just Ntlm then restart IIS

Set-OutlookAnywhere -id “EXCHANGE2013\Rpc (Default Web Site)” -IISAuthenticationMethods NTLM

After the changes above are made you should be good, however I have seen provider order present issues as well. To correct the provider order open IIS Manager and click on the Rpc virtual directory. Next open authentication and you should see Windows Authentication is enabled. Click on Windows Authentication and then Providers on the right. In the Providers window you can re-order as desired. You need to ensure consistency with all Client Access Servers and don’t forget your IIS reset.

JS1

Brandon Stuart, PEI

Leave a Reply