Hi,
I have a 3 node Exchange 2013 (CU1) with a CAS Server and 2 node (MBX Servers) DAG which has been working fine for well over 8 months but during some Office 365 Preparation work, I noticed that Outlook clients (INTERNALLY only) were continually prompting for credentials (that were subsequently not accepted), to log onto their Exchange mailboxes.
The security settings on the Outlook Anywhere settings have definitely changed to Anonymous Logon (were using "Negotiate Authentication") but even when I run powershell commands below
Set-OutlookAnywhere -Identity “<Server>\RPC (Default Web Site)” -InternalClientAuthenticationMethod ntlm -InternalClientsRequireSsl $true
to change the settings to NTLM and then try and create a new profile, the name is resolved OK but the mailbox is not added to the profile (the credentials are requested but not accepted and cancelling the request, results in the error about Exchange not being available).
Just not clear what has changed . I only added the External domain to Office 365 Portal and added external DNS records (autodiscover.outlook.com& msoid), set up ADFS server and UPN suffix for external domain) and after some time, my Outlook clients could no longer connect .
I still have my old Exchange 2010 Exchange available and when I have migrated a test account back, Outlook connects fine to that mailbox.
WSUS updates have been applied to the Exchange 2013 nodes (although not around the time, the problem occurred) and I'm wondering whether I should look at restoring snaphot of the 2013 CAS ?
John Philipson