In this article we will try the top solutions to see if it resolves error i.e. Outlook prompts for credentials with Exchange 2010 and 2013/2016 coexistence.
Check the below points to troubleshoot this issue:
- Public Folder authentication errors with Outlook Anywhere
- Enable Kernerl-Mode authentication for EWS and Autodiscover
- Set CertPrincipalName for OutlookProvider settings
You can try this command:
Set-OutlookProvider -Identity EXCH -CertPrincipalName msstd:*.contoso.com
Change the default Application Pool run account to ‘Network Service’.
You can check the RPC over HTTPS settings in Outlook,
When you checking this and see “Basic Authentication”, you can change this to “NTLM authentication”, then re-start the outlook, then enter the password and if this works then this means that the authentication mismatch between Exchange servers is the issue.
Run the command:
Get-OutlookAnywhere | fl
Look for “ExternalClientAuthenticationMethod” this should be set to NTLM, instead of Basic.
You will also need to go to IIS Manager on the Exchange 2010 server and then drill down to the “RPC” virtual directory and click on “Authentication” Under here Windows Authentication (i.e. NTLM) was not set. To correct it you have to click Enable, then on the right hand side click “Providers…” and move NTLM to the top of the list above “Negotiate” Save these settings.
Restart IIS on the Exchange 2010 server.
Move Arbitration mailboxes and verify OAB.
This is the first thing you do when setting up coexistence Exchange
Get-Mailbox -Arbitration | New-MoveRequest -TargetDatabase 'MDB01'
Run the following command to assign the correct OAB for all databases:
Get-MailboxDatabase -Server Exchange2010 | Set-MailboxDatabase -OfflineAddressBook 'Default Offline Address Book (2013)'
Conclusion:
You have to verify that you have moved all the Arbitration Mailboxes to the new Exchange servers.
Check and verify the Windows Authentication Providers settings are correct and the correct OAB is used for every Mailbox Database.
Verify Outlook Anywhere is configured correctly use below command:
Get-OutlookAnywhere | Select-Object -Property SSLOffloading,ExternalHostname,InternalHostname,ExternalClientAuthenticationMethod,
InternalClientAuthenticationMethod,IISAuthenticationMethods
I hope the above methods helps anyone who facing problems with credential prompts in Outlook.