Authentication differences? (Full Version)

All Forums >> [Microsoft Exchange 2000] >> Migration


gkneale -> Authentication differences? (19.Apr.2002 1:10:00 AM)

Have a migration in progress from EX55 to EX2K with half the users on each system. Most users have Windows 98 and Office 97 and do not log on to the domain. The local Windows account information mimics (but is not sync'ed with) the domain account.

For those mailboxes on the EX55 server, Outlook opens up their mailbox without prompting for a username. After moving their mailbox, opening Outlook prompts for account info.

Any suggestions would be appreciated. Thanks in advance.

ryan_coates -> RE: Authentication differences? (28.Apr.2005 10:37:00 PM)

Was this issue ever resolved? I am having the same problem.

marcn -> RE: Authentication differences? (29.Apr.2005 2:02:00 PM)

The difference is the type of connection being made (named pipes vs. TCP endpoint). The default binding order says that outlook will try a TCP/IP connection first. If that fails because the LSA doesn't have a TCP/IP endpoint, it falls back to named pipes (which automatically uses the logged on credentials regardless of Outlook auth setting). Thats basically what is happening when they logon to 5.5. Now why its different on the 2000 server could be a few things, you'd really need a netmon to tell. I do have a few ideas though.

1) The 2000 server is referring us to a DC that actually has an LSA Endpoint mapped. If outlook credentials are set to none, it will prompt us to logon at that point.
2) We're trying to use named pipes against the 2000 server but the GC has restrictanonymous set too high and authentication is failing.

I'd lean towards the first explanation. If that is the case you may be able to fix this by changing outlooks authentication setting to use network logon credentials.

Page: [1]