Forum Discussion
pazzoide76
Aug 13, 2020Brass Contributor
outlook 2010 and 2013 continually asks for password in hybrid environment
Hello, I have implemented a full hybrid solution with an exchange 2016 cu17 server. I created the migexchange.it domain on o365 and synchronized the AD users via AAD connect. The autodiscover reco...
- Aug 19, 2020
pazzoide76 So it all came down to MFA via Security Defaults? That's not the first time I've heard it as I now recall another conversation with a similar issue, not identical, where I actually suggested that. It didn't struck me as a solution this time and I can only blame my six weeks vacation..
harveer singh Good job!
pazzoide76 Please mark the above reply with the solution as "Best response" for future reference.
pazzoide76
Aug 18, 2020Brass Contributor
If it was a badly configured autodiscover problem, why do Outlook 2016 clients work?
The problem occurs with all migrated mailboxesChristianBergstrom
Aug 18, 2020Silver Contributor
pazzoide76 I hear you, just trying to figure stuff out at the same time working 😉
It's difficult to fully understand your config and scenario, I just attached the previous info as I've heard about it before. As for ADAL and your Outlook clients, have you taken this into consideration?
- pazzoide76Aug 18, 2020Brass Contributor
My configuration is composed with exchange 2016 cu17 and a full hybrid has been configured via HCW.
Since at the end of the wizard the warning came out:
HCW8064 The HCW has completed, but was not able to perform the OAuth portion of your Hybrid configuration. If you need features that rely on OAuth, you can try running the HCW again or manually configure OAuth using these manual steps
I used the procedure described in the articlehttps://docs.microsoft.com/en-us/exchange/configure-oauth-authentication-between-exchange-and-exchange-online-organizations-exchange-2013-help?redirectedfrom=MSDN and in my opinion it is this configuration that causes authentication problems with outlook 2010/2013.
Is there a procedure to delete that configuration?
I haven't done anything else.
I repeat in the test environment that I installed over the weekend I did not enable that feature and outlook 2010 and 2013 work.
I have already tried the proposed keys without success.Thank you
Regards
- ChristianBergstromAug 18, 2020Silver Contributor
pazzoide76 Well, as for Outlook 2010 you did see this?
- Modern Authentication is not supported.
- Users use Basic Authentication and may be prompted multiple times for credentials.
And have you also tried AlwaysUseMSOAuthForAutoDiscover? (Outlook 2013+).
I sure someone with more experience from migrations will reply at some point.
Good luck!
- pazzoide76Aug 18, 2020Brass Contributor
At this moment modern authentication is disabled but neither outlook 2010 nor outlook 2013 works with the mailboxes migarted on exchange online.
However I made those registry changes in the 2013 outlook clients and they don't work.
I repeat in the test environment that I installed over the weekend, which is the same as the one that is giving problems, the only difference is that I have not enabled that feature (https://docs.microsoft.com/en-us/exchange/configure-oauth-authentication-between-exchange-and-exchange-online-organizations-exchange-2013-help?redirectedfrom=MSDN) and Outlook 2010 and 2013 are working.