Good day everyone,
I ran into this on a call last week, and it looks like an issue , after installing your Exchange 2016 Server into your Exchange 2013 Environment. This is a short article to fix an error where Outlook Anywhere users are prompted for credentials when they try to connect to Exchange Server 2013 or Exchange Server 2016
.If you have a 2010 or 2007 server in the design, this is the kb 2990117
Now on the subject of pop up messages, there are many ways these pop ups are going to come at you. If your using Office 365, even more-so. I put together some material I found from an office 365 issue I had, where there were at least 5 pop ups, when the user logs into the office 365 mail, for the first time. I hope these points may be relevant for you, if you are trying to minimize the pop ups
I found that much of the behavior you are seeing is working as deigned, under certain network circumstances, and the features you are running. There are some things you can do to mitigate these problems. There is a lot here, but I do have solutions to almost all the popups. All but the first one, Pictured below.
First, this certificate is a first time connect, coming from Skype not Outlook. That you will only get once. Once the Creds are Cached, you should not get this again If you choose “always trust this server”.
Second, you may be able to suppress the outlook errors. There is no work around for outlook 2016, but there is for 2010/2013. There is no reason why it should not still be applicable to 2016.
Here is another example of suppressing with GPO:
The best single documentation of your issues is in the link below. Many of the points are various versions of Exchange (Including O365) and Outlook 2016. Feel free to take you want from these discussions:
Some of the highlights would be:
Set Lync not to automatically start when windows logs in. This will allow Outlook to login first, preventing the Lync prompt from occurring
- Remove the Lync Profile, before rolling out the new Office 365 accounts
- Delete the Local XML file and a new one is created when outlook is started, preventing a prompt on login- see post by BILBOSWAGINS
- Upgrade Outlook, there is a newer version- 16.0.6568.2036
- There are a few others in this long discussion
There is also the possibility that your pop ups are coming from a setting in the Load Balancer. The issue is port 80 and port 443 interplay with the load balancer. Here is an example with Kemp:
Finally and third, we have the one issue of the Name mismatch on Outlook 2016. This issue will not be solved by the articles above. This is a literal name miss-match and we have to have the correct named certificate, unless there is a configuration issue. Notice the alert is domain.local. with the name on the certificate is domain.com. IT would seem to me, the SRV record should be created for domain.com and that should fix the certificate issue. Troubleshoot as follows:
The link above shows the process for checking for the SRV record. Once the SRV record is in place, you can remove the A record. (not the host record) but the autodiscover A record. Then your pop up will roll over to an outlook popup, which you can suppress above.
I am sure you are aware the ,local domain is no longer allowed on a public certificate. The other way to fix this used to be to put the domain.local on the certificate. Since that cannot be done any more, you have to change Exchange to only use the public names. The way you do that is documented here- https://blog.digicert.com/replace-internal-names-certificates-part-2/
This is a very nice article, that includes rollbacks
Second, there is a Outlook and Office 365 Tool you can download and run. This tool may shed light on the problems of configuration etc..:
This link supposedly can help you manually create the office 365 profile for mail. Please forgive the reference to reedit, but this is the only documentation I could find that shows Outlook 2016 and auto discover issue-
To conclude, There is really nothing technically incorrect about the popups, but you can make some changes to the systems, to lessen the burden to the end user, to a degree.
I hope this helps.