Exchange 2013 Migration, possibility to proceed with "NTLM" authentication in Outlook Anywhere

I m in the migration process of exchange 2010 (SP3 RU5) to exchange 2013 (sp1). 

Following "Exchange Server Deployment Assistant" of technet. 

Just completed installation of MBX2013 and CAS2013 servers on same subnet and configured virtual directories and installed certificates. 

Not yet moved the arbitration mailbox. 

Outlook anywhere has already enabled with "NTLM" authentication for all Outlook users .

Deployment Assistance advised to run bellow command in step of "Enable and Configure Outlook anywhere". 

Enable-OutlookAnywhere -ClientAuthenticationMethod Basic -IISAuthenticationMethods NTLM, Basic.

This will impact to experience of all  outlook users, which they will prompt password when open outlook. And cannot accepted by our environment. 


I need to get your advice on, 

1. Can i proceed migration with NTLM authentication? 

2. What sort of Issue can be expected and solutions? 




September 4th, 2015 4:12am

Why only Exchange 2013 SP1? That is already very old. If you are doing a migration to a new version then you should really be using Exchange 2013 CU9. I would upgrade the server to begin with.

The command that you have posted should not cause clients to get authentication prompts because it is enabling both basic and NTLM authentication. However you shouldn't have any problems if you want to force NTLM authentication internally. Externally might be a different matter as that authentication type can be broken by some firewalls.

Simon.

Free Windows Admin Tool Kit Click here and download it now
September 4th, 2015 12:49pm
To second what Simon said regarding SP1, you should definitely consider applying CU9 before you start migrating users.  earlier CU's had some issues with duplicate folders getting created in user mailboxes prior to CU9.  CU9 supposedly resolves those issues.
September 4th, 2015 1:53pm

Hi,

Generally, in Exchange 2013 coexistence environment, please make sure that when you enable Outlook Anywhere on the Client Access Server, choose NTLM for IIS authentication. Finally, configure the Outlook Anywhere external host name to point to the Exchange 2013 Outlook Anywhere host name.

https://technet.microsoft.com/en-us/library/Bb123741%28v=EXCHG.150%29.aspx?f=255&MSPPError=-2147217396#coexistence

Please check your Outlook Anywhere configuration in your environment:

Get-OutlookAnywhere | fl Identity,*auth*,*host*

Additionally, please refer to the following KB to configure your Outlook Anywhere:

https://support.microsoft.com/en-us/kb/2834139

Regards,

Free Windows Admin Tool Kit Click here and download it now
September 6th, 2015 10:54pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics