RPC over HTTPS authentication box?

[Troy Bruder]

Hello,

Is there anyway around the "user credentials" popup-box when using Outlook
2003 with RPC over HTTPS??

Thanks,
Troy

 

[neo [mvp outlook]]

None that I am aware of.

 

[Chasy]

None that I am aware of.

neo is correct, due to the nature of HTTPS you can't save passwords. That
would make it unsecure.

thanks,
Chasy

 

[Troy Bruder]

Actually, I was able to figure it out. Here are the settings I'm using and
do NOT have to deal with the authentication dialog box any more:


Connect using SSL only
Mutually authenticate the session when connecting with SSL
Principal name for proxy server: msstd:[url of our owa server]
Use this authentication when connecting to my proxy for exchange server:
NTLM

Troy

 

[neo [mvp outlook]]

Just keep in mind that MS recommends basic authentication because there are
proxy/firewalls that can interfere with NTLM authentication.

Actually, I was able to figure it out. Here are the settings I'm using and
do NOT have to deal with the authentication dialog box any more:


Connect using SSL only
Mutually authenticate the session when connecting with SSL
Principal name for proxy server: msstd:[url of our owa server]
Use this authentication when connecting to my proxy for exchange server:
NTLM

Troy

neo is correct, due to the nature of HTTPS you can't save passwords. That
would make it unsecure.

thanks,
Chasy


--
This posting is provided "AS IS" with no warranties, and confers no rights.
OR if you wish to include a script sample in your post please add "Use of
included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm"

 

[Troy Bruder]

But if we have it working, can I assume that our firewall is "compatible"
and that I'm NOT sacrificing security in any way?

Troy

Just keep in mind that MS recommends basic authentication because there are
proxy/firewalls that can interfere with NTLM authentication.

Actually, I was able to figure it out. Here are the settings I'm using and
do NOT have to deal with the authentication dialog box any more:


Connect using SSL only
Mutually authenticate the session when connecting with SSL
Principal name for proxy server: msstd:[url of our owa server]
Use this authentication when connecting to my proxy for exchange server:
NTLM

Troy

None that I am aware of.

Hello,

Is there anyway around the "user credentials" popup-box when using
Outlook 2003 with RPC over HTTPS??

Thanks,
Troy








neo is correct, due to the nature of HTTPS you can't save passwords. That
would make it unsecure.

thanks,
Chasy


--
This posting is provided "AS IS" with no warranties, and confers no rights.
OR if you wish to include a script sample in your post please add "Use of
included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm"

 

[neo]

Your firewall might be compatible, but you will have no clue what the user
will be behind when they connect at the local starbucks, the nice 4 star
hotel in <name your exotic city here>, or at a client worksite. I would run
with what you have, but if customers call that they can't connect, at least
you will know what to try first to re-establish connectivity.

Oh, NTLM tends to be more secure because your dealing with hashes and not a
base64 of the userid/pass like Basic does.

But if we have it working, can I assume that our firewall is "compatible"
and that I'm NOT sacrificing security in any way?

Troy

Just keep in mind that MS recommends basic authentication because there are
proxy/firewalls that can interfere with NTLM authentication.

Actually, I was able to figure it out. Here are the settings I'm using and
do NOT have to deal with the authentication dialog box any more:


Connect using SSL only
Mutually authenticate the session when connecting with SSL
Principal name for proxy server: msstd:[url of our owa server]
Use this authentication when connecting to my proxy for exchange
server:
NTLM

Troy






None that I am aware of.

Hello,

Is there anyway around the "user credentials" popup-box when using
Outlook 2003 with RPC over HTTPS??

Thanks,
Troy








neo is correct, due to the nature of HTTPS you can't save passwords. That
would make it unsecure.

thanks,
Chasy


--
This posting is provided "AS IS" with no warranties, and confers no
rights.
OR if you wish to include a script sample in your post please add
"Use of
included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm"

 

[Troy Bruder]

Thanks for the feedback Neo.. I hadn't thought about it like that..

Troy

Your firewall might be compatible, but you will have no clue what the user
will be behind when they connect at the local starbucks, the nice 4 star
hotel in <name your exotic city here>, or at a client worksite. I would run
with what you have, but if customers call that they can't connect, at least
you will know what to try first to re-establish connectivity.

Oh, NTLM tends to be more secure because your dealing with hashes and not a
base64 of the userid/pass like Basic does.

But if we have it working, can I assume that our firewall is "compatible"
and that I'm NOT sacrificing security in any way?

Troy

Just keep in mind that MS recommends basic authentication because there are
proxy/firewalls that can interfere with NTLM authentication.

Actually, I was able to figure it out. Here are the settings I'm using
and
do NOT have to deal with the authentication dialog box any more:


Connect using SSL only
Mutually authenticate the session when connecting with SSL
Principal name for proxy server: msstd:[url of our owa server]
Use this authentication when connecting to my proxy for exchange
server:
NTLM

Troy






None that I am aware of.

Hello,

Is there anyway around the "user credentials" popup-box when using
Outlook 2003 with RPC over HTTPS??

Thanks,
Troy








neo is correct, due to the nature of HTTPS you can't save passwords.
That
would make it unsecure.

thanks,
Chasy


--
This posting is provided "AS IS" with no warranties, and confers no
rights.
OR if you wish to include a script sample in your post please add
"Use
of
included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm"

 

[neo [mvp outlook]]

A couple...

1) RPC/HTTP(S) doesn't accept UPN. UserID should be domain\userid
2) (and this is a stab in the dark) some proxy (proxy cache) servers can
interfere with basic auth. (e.g. you have to authenticate to the proxy
server and it is rejecting the credentials.)

Hello,
I have a very similar situation -

I have Integrated Windows authentication and Basic authentication

checked for the RPC directory under IIS on the Exchange Server. For the
client, as recommended by Microsoft, I was using Basic authentication under
Exchange Proxy settings. Each time I tried to connect with these settings, I
would get a pop-up box asking for my password. I would give it the right
password but it would not take it and the box would reappear each time with
the password field blanked out.

I changed the settings (Only on the client) to use NTLM authentication

under Exchange Proxy settings on the client and even though I am prompted
for my password the first time I open Outlook, it does accept my password
and Outlook opens up allowing me to work. Although I am happy that it's
finally working, I fail to understand as to why ONLY NTLM is working and why
Basic Authentication is NOT.

Any thoughts?

Thanks,
Adarsh

Thanks for the feedback Neo.. I hadn't thought about it like that..

Troy

Your firewall might be compatible, but you will have no clue what the user
will be behind when they connect at the local starbucks, the nice 4 star
hotel in <name your exotic city here>, or at a client worksite. I

would
run

with what you have, but if customers call that they can't connect, at least
you will know what to try first to re-establish connectivity.

Oh, NTLM tends to be more secure because your dealing with hashes and

not
a

base64 of the userid/pass like Basic does.

But if we have it working, can I assume that our firewall is "compatible"
and that I'm NOT sacrificing security in any way?

Troy


Just keep in mind that MS recommends basic authentication because there
are
proxy/firewalls that can interfere with NTLM authentication.

Actually, I was able to figure it out. Here are the settings I'm using
and
do NOT have to deal with the authentication dialog box any more:


Connect using SSL only
Mutually authenticate the session when connecting with SSL
Principal name for proxy server: msstd:[url of our owa server]
Use this authentication when connecting to my proxy for exchange
server:
NTLM

Troy






None that I am aware of.

message
Hello,

Is there anyway around the "user credentials" popup-box when using
Outlook 2003 with RPC over HTTPS??

Thanks,
Troy








neo is correct, due to the nature of HTTPS you can't save passwords.
That
would make it unsecure.

thanks,
Chasy


--
This posting is provided "AS IS" with no warranties, and confers no
rights.
OR if you wish to include a script sample in your post please add
"Use
of
included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm"