After migrating to Exchange 2013 and/or 2016, and still having a couple of Microsoft Outlook 2007 installations left, the following issue started popping up: as soon as users launch their Outlook 2007 (while already being migrated to Exchange 2013/2016), they were always prompted for their Logon Credentials, though Remember my password has been checked:
System requirements for Exchange 2016 (as per Exchange 2016 system requirements):
Exchange 2016 and Exchange Online support the following versions of Outlook:
- Outlook 2016
- Outlook 2013
- Outlook 2010 with KB2965295
- Outlook for Mac for Office 365
- Outlook for Mac 2011
Outlook clients earlier than Outlook 2010 are not supported. Email clients on Mac operating systems that require DAV, such as Entourage 2008 for Mac RTM and Entourage 2004, are not supported.
Well, that's quite annoying, as it looks like Microsoft Outlook 2007 is not supported with Exchange 2016. But with my environment it still seems to work if you are able to set it up just like I did.
My setup consisted of:
- Microsoft Outlook 2007 has been freshly installed
- Microsoft Outlook 2007 SP3 has been installed
- Microsoft Outlook 2007 Update KB2687404 has been installed
- I did not install any other updates provided by our internal WSUS server and just ignored them
With my initial launch of Microsoft Outlook 2007 I let Autodiscover handle the automatic configuration of my Outlook 2007 client. After having entered my credentials once during the setup process, Outlook 2007 was able to successfully connect to Exchange 2016. Then I closed my client and verified my Outlook Profile Settings:
With these settings in place everything works as exptected, without having any negative effects on Outlook 2010 and/or Outlook 2013 users. I had to configure my Exchange 2016 Outlook Anywhere settings as depicted in order for Outlook 2007 to receive a working set of Autodiscover settings:
- ExternalHostname : webapp.domain.de
- InternalHostname : webapp.domain.de
- ExternalClientAuthenticationMethod : Basic
- InternalClientAuthenticationMethod : Basic
- IISAuthenticationMethods : {Basic}
- ExternalClientsRequireSsl : True
- InternalClientsRequireSsl : True
- Name : Rpc (Default Web Site)
- Identity : <Server>\Rpc (Default Web Site)
By running the following cmdlet I was able to achieve the aformentioned configuration, i.e. adjusting the Exch-Rpc-Http-Virtual-Directory settings (followed by an iisreset) on Exchange 2016:
Get-OutlookAnywhere -Server <Server> | Set-OutlookAnywhere -InternalHostname "webapp.domain.de" -InternalClientsRequireSsl $true -InternalClientAuthenticationMethod Basic
As soon as InternalClientAuthenticationMethod is set to either NTLM or Negotiate, Outlook 2007 keeps prompting for the user's credentials again and they cannot connect to Exchange 2016's Rpc (Default Web Site).
Autodiscover.xml looks like this when running Test Email Auto Configuration with Microsoft Outlook 2007:
<?xml version="1.0" encoding="utf-8"?> <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006"> <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a"> <User> <DisplayName>Alexander Ollischer</DisplayName> <LegacyDN>/o=Erste Organisation/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=Alexander Ollischer420</LegacyDN> <AutoDiscoverSMTPAddress>ollischer@domain.de</AutoDiscoverSMTPAddress> <DeploymentId>46c1eb55-eae4-4f28-b74d-4f54da22d230</DeploymentId> </User> <Account> <AccountType>email</AccountType> <Action>settings</Action> <MicrosoftOnline>False</MicrosoftOnline> <ConsumerMailbox>False</ConsumerMailbox> <Protocol> <Type>EXCH</Type> <Server>1a6a703c-1d72-49c2-a944-6d86d20089a0@domain.de</Server> <ServerDN>/o=Erste Organisation/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=1a6a703c-1d72-49c2-a944-6d86d20089a0@domain.de</ServerDN> <ServerVersion>73C180E1</ServerVersion> <MdbDN>/o=Erste Organisation/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=1a6a703c-1d72-49c2-a944-6d86d20089a0@domain.de/cn=Microsoft Private MDB</MdbDN> <PublicFolderServer>webapp.domain.de</PublicFolderServer> <AD>SERVDC01.domain.local</AD> <ASUrl>https://mail.domain.de/EWS/Exchange.asmx</ASUrl> <EwsUrl>https://mail.domain.de/EWS/Exchange.asmx</EwsUrl> <EmwsUrl>https://mail.domain.de/EWS/Exchange.asmx</EmwsUrl> <EcpUrl>https://mail.domain.de/owa/</EcpUrl> <EcpUrl-um>?path=/options/callanswering</EcpUrl-um> <EcpUrl-aggr>?path=/options/connectedaccounts</EcpUrl-aggr> <EcpUrl-mt>options/ecp/PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=domain.de</EcpUrl-mt> <EcpUrl-ret>?path=/options/retentionpolicies</EcpUrl-ret> <EcpUrl-sms>?path=/options/textmessaging</EcpUrl-sms> <EcpUrl-photo>?path=/options/myaccount/action/photo</EcpUrl-photo> <EcpUrl-extinstall>?path=/options/manageapps</EcpUrl-extinstall> <OOFUrl>https://mail.domain.de/EWS/Exchange.asmx</OOFUrl> <UMUrl>https://mail.domain.de/EWS/UM2007Legacy.asmx</UMUrl> <OABUrl>https://mail.domain.de/OAB/20b5b929-97f2-49d5-a8d6-369778bedd0f/</OABUrl> <ServerExclusiveConnect>off</ServerExclusiveConnect> </Protocol> <Protocol> <Type>EXPR</Type> <Server>webapp.domain.de</Server> <SSL>On</SSL> <AuthPackage>Basic</AuthPackage> <ASUrl>https://webapp.domain.de/EWS/Exchange.asmx</ASUrl> <EwsUrl>https://webapp.domain.de/EWS/Exchange.asmx</EwsUrl> <EmwsUrl>https://webapp.domain.de/EWS/Exchange.asmx</EmwsUrl> <EcpUrl>https://webapp.domain.de/owa/</EcpUrl> <EcpUrl-um>?path=/options/callanswering</EcpUrl-um> <EcpUrl-aggr>?path=/options/connectedaccounts</EcpUrl-aggr> <EcpUrl-mt>options/ecp/PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=domain.de</EcpUrl-mt> <EcpUrl-ret>?path=/options/retentionpolicies</EcpUrl-ret> <EcpUrl-sms>?path=/options/textmessaging</EcpUrl-sms> <EcpUrl-photo>?path=/options/myaccount/action/photo</EcpUrl-photo> <EcpUrl-extinstall>?path=/options/manageapps</EcpUrl-extinstall> <OOFUrl>https://webapp.domain.de/EWS/Exchange.asmx</OOFUrl> <UMUrl>https://webapp.domain.de/EWS/UM2007Legacy.asmx</UMUrl> <OABUrl>https://webapp.domain.de/OAB/20b5b929-97f2-49d5-a8d6-369778bedd0f/</OABUrl> <ServerExclusiveConnect>on</ServerExclusiveConnect> <CertPrincipalName>msstd:webapp.domain.de</CertPrincipalName> <EwsPartnerUrl>https://webapp.domain.de/EWS/Exchange.asmx</EwsPartnerUrl> <GroupingInformation>Munich</GroupingInformation> </Protocol> <Protocol> <Type>WEB</Type> <Internal> <OWAUrl AuthenticationMethod="Basic, Fba">https://mail.domain.de/owa/</OWAUrl> <Protocol> <Type>EXCH</Type> <ASUrl>https://mail.domain.de/EWS/Exchange.asmx</ASUrl> </Protocol> </Internal> <External> <OWAUrl AuthenticationMethod="Fba">https://webapp.domain.de/owa/</OWAUrl> <Protocol> <Type>EXPR</Type> <ASUrl>https://webapp.domain.de/EWS/Exchange.asmx</ASUrl> </Protocol> </External> </Protocol> <Protocol> <Type>EXHTTP</Type> <Server>webapp.domain.de</Server> <SSL>On</SSL> <AuthPackage>Basic</AuthPackage> <ASUrl>https://mail.domain.de/EWS/Exchange.asmx</ASUrl> <EwsUrl>https://mail.domain.de/EWS/Exchange.asmx</EwsUrl> <EmwsUrl>https://mail.domain.de/EWS/Exchange.asmx</EmwsUrl> <EcpUrl>https://mail.domain.de/owa/</EcpUrl> <EcpUrl-um>?path=/options/callanswering</EcpUrl-um> <EcpUrl-aggr>?path=/options/connectedaccounts</EcpUrl-aggr> <EcpUrl-mt>options/ecp/PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=domain.de</EcpUrl-mt> <EcpUrl-ret>?path=/options/retentionpolicies</EcpUrl-ret> <EcpUrl-sms>?path=/options/textmessaging</EcpUrl-sms> <EcpUrl-photo>?path=/options/myaccount/action/photo</EcpUrl-photo> <EcpUrl-extinstall>?path=/options/manageapps</EcpUrl-extinstall> <OOFUrl>https://mail.domain.de/EWS/Exchange.asmx</OOFUrl> <UMUrl>https://mail.domain.de/EWS/UM2007Legacy.asmx</UMUrl> <OABUrl>https://mail.domain.de/OAB/20b5b929-97f2-49d5-a8d6-369778bedd0f/</OABUrl> <ServerExclusiveConnect>On</ServerExclusiveConnect> </Protocol> <Protocol> <Type>EXHTTP</Type> <Server>webapp.domain.de</Server> <SSL>On</SSL> <AuthPackage>Basic</AuthPackage> <ASUrl>https://webapp.domain.de/EWS/Exchange.asmx</ASUrl> <EwsUrl>https://webapp.domain.de/EWS/Exchange.asmx</EwsUrl> <EmwsUrl>https://webapp.domain.de/EWS/Exchange.asmx</EmwsUrl> <EcpUrl>https://webapp.domain.de/owa/</EcpUrl> <EcpUrl-um>?path=/options/callanswering</EcpUrl-um> <EcpUrl-aggr>?path=/options/connectedaccounts</EcpUrl-aggr> <EcpUrl-mt>options/ecp/PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=domain.de</EcpUrl-mt> <EcpUrl-ret>?path=/options/retentionpolicies</EcpUrl-ret> <EcpUrl-sms>?path=/options/textmessaging</EcpUrl-sms> <EcpUrl-photo>?path=/options/myaccount/action/photo</EcpUrl-photo> <EcpUrl-extinstall>?path=/options/manageapps</EcpUrl-extinstall> <OOFUrl>https://webapp.domain.de/EWS/Exchange.asmx</OOFUrl> <UMUrl>https://webapp.domain.de/EWS/UM2007Legacy.asmx</UMUrl> <OABUrl>https://webapp.domain.de/OAB/20b5b929-97f2-49d5-a8d6-369778bedd0f/</OABUrl> <ServerExclusiveConnect>On</ServerExclusiveConnect> <CertPrincipalName>msstd:webapp.domain.de</CertPrincipalName> </Protocol> <AlternativeMailbox> <Type>Delegate</Type> <DisplayName>Administrator</DisplayName> <SmtpAddress>Administrator@domain.de</SmtpAddress> <OwnerSmtpAddress>Administrator@domain.de</OwnerSmtpAddress> </AlternativeMailbox> <PublicFolderInformation> <SmtpAddress>PublicFolder@domain.local</SmtpAddress> </PublicFolderInformation> </Account> </Response> </Autodiscover>
Maybe this is of use for someone else.
Further reading:
- Why Exchange 2016 ignores Outlook 2007
- Exchange 2016 System Requirements
- Outlook Versions Supported by Exchange 2007/2010/2013/Online
- KB2687404 - Description of the Outlook 2007 update: November 13, 2012
- KB3032395 - Outlook connection issues with Exchange mailboxes because of the RPC encryption requirement