Issue:Lync keep asking Password to connect Outlook from externally.
Error Message:
Credentials are required
Lync needs your user name password to connect for retrieving calendar date from Outlook.
Problem Statement:
My Lync works as expected from internally, work properly with Outlook. When Lync connect externally Lync keep asking credential however never accept the correct credential and keep getting password prompt.
Lync Sign properly however when it connect Outlook for Free/Busy and calendar information it give above prompt however never accept credential.
Why Lync try to connect?
Lync tries to connect Outlook to get following services.
- Calendar and Free/Busy information from Outlook
- Exchange Web Services (EWS)
- Response Group Service
- Address Book Service.
But some reason if Lync is unable to connect above services then Lync will show password prompt.
Resolution:
This issue occurs for multiple reasons, and in certain scenarios, it is the expected behavior. Lync generally prompts you for credentials only after you're signed in and when it must connect to an external service such as the Microsoft Exchange Free/Busy service or the Exchange Calendar service.
Basically Lync doesn't integrate automatically with Outlook, Lync prompts you for credentials before it lets you connect to Outlook to retrieve Calendar and Free/Busy information. Lync doesn't automatically connect to EWS, Lync prompts you for credentials before it lets you access the EWS URLs.
In my case Lync continues to prompt for credentials that means there's probably an issue with Outlook or with the Exchange services.
If the Exchange server or EWS is unavailable, this causes Lync to continuously prompt for credentials because it can't contact Exchange for authentication. To resolve this issue.
Already verified that Outlook has connectivity to the mailbox and I can EWS URLs (internal and external) correctly under Lync configuration (Press Ctrl key + Right click on Lync Icon and say ‘Configuration Information’).
Able to resolve autodiscover record. autodiscover.domain.com – IP Address.
Environment Details: Exchange 2010, Lync Server 2010, TMG for Reverse Proxy. Lync 2010, Lync 2013, Outlook 2010, Outlook 2013.
When I checked authentication on exchange and TMG for Exchange Autodiscover found below:
Exchange Anywhere has -> Basic Authentication
TMG Web (Outlook Anywhere) Rule has -> Basic Authentication.
As per Microsoft recommendation web rule must pass the request to Server for authentication.
TMG or Web publisher should not do authentication. To resolve my environment issue we did below configuration changes.
Exchange Outlook Anywhere configurations:
Log on to Exchange CAS server and Open Exchange PowerShell and Run the below command:
a. Set-OutlookProvider EXPR -server $null Get-Outlookanywhere | set-OutlookAnywhere -clientAuthenticationMethod NTLM -iisauthenticationMethods NTLM
b. Get-OabVirtualDirectory | Set-OabVirtualDirectory -IISAuthenticationmethods NTLM
c. DO theIISResetonALL CAS servers
Follow the below steps on TMG:
a. Log on to the TMG server.
b. Open Firewall and right click on Outlook Anywhere Rule
c. Set on the Publishing Rule (not Listener) authentication "No Delegation, but Allow client to authenticate directly".
d. Click on- APPLY.
After making above changes our Outlook password prompt and Lync password prompt issue got resolved and working fine.
Thank you