Outlook 2007 Prompts for Password
In the situation I came across, Outlook 2007 clients were constantly prompting for a password eventhough the users were on the LAN, members of the domain, and logged in to the PC with domain credentials. While I found several potential causes, the solution ended up being an SSL setting in IIS on the mail server.
The solution was to allow client certificates on the virtual directory for Exchange Autodiscover. It turns out the clients were attempting to use the Autodiscover service with Exchange 2007 to detect settings and the website wasn’t accepting their client certificate. The client certificates are apparently used for encryption between the client and the server. Disabling the checkbox to enable that type of communication may also have been a solution, but this is a better one because it maintains the security of an encrypted channel. Here are the instructions:
1.Using IIS7 - Open the IIS manager. Expand the Sites group and expand down to the Autodiscover virtual directory. Select this virtual directory then selec “SSL Settings” from the center pane. In the settings window, select “Accept Client Certificates”.
In addition, the authentication settings on this virtual directory can also cause this to happen if not configured correctly. Just make sure that Integrated Windows Authentication is checked.
2.Using IIS6
1.
In IIS Manager, double-click the local computer, and then right-click the Web site, directory, or file that you want and click Properties.
2.
If you have not previously obtained a server certificate, click the Directory Security tab, and then under Secure Communications, click Server Certificate. For more information, see Obtaining Server Certificates.
3.
If you have previously obtained a server certificate, click the Directory Security or File Security tab, and then under Secure Communications, click Edit.
4.
In the Secure Communications box, select the Require secure channel (SSL) check box. Requiring a secure channel means that users cannot connect to this site without using a secure link (that is, the link's URL must begin with https://).
5.
Under Client certificates select one of the following to enable client Certificate authentication:
• Accept client certificates Users can access the resource with a client certificate, but the certificate is not required.
• Require client certificates The server will request a client certificate before connecting the user to the resource. Users without a valid client certificate will be denied access.
• Ignore client certificates Users with or without a client certificate will be granted access.
Thursday, December 23, 2010
Wednesday, December 22, 2010
Outlook 2007 Certificate Error?
When importing a new certificate into Exchange 2007/2010, you might encounter a certificate error in Outlook 2007/2010. I have included a screenshot of the error I encountered with Outlook 2007 :
When importing a new certificate into Exchange 2007/2010, you might encounter a certificate error in Outlook 2007/2010. I have included a screenshot of the error I encountered with Outlook 2007 :
When you choose the View Certificate button, it brings up another window that shows you what certificate is in error. In this case, the certificate name is “mail.shudnow.net.”
So the million dollar question? Why the error?
Well, when we install a new certificate, there are a few tasks we want to do. Obviously, we install the certificate for a purpose. This purpose is till allow us to use Exchange services securely. So how do we enable Exchange to use these services? If you are planning to do a very simple configuration and do not care about external Autodiscover access, you do not need to use a Unified Communication Certificate. You can read more about these certificates in one of my other articles here.
So let’s say we have a simple regular common certificate. A certificate with a Common Name (CN) of mail.shudnow.net We install this certificate onto our Exchange box with its’ private key. In our case we were migrating so we did not have to request a certificate via IIS. We just exported it with its’ private key and imported onto the new box. We then assigned this certificate to IIS. Now I went to the Exchange Management Shell and enabled Exchange services to use this certificate. In order to do this, you must run the following commands:
Get-ExchangeCertificate
Thumbprint Services Subject
———- ——– ——-
BCF9F2C3D245E2588AB5895C37D8D914503D162E9 SIP.W CN=mail.shudnow.net.com
What I did was go ahead and enable all new services to use every available service by using the following command:
Enable-exchangecertificate -services IMAP, POP, UM, IIS, SMTP -Thumbprint BCF9F2C3D245E2588AB5895C37D8D914503D162E9
The next step would be to ensure the AutodiscoverInternalURI is pointed to the CAS that will be your primary CAS for Autodiscover servicing.
Get-ClientAccessServer -Identity CASServer FL
AutoDiscoverServiceInternalUri : https://casnetbiosname/Autodiscover/Autodiscover.xml
See the issue here? We are not using a UC certificate that contains the names, “casnetbiosname, casnetbiosname.shudnow.net, mail.shudnow.net, and autodiscover.shudnow.net” Since the Autodiscover directory in IIS will be requring SSL encryption, the url specified in the AutoDiscoverServiceInternalURI must match what is specified in your certificate. You must also ensure there is a DNS record that allows mail.shudnow.net to resolve to your CAS. We should re-configure the AutoDiscoverServiceInternalURI by using the following command:
Set-ClientAccessServer -Identity CASServer -AutoDiscoverServiceInternalUri https://mail.shudnow.net/Autodiscover/Autodiscover.xml
We now need to go configure all the InternalURLs for each web distributed service. If you are going to be utilizing the Autodiscover service from the outside or for non-domain joined clients, you may want to configure an -ExternalURL in addition to your -InternalURL.
Here is the reason why we were receiving the certificate errors. Your InternalURLs most likely are not using mail.shudnow.net. Your InternalURLs are most likely pointed to something such as https://casnetbiosname/ServiceURL which will fail since this is not the CN of your simple certificate.
You can run the following commands to fix your internalURLs so your Outlook 2007 client can successfully take advantage of your web distribution services.
Get-WebServicesVirtualDirectory
Set-WebServicesVirtualDirectory -Identity “CASServer\EWS (Default Web Site)” -InternalURL https://mail.shudnow.net/EWS/Exchange.asmx -BasicAuthentication:$true
Set-OABVirtualDirectory -Identity “CASServer\OAB (Default Web Site)” -InternalURL https://mail.shudnow.net/OAB
Note: You must ensure that you enable SSL on the OAB directory in IIS which is not on by default. The above command will only enable SSL, but will not ensure 128-bit SSL is required.
Enable-OutlookAnywhere -Server CASServer -ExternalHostname “mail.shudnow.net” -ClientAuthenticationMethod “Basic”-SSLOffloading:$False
Note: The above Enable-OutlookAnywhere command works on SP1. For RTM, substitute -ClientAuthenticationMethod with -ExternalAuthenticationMethod.
Set-ActiveSyncVirtualDirectory -Identity “CASServer\Microsoft-Server-ActiveSync (Default Web Site)” -ExternalURL https://mail.shudnow.net/Microsoft-Server-Activesync
Set-UMVirtualDirectory -Identity “CASServer\UnifiedMessaging (Default Web Site)” -InternalURL https://mail.shudnow.net/UnifiedMessaging/Service.asmx -BasicAuthentication:$true
Note: The above Set-UMVirtualDirectory command is not needed in Exchange 2010. Exchange 2010 no longer contains a UnifiedMessaging virtual directory and instead uses the Web Services Virtual Directory.
Friday, November 26, 2010
Printing issues from Quickbooks
Recently a customer was having issues printing invoices from Quickbooks. Actually invoices wouldn’t print at all, however they could print everything else from Quickbooks. After trying everything I could think of short of doing a complete reinstall, I discovered this easy fix.
# Open My Computer or Windows Explorer and navigate to the correct directory below for your version or QuickBooks.
# For QuickBooks 2007: Windows XP – C:\Documents and Settings\All Users\Application Data\Intuit\QuickBooks 2007
# For QuickBooks 2007: Windows Vista – C:\ProgramData\Intuit\QuickBooks 2007
# For QuickBooks 2006 and earlier: C:\Program Files\Intuit\[QuickBooks Version]
1. Locate the QBPRINT.QBP file and delete it. (Note: this file may be hidden by default.)
2. Open QuickBooks.
3. Click the File menu and select Printer Setup.
4. Click any one of the transactions in the Form Name drop-down and click OK. This will re-create the QBPRINT.QBP file. (This does not have to be done for each transaction.)
5. Open and print the transaction that was having problems
# Open My Computer or Windows Explorer and navigate to the correct directory below for your version or QuickBooks.
# For QuickBooks 2007: Windows XP – C:\Documents and Settings\All Users\Application Data\Intuit\QuickBooks 2007
# For QuickBooks 2007: Windows Vista – C:\ProgramData\Intuit\QuickBooks 2007
# For QuickBooks 2006 and earlier: C:\Program Files\Intuit\[QuickBooks Version]
1. Locate the QBPRINT.QBP file and delete it. (Note: this file may be hidden by default.)
2. Open QuickBooks.
3. Click the File menu and select Printer Setup.
4. Click any one of the transactions in the Form Name drop-down and click OK. This will re-create the QBPRINT.QBP file. (This does not have to be done for each transaction.)
5. Open and print the transaction that was having problems
Thursday, October 14, 2010
How to copy Outlook Calendar items from one folder to another
For Outlook 2007, 2003, 2002, 2000
Clearing the filter from an existing view
To clear the filter from an existing tabular view, follow these steps:
Click to select the Outlook Calendar folder.
On the View menu, point to Current View, and then click to select one of the tabular views such as Events or By Category.
On the View menu, point to Current View, and then click Customize Current View.
In the View Summary dialog box, click Filter, click Clear All, and then click OK twice.
Defining a new tabular view
To define a new permanent, tabular view, follow these steps:
Click to select the Calendar folder.
On the View menu, point to Current View, click Define Views, and then click New.
Type a name for the new view, click to select Table, and then click OK.
In View Summary, click Sort.
In the Sort items by list, click to select Start and Ascending.
In the Then By list, click to select (none), and then click OK.
Click OK, and then click Apply View.
Either one of the previous procedures will display a list of all Calendar items.
After all items are displayed, follow these steps:
On the Edit menu, click Select All.
On the Edit menu, click Copy.
Click to select the destination folder.
On the Edit menu, click Paste.
This process inserts a copy of all the Calendar items into the destination folder.
For Outlook 2010
Clearing the filter from an existing view
To clear the filter from an existing tabular view, follow these steps:
Click to select the Outlook Calendar folder.
On the View tab, click Change view, and then click to select one of the tabular views such as By List or ByCategory.
On the View menu, click Reset View.
Click Yes to reset the view to the original settings.
Defining a new tabular view
To define a new permanent tabular view, follow these steps:
Click to select the Calendar folder.
On the View tab, click Change view, click Manage Views, and then click New.
Type a name for the new view, click to select Table, and then click OK.
In Advanced View Settings, click Sort.
In the Sort items by list, click to select Start and Ascending.
In the Then By list, click to select (none), and then click OK.
Click OK, and then click Apply View.
Either of the previous procedures will display a list of all Calendar items.
After all items are displayed, follow these steps:
To select all items, use the keyboard shortcut, CONTROL+A.
To copy the items, use the keyboard shortcut, CONTROL+C.
Click to select the destination folder.
Note To paste the items correctly, the destination folder must be a calendar folder.
To paste the items, use the keyboard shortcut, CONTROL+V.
This process inserts a copy of all the Calendar items into the destination folder.
Additional option for Outlook 2010
On the Folder tab, click Copy Calendar.
Select the folder location where you want the calendar to be saved, and then click OK.
Note To copy the items correctly, the destination folder must be a calendar folder.
Clearing the filter from an existing view
To clear the filter from an existing tabular view, follow these steps:
Click to select the Outlook Calendar folder.
On the View menu, point to Current View, and then click to select one of the tabular views such as Events or By Category.
On the View menu, point to Current View, and then click Customize Current View.
In the View Summary dialog box, click Filter, click Clear All, and then click OK twice.
Defining a new tabular view
To define a new permanent, tabular view, follow these steps:
Click to select the Calendar folder.
On the View menu, point to Current View, click Define Views, and then click New.
Type a name for the new view, click to select Table, and then click OK.
In View Summary, click Sort.
In the Sort items by list, click to select Start and Ascending.
In the Then By list, click to select (none), and then click OK.
Click OK, and then click Apply View.
Either one of the previous procedures will display a list of all Calendar items.
After all items are displayed, follow these steps:
On the Edit menu, click Select All.
On the Edit menu, click Copy.
Click to select the destination folder.
On the Edit menu, click Paste.
This process inserts a copy of all the Calendar items into the destination folder.
For Outlook 2010
Clearing the filter from an existing view
To clear the filter from an existing tabular view, follow these steps:
Click to select the Outlook Calendar folder.
On the View tab, click Change view, and then click to select one of the tabular views such as By List or ByCategory.
On the View menu, click Reset View.
Click Yes to reset the view to the original settings.
Defining a new tabular view
To define a new permanent tabular view, follow these steps:
Click to select the Calendar folder.
On the View tab, click Change view, click Manage Views, and then click New.
Type a name for the new view, click to select Table, and then click OK.
In Advanced View Settings, click Sort.
In the Sort items by list, click to select Start and Ascending.
In the Then By list, click to select (none), and then click OK.
Click OK, and then click Apply View.
Either of the previous procedures will display a list of all Calendar items.
After all items are displayed, follow these steps:
To select all items, use the keyboard shortcut, CONTROL+A.
To copy the items, use the keyboard shortcut, CONTROL+C.
Click to select the destination folder.
Note To paste the items correctly, the destination folder must be a calendar folder.
To paste the items, use the keyboard shortcut, CONTROL+V.
This process inserts a copy of all the Calendar items into the destination folder.
Additional option for Outlook 2010
On the Folder tab, click Copy Calendar.
Select the folder location where you want the calendar to be saved, and then click OK.
Note To copy the items correctly, the destination folder must be a calendar folder.
Wednesday, October 6, 2010
RDP Splash Screen Wallpaper Removal Instructions
1) Click Start / Run / type REGEDIT and click OK
2) Navigate EXACTLY to the Key Value
- HKEY_USERS
- .DEFAULT
- Control Panel
- Desktop
3) Locate the String Value: ”Wallpaper”.
Note: If you’re using a Dell, that string value data is probably “\windows\system32\DELLWALL.BMP”
4) Now, either:
a) right-click and delete the Wallpaper string value completely, or
b) change the value to a different wallpaper
WARNING – Be sure you DO NOT delete the “Desktop” Registry Key on the left, only nuke the “Wallpaper” String Value on the right
5) Close REGEDIT
If you performed everything correctly, the next time you RDP into the server that wallpaper should be gone (or changed if you followed Step 4b). Your Remote Desktop Protocol experience should be much improved now.
2) Navigate EXACTLY to the Key Value
- HKEY_USERS
- .DEFAULT
- Control Panel
- Desktop
3) Locate the String Value: ”Wallpaper”.
Note: If you’re using a Dell, that string value data is probably “\windows\system32\DELLWALL.BMP”
4) Now, either:
a) right-click and delete the Wallpaper string value completely, or
b) change the value to a different wallpaper
WARNING – Be sure you DO NOT delete the “Desktop” Registry Key on the left, only nuke the “Wallpaper” String Value on the right
5) Close REGEDIT
If you performed everything correctly, the next time you RDP into the server that wallpaper should be gone (or changed if you followed Step 4b). Your Remote Desktop Protocol experience should be much improved now.
Subscribe to:
Posts (Atom)