Hi,
I have Exchange Server 2013 installed and published Outlook Anywhere via ISA Server 2006. My issue arises when I tried to publish it using NTLM authentication.
The following configuration is made to the ISA Server,
Web Listener
- Client Authentication Method: HTTP Authentication
Firewall Policy
- Authentication Delegation: Kerberos constrained delegation
Outlook Anywhere is configured to NTLM. With the above configuration, Outlook 2013 (client) is able to connect to Exchange Server without any issue. However, when I tried to open Shared Mailbox folders, I get "Unable to Expand Folder" error. Please note that the Shared Mailbox is the one created in the "shared" tab in "recipient" of Exchange 2013 ECP. Opening mailboxes which is shared out by user has no issue. The difference between the two is,
- Shared Mailbox: The assigned mailboxes are automatically added into Outlook 2013 (client). This is the one I'm having issue with.
- Mailboxes shared by user: The mailboxes need to be added manually by the user.
However, I noticed that in the ISA Server monitoring, the Outlook client seems to keep accessing the above firewall policy as anonymous (from internal to external) and is denied by ISA.
To check on the issue, I reconfigured the ISA Server 2006 and Exchange Server 2013 to use Basic authentication and the issue goes away.
Any idea on how to resolve this? Thanks in advance.