We are not able to get integrated Windows auth working for our on-prem Exchange 2013 deployment. Our setup is pretty straightforward;
- Single Mailbox server (cc-exch-01)
- Single CAS server (cc-exchcas-01)
- AD Domain: clarityinternal.net
- Public DNS Domain: claritycon.com
For Outlook Anywhere, I have the same settings on both the Mailbox and CAS Servers:
- Internal URL: cc-exchcas-01.clarityinternal.net
- External URL: exchange.claritycon.com (resolves to the internal IP of the CAS server)
- Authentication: Negotiate
The certificate on the CAS server is issued by Entrust and has:
- Subnect Name: exchange.claritycon.com
- Subject Alternate Name: cc-exchcas-01.clarityinternal.net
When users launch Outlook from a domain joined PC, they are prompted for credentials and I can't figure out why.
jon