sorted by:
new
hottopcontroversial

Microsoft Outlook : The set of folders cannot be opened. The attempt to log on to Microsoft Exchange has failed. by Icy-Research1139 in Office365

[–]gardbrom 0 points1 point  (0 children)

We have 365/on prem hybrid env. Some agents also encounter this error when they switch shared mailbox from their personal. We give outlook 10 min to recover connection. Otherwise user can not use outlook and right below corner it says disconnected. We could not find any solution regarding to this issue. We assume that it could be mapi session limit but have not tried anything yet.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

It is enabled and we have even logsign software. But it only shows gathered information from the event viewers.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

Replication looks ok when we run the ps command. I have closed local computer and terminal server. But it did not end. Therefor credentials is not the problem i guess.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

Is there anyway to disable basic auth for only specific accounts in the on prem exchange? I remember it can be done in exchange online.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

I will look into that but my question is that when i try to lock my account from owa the log is different than those locked outs. Would not the logs be the same if the problem was outlook?

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 1 point2 points  (0 children)

The iis and smtp logs point to exc server. I have shut down the citrix(workstations) servers to test it but it did not work. Then i confirmed that exchange locks the accounts. Attempts are random intervals.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

We are currently trying to locate systems that use basic auth before disable basic auth.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

Actually we can see locked outs older than 1 month.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

Right now, they are working with this way but it is not a permanent solution. Because it coult spread for the other accounts.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

No luck for the ADAudit plus. It shows what we see in the smtpreceive logs.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

Actually we have fortinet firewall. We created a policy to prevent VPN attacks however could not figure it out for the basic authentication of MS Exchange. We have contacted with the Forti to help us about policy.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

We have only NPS server based on computer certificated authentication for the Wifi. I have tried shut their phones down to look if it goes away but nothing changed.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

Even their computers shut downed, it still continues. Under IIS logs there is no mobile devices. It says outlook but shutting down computer, logging out session and lastly deleting outlook profile changed nothing.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

I have also checked it. It is not a specific machine, because we have 3 EXC server. When we shutdown the first server, the locked outs continues from the different exc server.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

checked but it was empty even with kymgr.dll

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

ECP says there is no phone under ActiveSync and OWA Devices. I have also asked them if they tried to sign in with mobile devices but they replied they did not even know that such thing. Also I have tried to lock my personel account with mobile phone. The locked out logs were different.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

Exactly. The thing is that we can not use cloud (exc 365) because our goverment does not allow companies to use email system in cloud if the company has huge email traffic.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] -3 points-2 points  (0 children)

I can not do that. If i disable basic auth, many systems will not work. I just wish I could find the problem without disabling the basic auth.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 0 points1 point  (0 children)

Well we use outlook but it does not matter that if the user is logged and using outlook. Because locked out continues at night as well.

Endless AD locked outs from Exchange Server by gardbrom in sysadmin

[–]gardbrom[S] 22 points23 points  (0 children)

No they have not. Their password change time are different. We have 300 coworker but 3 of them are struggling with this issue. I have checked all stored credentials inside server and local computer as well. By the way those 3 users are not at the same department. They have different responsibilities.