When moving users to Exchange 2013 it can happen, that they can’t access public folders housed on the old Exchange 2010 or 2007 server. The same can happen to shared mailboxes (mailboxes with Full Access permissions). The users are constantly prompted for credentials or they get this message:
Cannot expand the folder. Microsoft Exchange is not available. Either there are network problems or the Exchange server is down for maintenance.
This can be a huge problem during a migration. Microsoft described this in KB2834139. This error is caused by a misconfigured Outlook security setting, called “Logon network security”. If you experience this issue, check the “Logon network security” setting. If it’s set to “Anonymous Authentication”, then you experience the in KB2834139 described problem. Otherwise you have another problem. Check the “Logon network security” settings in your Outlook client. I took this screenshots from a Outlook 2013, but it looks the same in Outlook 2010. With this setting you will have a problem:
With one of these settings, it will work.
You can change the setting and try the access to a public folder or shared mailbox. If you can access the public folder or shared mailbox, then you have to change some settings on the Exchange Server 2013 Client Access Server (CAS).
Open an Exchange Management Shell:
[PS] C:\windows\system32>Get-OutlookAnywhere -Server exchange2.testing.local | select *external*,*internal* ExternalHostname : mail.terlisten-consulting.de ExternalClientAuthenticationMethod : Negotiate ExternalClientsRequireSsl : False InternalHostname : exchange2.testing.local InternalClientAuthenticationMethod : Negotiate InternalClientsRequireSsl : False [PS] C:\windows\system32>Get-OutlookAnywhere -Server exchange2.testing.local | Set-OutlookAnywhere -ExternalClientAuthenticationMethod NTLM [PS] C:\windows\system32>Get-OutlookAnywhere -Server exchange2.testing.local | Set-OutlookAnywhere -InternalClientAuthenticationMethod NTLM [PS] C:\windows\system32>Get-OutlookAnywhere -Server exchange2.testing.local | select *external*,*internal* ExternalHostname : mail.terlisten-consulting.de ExternalClientAuthenticationMethod : NTLM ExternalClientsRequireSsl : False InternalHostname : exchange2.testing.local InternalClientAuthenticationMethod : NTLM InternalClientsRequireSsl : False
I would recommend to execute “iisreset” after changing the settings. Please note, that this interrupts the client access for a short moment! After a restart of the Outlook client or during the next Autodiscover, the client should get the correct settings and the access to the public folders and shared mailboxes should work.