Hi KyleC-9016 ,
Thanks for your response.
Because of the problem with ServerA running CU18, I don't want to upgrade all other DAG members yet as all our users (15,000) might start getting the logon prompts, which would be very bad. Especially if their logon credentials aren't accepted.
If I point users to ServerA, they get a logon prompt when opening Outlook. Same thing happens if I close and reopen Outlook several times. I delete the Autodiscover.xml file in their profile (C:\Users\username\AppData\Local\Microsoft\Outlook) they can open Outlook fine and no logon prompts. Once the .xml is recreated and they close Outlook, the logon prompts return. I've compared an Autodiscover.xml file from a client that is connecting to a CU15 and CU18 server, and the contents appear the same - please see attached,.46951-autodiscover-edited.txt
If I run 'Test Email AutoConfiguration' against a CU15 and CU18 server, I'm also seeing the same result:
Regarding the snipped of code from the web.config file, I don't know where that came from. I thought the CU18 added that, though as I mentioned above when we upgraded ServerB to CU18, which is in our secondary/DR datacentre that clients don't hit for CAS services (we're using a "bound" namespace model), those lines of code don't exist in the web.config.
We did try removing the lines of code from ServerA's web.config, as you suggested, and this made no difference - we still got the Outlook logon prompts.
As I also mentioned, we're using NTLM authentication across our Exchange environment and not sure if this is causing us issues. We'd like to Kerberos, but we wanted to get everything upgraded to CU18 first.
Thanks,
Stu