I have a problem with integration of WSS 3.0 in Outlook 2007. We have published Outlook 2007 / OWS 2007 and WSS over the same Web_Listener and SSO is enabled. All of our users access Outlook 2007/OWA and WSS from the internet and the clients are not a member of the internal Exchange/WSS domain.
We are a Hosted Exchange provider.
The single sign on feature works great between WSS and OWA. But if I try to integrate WSS in Outlook 2007 it prompts me for authentication. (But I'm always authenticated in Outlook?!)
After the timeout of the Web_Listener it prompts me again in Outlook for re-authentication to access SharePoint and so on….. This behavior leads to a bad user experience and until now, I didn't find any solutions to avoid that.
I have made some tests with different authentication methods (NTLM/Basic authentication etc.) but nothing works. The persistent cookie feature gave me some strange effects and it doesn't work as well for me. (Perhaps I have done something wrong??)
Let me now ask my questions, please.
Is it possible to have a single sign on feeling between Outlook and WSS from external in general?
Does anybody know what I can do to solve this issue? (Settings / third-party software etc.)
Every help to point me to the right direction are highly appreciated!!
From: United Kingdom
Persistent cookies should solve your problem.
SSO is designed for access multiple services from the same browser (e.g. OWA and WSS); however, once you hope outside the security context of the browser to use Outlook, ISA will see this as a new session and hence require authentication. Persistent cookies were designed to remove this limitation by using machine cookies that can be comsumed by applications outside the browser.
Can you describe "strange affects" for persistent cookies as I have always found these pretty reliable...
Perhaps I missed something or I did something wrong?!
But at the moment it is not 100% clear for me what really happens there.
I have for all applications (WSS, Outlook und OWA) the same Web_Listener. I had SSO enabled und persistent cookies (on all computers) activated at the same time.
I started Outlook and integrated a SharePoint site. Then I wait over 10min (idle timeout) and it seems to work. If I clicked on a SharePoint site within Outlook it does not prompt me for authentication. -> OK
After that I tried to open a SharePoint site from a link in an email. A browser window opens and I need to logon again. It does not pass the credentials from Outlook to OWA. (I don't know if it's a normal behaviour?)
Then I logoff from Outlook login to OWA -> logon to Outlook, logoff from OWA. And at this time I can't login to OWA again!?
It told me, that password or username is wrong?!
The only solution was to delete all cookies from IE cache and logoff/logon to Windows. I know that my test scenario is a little bit strange, but we have thousands of users and I don't want to affect them by enabling persistent cookies without good testing.
For a working persistent cookie feature, it is necessary that all applications using the same web_listener? (we’re using the same listener).
Could be that I did something wrong and I have to retry me tests, to see if it working?!