I have been using Smartermail for several years, activesync and IMAP are used. Autodiscover DNS and SRV are setup and works for them.
I decided to try out MAPI. Activated the trial and a setup my own account from my (non domain joined) home/office laptop to connect to a AD server account. This was immediately successful so tried to add a user at my clients office LAN, all these computers are all domain joined.
FAILED, not able to create the MAPI account. Fiddler traces show 401 unauthorised user errors although all credentials are correct. All those same users can create and use Activesync and IMAP accounts.
Along with smartertools support and developers i have tried to diagnose the problem.
Recreated all DNS enries. Local split DNS reconfigured.
Fiddler traces show the correct sequence of autodiscover events and correctly communicating with the smartermail server (logs in the previous thread although not the newest ones)
I had new computers to install for new users so before i added the computer to the domain i created an outlook account.. BAM! straight away connected and works. Fiddler traces all great.
Added the computer to the domain, rather than create a new profile decided to logon with local computer profile and opened outlook that had previously worked.
FAILED! kept asking for user credentials but always failed
Tried the domain users profile, same result.
I am able to create a httpMAPI MAPI account in outlook on a non AD domain joined computer, as soon as i add it to the domain it fails, even on the previously added and working account. I can add a MAPI account to external devices, such as my cellphone and office laptop.
I have investigated GPO settings but can't seem to see what would effect the domain joined PC's. I have looked into LSA settings in the AD server registry but not seeing anything there either.
I have IISCrypt installed and best practises configured on the server. I use a LetsEncrypt SSL cert. I can connect from an external source and can connect from a LAN based PC but cannot connect from a domain joined PC.
Does anyone have any clue as to what is preventing the creation of the accounts? We are fairly sure it's returning a 401 unauthorised user even though correct credentials are supplied.