[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Outlook client not receiving mail correctly

Posted on 2005-05-12
12
Medium Priority
?
375 Views
Last Modified: 2012-05-05
I'm running Exchange Server 2003 (SBS 2003 install) and my clients are all XP Pro and use either Outlook 2000 or XP for their mail client. The mail services have all been running fine until today when suddenly the mail is not being shown to the client when it arrives at the server.

Sounds strange but in order for mail to be delivered to the mailbox of a client they either need to press Send/Recieve or click another folder thus refreshing the view. New mail is then shown in all folders.

Now I have SBS 2003 Premium (and ISA 2000 is installed as is ISA Client on each workstation) but as said they all worked this morning. I've made some changes to the server today (enabling VPN via RRAS & IAS) and there was a couple of settings in ISA that I did have to change as well (the book told me so) - BTW this appears to be working - but I don't know if this has had a knock on effect to the clients receiving mail.

Any ideas gratefully received.
0
Comment
Question by:Steven O'Neill
  • 7
  • 4
12 Comments
 
LVL 9

Expert Comment

by:athelu
ID: 13987974
One of two thing perhaps. first, are you using cached mode? Do the Outlook clients show as "connected" in the status bar in the lower right hand corner?

Did the delivery folder location change? If you are not using cached mode, in the outlook profiles view you should see only a location for Mailbox - username.


0
 
LVL 2

Author Comment

by:Steven O'Neill
ID: 13988130
Out of the office at the moment so cannot say for certain about being connected but I thought cached mode was for Outlook 2003? As far as I remember, my clients (which are 2000 & XP) don't say their offline (unless I remove the network connection).
0
 
LVL 104

Expert Comment

by:Sembee
ID: 13991564
The communication between Outlook and Exchange for new message notification is a push technology. The Exchange server sends a packet to Outlook telling it that something has changed.
When you click on a folder or do send/receive Outlook polls the Exchange server and gets the changes (new messages).

This means that for some reason the push packet from Exchange is not being received.
The number one reason for this is a firewall. The Windows firewall is notorious for doing this unless carefully configured for Outlook support. Third party firewalls can also cause this kind of behaviour. Both products do so because the client didn't initiate the connection.

Is the Windows firewall turned on? Have you made an exception for Outlook?

Simon.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 2

Author Comment

by:Steven O'Neill
ID: 13994218
SBS 2003 appears to have a GPO to turn on the Windows firewall by default. What settings should I change in the GPO to allow the push packet to be received.
0
 
LVL 104

Accepted Solution

by:
Sembee earned 2000 total points
ID: 14000219
If you look in group policy you can adjust the exceptions list. Add outlook.exe to the list.

Computer Configuration, Admin Templates, Network, Network Connections, Windows Firewall, Domain Profile.

Simon.
0
 
LVL 2

Author Comment

by:Steven O'Neill
ID: 14008432
I'm using SBS 2003 Premium (so W2K3 in essence) adn when I click on Group Policy Management there is 2 GPOs (by default) created. The first one is called Small Business Server Internet Connection Firewall and the other Small Business Server Windows Firewall. I believe I should be altrering the ICF one (correct?)

The Windows Firewall GPO is the one that has been configured (by SBS) for all the edited objects (ICF is not configured). Won't they both do the same thing?

The GPO for both consists of:

Windows Firewall: Protect all network connections
Windows Firewall: Do not allow exceptions
Windows Firewall: Allow local program exceptions
Windows Firewall: Allow remote administration exception
Windows Firewall: Allow file and printer sharing exception
Windows Firewall: Allow ICMP exception
Windows Firewall: Allow Remote Desktop exception
Windows Firewall: Allow UPnP framework exception
Windows Firewall:
0
 
LVL 2

Author Comment

by:Steven O'Neill
ID: 14008457
Sorry about this, seemed to click the wrong button on my keyboard and the last comment was sent by mistake, here goes again:

I'm using SBS 2003 Premium (so W2K3 in essence) adn when I click on Group Policy Management there is 2 GPOs (by default) created. The first one is called Small Business Server Internet Connection Firewall and the other Small Business Server Windows Firewall. I believe I should be altrering the ICF one (correct?)

The Windows Firewall GPO is the one that has been configured (by SBS) for all the edited objects (ICF is not configured). Won't they both do the same thing?

The GPO for both consists of:

Windows Firewall: Protect all network connections
Windows Firewall: Do not allow exceptions
Windows Firewall: Allow local program exceptions
Windows Firewall: Allow remote administration exception
Windows Firewall: Allow file and printer sharing exception
Windows Firewall: Allow ICMP exception
Windows Firewall: Allow Remote Desktop exception
Windows Firewall: Allow UPnP framework exception
Windows Firewall: Prohibit notifications
Windows Firewall: Allow logging
Windows Firewall: Prohibit unicast response to multicast or broadcasr queries
Windows Firewall: Allow local port exceptions

Which (if any) of these objects should be edited to allow Outlook to be excempt? I've looked at them all and there doesn't appear to be a place to allow this to be added. However, I've also opened the full GPO for Windows Firewall thru Group Policy Management and under Admin Template it has a long list of Extra Registry Settings. It states:

Sorry about this, seemed to click the wrong button on my keyboard and the last comment was sent by mistake, here goes again:

I'm using SBS 2003 Premium (so W2K3 in essence) adn when I click on Group Policy Management there is 2 GPOs (by default) created. The first one is called Small Business Server Internet Connection Firewall and the other Small Business Server Windows Firewall. I believe I should be altrering the ICF one (correct?)

The Windows Firewall GPO is the one that has been configured (by SBS) for all the edited objects (ICF is not configured). Won't they both do the same thing?

The GPO for both consists of:

Windows Firewall: Protect all network connections
Windows Firewall: Do not allow exceptions
Windows Firewall: Allow local program exceptions
Windows Firewall: Allow remote administration exception
Windows Firewall: Allow file and printer sharing exception
Windows Firewall: Allow ICMP exception
Windows Firewall: Allow Remote Desktop exception
Windows Firewall: Allow UPnP framework exception
Windows Firewall: Prohibit notifications
Windows Firewall: Allow logging
Windows Firewall: Prohibit unicast response to multicast or broadcasr queries
Windows Firewall: Allow local port exceptions

Which (if any) of these objects should be edited to allow Outlook to be excempt? I've looked at them all and there doesn't appear to be a place to allow this to be added. However, I've also opened the full GPO for Windows Firewall thru Group Policy Management and under Admin Template it has a long list of Extra Registry Settings. It states:

Sorry about this, seemed to click the wrong button on my keyboard and the last comment was sent by mistake, here goes again:

I'm using SBS 2003 Premium (so W2K3 in essence) adn when I click on Group Policy Management there is 2 GPOs (by default) created. The first one is called Small Business Server Internet Connection Firewall and the other Small Business Server Windows Firewall. I believe I should be altrering the ICF one (correct?)

The Windows Firewall GPO is the one that has been configured (by SBS) for all the edited objects (ICF is not configured). Won't they both do the same thing?

The GPO for both consists of:

Windows Firewall: Protect all network connections
Windows Firewall: Do not allow exceptions
Windows Firewall: Allow local program exceptions
Windows Firewall: Allow remote administration exception
Windows Firewall: Allow file and printer sharing exception
Windows Firewall: Allow ICMP exception
Windows Firewall: Allow Remote Desktop exception
Windows Firewall: Allow UPnP framework exception
Windows Firewall: Prohibit notifications
Windows Firewall: Allow logging
Windows Firewall: Prohibit unicast response to multicast or broadcasr queries
Windows Firewall: Allow local port exceptions

Which (if any) of these objects should be edited to allow Outlook to be excempt? I've looked at them all and there doesn't appear to be a place to allow this to be added. However, I've also opened the full GPO for Windows Firewall thru Group Policy Management and under Admin Template it has a long list of Extra Registry Settings. It states:

Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

Setting State
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\Enabled 1
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List\%ProgramFiles%\Microsoft ActiveSync\CeAppMgr.exe:LocalSubnet:Enabled:ActiveSync Application Manager %ProgramFiles%\Microsoft ActiveSync\CeAppMgr.exe:LocalSubnet:Enabled:ActiveSync Application Manager
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List\%ProgramFiles%\Microsoft ActiveSync\WCESComm.exe:LocalSubnet:Enabled:ActiveSync Connection Manager %ProgramFiles%\Microsoft ActiveSync\WCESComm.exe:LocalSubnet:Enabled:ActiveSync Connection Manager
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List\%ProgramFiles%\Microsoft ActiveSync\WCESMgr.exe:LocalSubnet:Enabled:ActiveSync Application %ProgramFiles%\Microsoft ActiveSync\WCESMgr.exe:LocalSubnet:Enabled:ActiveSync Application
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List\%WINDIR%\PCHealth\HelpCtr\Binaries\Helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice %WINDIR%\PCHealth\HelpCtr\Binaries\Helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List\%WINDIR%\PCHealth\HelpCtr\Binaries\Helpsvc.exe:*:Enabled:Offer Remote Assistance %WINDIR%\PCHealth\HelpCtr\Binaries\Helpsvc.exe:*:Enabled:Offer Remote Assistance
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List\%WINDIR%\SYSTEM32\Sessmgr.exe:*:Enabled:Remote Assistance %WINDIR%\SYSTEM32\Sessmgr.exe:*:Enabled:Remote Assistance
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\Enabled 1
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List\135:TCP:*:Enabled:Offer Remote Assistance - Port

Do I need to amend the .ADM and apply it to this GPO?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 14009668
The one that you need to modify is: Windows Firewall: Allow local program exceptions

You need to add "outlook.exe" to the list.

Take a look at this technical documentation from MS: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/2f56f19e-b9da-4530-8772-f37d2302255e.mspx

It explains how to manage the firewall using group policy.

Simon.
0
 
LVL 2

Author Comment

by:Steven O'Neill
ID: 14010140
Sembee

Thanx, I've already got this object enabled but there is no way for me to add the exception in at the object level. I can amend the exception list at the client machine to add Outlook into it there but I'd much prefer to be able to add this file in at the GPO level. Any idea as to how I should add outlook.exe to the GPO? I know this sounds dumb but I really don't see anything in this object to enable me to say use outlook.exe as an exception.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 14011751
I have just had another look at my system.
I have a GP entry in the same place called "Define Program exceptions". There I can enter outlook.exe

Simon.
0
 
LVL 2

Author Comment

by:Steven O'Neill
ID: 14016411
Did you create this entry yourself? I don't have this at all. Wondering if this is an SBS problem? Could the object only be available on W2K3 Server and not SBS2K3? If it should be there (or was defined manually), how do I go about this?
0
 
LVL 2

Author Comment

by:Steven O'Neill
ID: 14016450
Sembee

Managed to sort this out. Downloaded SBS2K3 KB872769 and W2K3 KB842933 and this resolved the problem. Thought my server was well patched but obviously not. Thanx (once again) for all your advice and assistance with this one. Please accept the points (yet again) for some wonderful advice.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to effectively resolve the number one email related issue received by helpdesks.
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question