Access Exchange 2003 out side the network

What I want to do is to be able to configure my outlook to to access my Exchange 2003 at work.  I couldn't log on the OWAadmin.  I'm really having a hard time understanding the documentations I read here but can someone please help me with this and point me to the right direction.  What needs to be done to my Exchange 2003 running on Server 2003 and My outlook 2003 at home? I dont want to pop3 or imap or use the OWA on the browser. From my research, I dont even have to configure a VPN connection.  Please help.  

Im getting this (below) when i log in to the OWAadmin even if I already have domain admin rights.  Please advise.

Server Error in '/OWAAdmin' Application.
--------------------------------------------------------------------------------

Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="Off"/>
    </system.web>
</configuration>
 

Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
    </system.web>
</configuration>
 


ITcrowdAsked:
Who is Participating?
 
redseatechnologiesConnect With a Mentor Commented:
ahhhhh,

The Exchange server setting, which I am assuming you are talking about where it asks for exchange server name and username, should always be the internal name.

I think that would be your problem (as well has having proxy authentication on NTLM (possibly))

-red
0
 
redseatechnologiesCommented:
I am confused as to what you are trying to do.

You want to connect outlook to exchange from outside the network - That is fine, and can be achieved with RPC/HTTP

But, you are trying to use OWA (which doesn't use outlook at all) and to make matters worse you are trying to log on to OWAAdmin to get you there?

If you want to access OWA - go to http://server.domain.com/exchange

If you want to connect Outlook to Exchange over the net, then you will need to do a little work (as opposed to OWA, which is configured by default)

http://www.amset.info/exchange/rpc-http.asp

-red
0
 
ITcrowdAuthor Commented:
Im sorry for the confusion for I am confused myself.  I can use Outlook Web Access no problem but for some reason I could not log in to the OWAadmin utility.  I thought maybe there, I could configure the Exchange over the net thing.  I guess Im wrong. lol

Anyhow are there any other ways or links I can go to that explains this RTC over HTTPS in lamens terms?  I have one machine that can do this (the owner of the company) has a laptop that he takes home and he simply opens his outlook and still gets his emails via exchange over the net.  So I assume the certificate thing has already been taken care of.    I copied the exact same settings on my machine and I still could not get my emails outside via outlook 2003.  

Below is what he has on his Exchange Proxy Settings,

on the https://  it says "servername.domainname.local" (Id rather not publish the real name here)

Connect using SSL only IS NOT CHECKED

On fast networks... IS NOT CHECKED

and on slownetworks IS CHECKED

Proxy Authentication settings is set to BASIC AUTHENTICATION.



I dont even understand how his is working.

Please  advise.

0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
redseatechnologiesCommented:
https://servername.domainname.local isn't going to work (mainly, the dot local part)

I am not totally convinced that this is set up properly yet, from his machine close outlook and go; start> run> outlook /rpcdiag

Does it connect over HTTPS?

If so, then it is working - if not (it will come up with TCP/IP) then it is not right (obviously, test this when he is not on the network OR tick the "on fast networks use HTTPS" box.  If it works over TCP/IP from his house, then your server is wide open, so lets hope that isn't the case for now.

As for other guides, assuming it is all configured properly on the server and all you need is client guides, have a look at these;

http://www.amset.info/exchange/rpc-http-client2.asp (same as above, but for outlook)
http://www.petri.co.il/configure_outlook_2003_to_use_rpc_over_http.htm (#2 on my list of favourite Exchange Admins)

-red
0
 
ITcrowdAuthor Commented:
I did everything on the client side as what amset says.  I gues it's on the server side is where I really have to do something.  Im really hestant to make changes to the server registries.  I'm afraid if I make the changes, our exchange wont work anymore no one gets anyemails.  Is this absolutely necessary?  If it is, which registry I should change or add?  

Please advise

-itc
0
 
redseatechnologiesCommented:
The only way that following the guides is going to stop email flowing is if you do something NOT in the guides (or out of order, etc)

At this stage, we really do not know where the network is up to in regards to this - it could be configured properly on the server, it may not be.  I would be inclined to follow the first link I posted to configure the server, and just make sure it is all as it should be.

If you want extra clarification before making a change, post it here and I will test it on one of my servers for you

-red
0
 
ITcrowdAuthor Commented:
Hi Red Thanks.  Ok I made the changes in the registries.

Domain Controller Registry which was this:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters]
"NSPI Interface protocol sequences"=hex(7):6e,00,63,00,61,00,63,00,6e,00,5f,00,\
  68,00,74,00,74,00,70,00,3a,00,36,00,30,00,30,00,34,00,00,00,00,00

and made this change

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy]
"ValidPorts"="server:100-5000;
swaymail:6001-6002;
swaymail:6004;
swaymail.sway.local:6001-6002;
swaymail.sway.local:6004;
swaymail.swaystudio.com:6001-6002;
swaymail.swaystudio.com:6004;"

Anything else I need to do?  Btw How do I figure out the SSL Certificate?  Because maybe this is why it's not working?

Please advise.
0
 
redseatechnologiesCommented:
Nope, your SSL cert is fine (I just tested it) - so you can stop worrying about that (until 2008)

So, you should be good to go, is your Domain controller windows 2003?

When you configure outlook with the above guide, and then open it (close outlook and then go; start> run> outlook /rpcdiag) what does it come up with?

-red
0
 
ITcrowdAuthor Commented:
yes I have three DCs on 2003 and one of them is my exchange 2003.

When I go to start> run> outlook /rpcdiag, I outlook opens to a Exchange Server Connection Status but there's nothing there.

thanks red

0
 
redseatechnologiesCommented:
What is happening on outlook when this happens?

I would be inclined to create a new outlook profile from scratch, as shown here -> http://www.amset.info/exchange/rpc-http-client2.asp

Forget about the settings the boss has (if you are trying to mirror them) get it working as per the guide on your machine, then worry about reconfiguring his.

-red
0
 
ITcrowdAuthor Commented:
Actually, I already created a new profile because on my machine at home, Im pop3ing to another email account  so I had to create another profile for me to log on to this company.  (Im just basically RDCing to my machine at home to test it)  Im running Outlook 2003 on XP Pro SP2 at home.  Still can't get it to work.  When I open outlook, I pick the new profile and  an authentication window pops up (Connect to swaymail.swaystudio.com) asking me for my username and password.  Nothing happens when I put in my username and password.  the authentication window merely comes back everytime. I press ok.
0
 
redseatechnologiesCommented:
ahhh,

How are you entering the username?

Try entering it like so; username@domain.local

or; DOMAIN\username

-red
0
 
ITcrowdAuthor Commented:
I tried these several times even before posting this topic here.

username   doesn't work
DOMAIN\username    doesn't work
username@domain.local     doesn't work

Again, the authentication window merely comes back everytime I press ok.


I can access OWA w no problems.

I have everything configured EXACTLY how AMSET says for the Client RPC over HTTPS: Client Setup: Remote Machine not on Domain

I tried it in two other machines in different locations outside this network.  I am getting the same thing.  

Please advise.  

There might be more things I need to do to the server?

0
 
redseatechnologiesCommented:
have you changed any of the permissions on the default website (in IIS)?

If it comes back, it is connecting but refusing you because of an authentication problem.  I would expect that to be because you have dodgy permissions in there somewhere.

I will show you the permissions you should have, once I compile them

-red

0
 
ITcrowdAuthor Commented:
Did you mean on the properties of default web site on the IIS?

On the properties of default web site, Directory Security tab - Authentication and access control - edit I see

IUSR_SWAYMAIL
***********

Is this what you mean?
0
 
redseatechnologiesCommented:
OK, here is how one of my working servers is configured;

Default Web Site -> Anonymous, Integrated, Digest
 Exadmin -> Integrated
 Exchange -> Basic
 Exchweb -> Anonymous
 RPC -> Integrated, Basic
 RPCWithCert -> NONE
 
How does that compare with what you have?

-red
0
 
ITcrowdAuthor Commented:
Default Web Site -> Anonymous
Exadmin -> Integrated
Exchange -> Integrated and Basic
Exchweb -> Anonymous
RPC -> Integrated
RPCWithCert -> NONE

I guess I should just copy yours?  and restart the IIS services?



0
 
redseatechnologiesCommented:
Set RPC to the same as mine - leave the exchange dir for now

Then yeah, restart the services (start, run, iisreset)

-red
0
 
ITcrowdAuthor Commented:
Still no progress my friend.  

I'm merely getting "The connection to the Microsoft Server is unavailable.  Outlook must be online or connected blah blah blah.
0
 
redseatechnologiesCommented:
Try setting the proxy authetication settings to basic (from NTLM) (it is an option in outlook in the "connect to my server using HTTP")

Step 6 here -> http://www.amset.info/exchange/rpc-http-client2.asp



0
 
redseatechnologiesCommented:
submitted too soon,

If that doesn't do it for you, I will need to call someone else in - I am tapped, and obviously missing something!

-red
0
 
ITcrowdAuthor Commented:
Just to let you know.  I figured it out.  Im not sure how it's working but this is what i put on the

Exchange Server settings:  swaymail.sway.local  (servername.domain.local)

and then on my Exchange proxy settings window, connection tab I have,

https://swaymail.swaystudio.com

on my connection settings:  
Connect using SSL only is CHECKED
Only connect to proxxy servers.. is unchecked
On fast networks is unchecked
On slow is checked

and Proxy Authentication is set to basic.

And lastly I have the ipaddress entry on my host file on the etc folder as  x.x.x.x     swaymail.swaystudio.com

I'm just not sure why is this working?

It was just luck that I figured it out by trail and error.

Why is this working?
0
 
redseatechnologiesCommented:
How is that different to what wasn't working?

why have you not got anything in the msstd field?

What makes you think it shouldn't work like above?
0
 
ITcrowdAuthor Commented:
when it wasn't working, I had,

Exchange Server settings:  swaymail.swaystudio.com

and then on my Exchange proxy settings window, connection tab I have,

https://swaymail.swaystudio.com

on my connection settings:  
Connect using SSL only is CHECKED
Only connect to proxxy servers.. is checked and i had the msstd field filled out - msstd: swaymail.swaystudio.com

On fast networks checked
On slow ... checked

and Proxy Authentication is set to NTLM authentication just like the instruction says on AMSET.


0
 
ITcrowdAuthor Commented:
Thanks for the help man!  In my efforts to figure this thing out, I learned so much!
0
 
redseatechnologiesCommented:
You are most welcome!

Also, does your name refer to a TV Show?

-red
0
 
ITcrowdAuthor Commented:
haha!  yup I'm more like Roy because if I were Moss, I wouldn't be asking you these questions. lol
0
 
redseatechnologiesCommented:
lmfao, I love that show, shame it was limited to only a few shows.

My wife reckons I am Roy too.  "Hello IT, have you turned it off and then on again?  OK, are you sure it is plugged in?  Excellent, thanks for calling!"

It reminded me very much of BOFH, if I thought the un-nerdy public would not flatly reject it, I would be all for an investment into producing BOFH for TV :)

-red
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.