Solved

Access Exchange 2003 out side the network

Posted on 2006-11-29
28
240 Views
Last Modified: 2008-02-01
What I want to do is to be able to configure my outlook to to access my Exchange 2003 at work.  I couldn't log on the OWAadmin.  I'm really having a hard time understanding the documentations I read here but can someone please help me with this and point me to the right direction.  What needs to be done to my Exchange 2003 running on Server 2003 and My outlook 2003 at home? I dont want to pop3 or imap or use the OWA on the browser. From my research, I dont even have to configure a VPN connection.  Please help.  

Im getting this (below) when i log in to the OWAadmin even if I already have domain admin rights.  Please advise.

Server Error in '/OWAAdmin' Application.
--------------------------------------------------------------------------------

Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="Off"/>
    </system.web>
</configuration>
 

Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
    </system.web>
</configuration>
 


0
Comment
Question by:ITcrowd
  • 15
  • 13
28 Comments
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18042256
I am confused as to what you are trying to do.

You want to connect outlook to exchange from outside the network - That is fine, and can be achieved with RPC/HTTP

But, you are trying to use OWA (which doesn't use outlook at all) and to make matters worse you are trying to log on to OWAAdmin to get you there?

If you want to access OWA - go to http://server.domain.com/exchange

If you want to connect Outlook to Exchange over the net, then you will need to do a little work (as opposed to OWA, which is configured by default)

http://www.amset.info/exchange/rpc-http.asp

-red
0
 

Author Comment

by:ITcrowd
ID: 18042495
Im sorry for the confusion for I am confused myself.  I can use Outlook Web Access no problem but for some reason I could not log in to the OWAadmin utility.  I thought maybe there, I could configure the Exchange over the net thing.  I guess Im wrong. lol

Anyhow are there any other ways or links I can go to that explains this RTC over HTTPS in lamens terms?  I have one machine that can do this (the owner of the company) has a laptop that he takes home and he simply opens his outlook and still gets his emails via exchange over the net.  So I assume the certificate thing has already been taken care of.    I copied the exact same settings on my machine and I still could not get my emails outside via outlook 2003.  

Below is what he has on his Exchange Proxy Settings,

on the https://  it says "servername.domainname.local" (Id rather not publish the real name here)

Connect using SSL only IS NOT CHECKED

On fast networks... IS NOT CHECKED

and on slownetworks IS CHECKED

Proxy Authentication settings is set to BASIC AUTHENTICATION.



I dont even understand how his is working.

Please  advise.

0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18042713
https://servername.domainname.local isn't going to work (mainly, the dot local part)

I am not totally convinced that this is set up properly yet, from his machine close outlook and go; start> run> outlook /rpcdiag

Does it connect over HTTPS?

If so, then it is working - if not (it will come up with TCP/IP) then it is not right (obviously, test this when he is not on the network OR tick the "on fast networks use HTTPS" box.  If it works over TCP/IP from his house, then your server is wide open, so lets hope that isn't the case for now.

As for other guides, assuming it is all configured properly on the server and all you need is client guides, have a look at these;

http://www.amset.info/exchange/rpc-http-client2.asp (same as above, but for outlook)
http://www.petri.co.il/configure_outlook_2003_to_use_rpc_over_http.htm (#2 on my list of favourite Exchange Admins)

-red
0
 

Author Comment

by:ITcrowd
ID: 18048842
I did everything on the client side as what amset says.  I gues it's on the server side is where I really have to do something.  Im really hestant to make changes to the server registries.  I'm afraid if I make the changes, our exchange wont work anymore no one gets anyemails.  Is this absolutely necessary?  If it is, which registry I should change or add?  

Please advise

-itc
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18049257
The only way that following the guides is going to stop email flowing is if you do something NOT in the guides (or out of order, etc)

At this stage, we really do not know where the network is up to in regards to this - it could be configured properly on the server, it may not be.  I would be inclined to follow the first link I posted to configure the server, and just make sure it is all as it should be.

If you want extra clarification before making a change, post it here and I will test it on one of my servers for you

-red
0
 

Author Comment

by:ITcrowd
ID: 18049560
Hi Red Thanks.  Ok I made the changes in the registries.

Domain Controller Registry which was this:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters]
"NSPI Interface protocol sequences"=hex(7):6e,00,63,00,61,00,63,00,6e,00,5f,00,\
  68,00,74,00,74,00,70,00,3a,00,36,00,30,00,30,00,34,00,00,00,00,00

and made this change

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy]
"ValidPorts"="server:100-5000;
swaymail:6001-6002;
swaymail:6004;
swaymail.sway.local:6001-6002;
swaymail.sway.local:6004;
swaymail.swaystudio.com:6001-6002;
swaymail.swaystudio.com:6004;"

Anything else I need to do?  Btw How do I figure out the SSL Certificate?  Because maybe this is why it's not working?

Please advise.
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18049613
Nope, your SSL cert is fine (I just tested it) - so you can stop worrying about that (until 2008)

So, you should be good to go, is your Domain controller windows 2003?

When you configure outlook with the above guide, and then open it (close outlook and then go; start> run> outlook /rpcdiag) what does it come up with?

-red
0
 

Author Comment

by:ITcrowd
ID: 18049682
yes I have three DCs on 2003 and one of them is my exchange 2003.

When I go to start> run> outlook /rpcdiag, I outlook opens to a Exchange Server Connection Status but there's nothing there.

thanks red

0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18049840
What is happening on outlook when this happens?

I would be inclined to create a new outlook profile from scratch, as shown here -> http://www.amset.info/exchange/rpc-http-client2.asp

Forget about the settings the boss has (if you are trying to mirror them) get it working as per the guide on your machine, then worry about reconfiguring his.

-red
0
 

Author Comment

by:ITcrowd
ID: 18050048
Actually, I already created a new profile because on my machine at home, Im pop3ing to another email account  so I had to create another profile for me to log on to this company.  (Im just basically RDCing to my machine at home to test it)  Im running Outlook 2003 on XP Pro SP2 at home.  Still can't get it to work.  When I open outlook, I pick the new profile and  an authentication window pops up (Connect to swaymail.swaystudio.com) asking me for my username and password.  Nothing happens when I put in my username and password.  the authentication window merely comes back everytime. I press ok.
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18050069
ahhh,

How are you entering the username?

Try entering it like so; username@domain.local

or; DOMAIN\username

-red
0
 

Author Comment

by:ITcrowd
ID: 18050141
I tried these several times even before posting this topic here.

username   doesn't work
DOMAIN\username    doesn't work
username@domain.local     doesn't work

Again, the authentication window merely comes back everytime I press ok.


I can access OWA w no problems.

I have everything configured EXACTLY how AMSET says for the Client RPC over HTTPS: Client Setup: Remote Machine not on Domain

I tried it in two other machines in different locations outside this network.  I am getting the same thing.  

Please advise.  

There might be more things I need to do to the server?

0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18050192
have you changed any of the permissions on the default website (in IIS)?

If it comes back, it is connecting but refusing you because of an authentication problem.  I would expect that to be because you have dodgy permissions in there somewhere.

I will show you the permissions you should have, once I compile them

-red

0
 

Author Comment

by:ITcrowd
ID: 18050256
Did you mean on the properties of default web site on the IIS?

On the properties of default web site, Directory Security tab - Authentication and access control - edit I see

IUSR_SWAYMAIL
***********

Is this what you mean?
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18050422
OK, here is how one of my working servers is configured;

Default Web Site -> Anonymous, Integrated, Digest
 Exadmin -> Integrated
 Exchange -> Basic
 Exchweb -> Anonymous
 RPC -> Integrated, Basic
 RPCWithCert -> NONE
 
How does that compare with what you have?

-red
0
 

Author Comment

by:ITcrowd
ID: 18050511
Default Web Site -> Anonymous
Exadmin -> Integrated
Exchange -> Integrated and Basic
Exchweb -> Anonymous
RPC -> Integrated
RPCWithCert -> NONE

I guess I should just copy yours?  and restart the IIS services?



0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18050526
Set RPC to the same as mine - leave the exchange dir for now

Then yeah, restart the services (start, run, iisreset)

-red
0
 

Author Comment

by:ITcrowd
ID: 18050686
Still no progress my friend.  

I'm merely getting "The connection to the Microsoft Server is unavailable.  Outlook must be online or connected blah blah blah.
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18050854
Try setting the proxy authetication settings to basic (from NTLM) (it is an option in outlook in the "connect to my server using HTTP")

Step 6 here -> http://www.amset.info/exchange/rpc-http-client2.asp



0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18050859
submitted too soon,

If that doesn't do it for you, I will need to call someone else in - I am tapped, and obviously missing something!

-red
0
 

Author Comment

by:ITcrowd
ID: 18071281
Just to let you know.  I figured it out.  Im not sure how it's working but this is what i put on the

Exchange Server settings:  swaymail.sway.local  (servername.domain.local)

and then on my Exchange proxy settings window, connection tab I have,

https://swaymail.swaystudio.com

on my connection settings:  
Connect using SSL only is CHECKED
Only connect to proxxy servers.. is unchecked
On fast networks is unchecked
On slow is checked

and Proxy Authentication is set to basic.

And lastly I have the ipaddress entry on my host file on the etc folder as  x.x.x.x     swaymail.swaystudio.com

I'm just not sure why is this working?

It was just luck that I figured it out by trail and error.

Why is this working?
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18071745
How is that different to what wasn't working?

why have you not got anything in the msstd field?

What makes you think it shouldn't work like above?
0
 

Author Comment

by:ITcrowd
ID: 18072865
when it wasn't working, I had,

Exchange Server settings:  swaymail.swaystudio.com

and then on my Exchange proxy settings window, connection tab I have,

https://swaymail.swaystudio.com

on my connection settings:  
Connect using SSL only is CHECKED
Only connect to proxxy servers.. is checked and i had the msstd field filled out - msstd: swaymail.swaystudio.com

On fast networks checked
On slow ... checked

and Proxy Authentication is set to NTLM authentication just like the instruction says on AMSET.


0
 
LVL 39

Accepted Solution

by:
redseatechnologies earned 500 total points
ID: 18072904
ahhhhh,

The Exchange server setting, which I am assuming you are talking about where it asks for exchange server name and username, should always be the internal name.

I think that would be your problem (as well has having proxy authentication on NTLM (possibly))

-red
0
 

Author Comment

by:ITcrowd
ID: 18072980
Thanks for the help man!  In my efforts to figure this thing out, I learned so much!
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18072994
You are most welcome!

Also, does your name refer to a TV Show?

-red
0
 

Author Comment

by:ITcrowd
ID: 18073067
haha!  yup I'm more like Roy because if I were Moss, I wouldn't be asking you these questions. lol
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18073145
lmfao, I love that show, shame it was limited to only a few shows.

My wife reckons I am Roy too.  "Hello IT, have you turned it off and then on again?  OK, are you sure it is plugged in?  Excellent, thanks for calling!"

It reminded me very much of BOFH, if I thought the un-nerdy public would not flatly reject it, I would be all for an investment into producing BOFH for TV :)

-red
0

Featured Post

Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now