ITcrowd
asked on
Access Exchange 2003 out side the network
What I want to do is to be able to configure my outlook to to access my Exchange 2003 at work. I couldn't log on the OWAadmin. I'm really having a hard time understanding the documentations I read here but can someone please help me with this and point me to the right direction. What needs to be done to my Exchange 2003 running on Server 2003 and My outlook 2003 at home? I dont want to pop3 or imap or use the OWA on the browser. From my research, I dont even have to configure a VPN connection. Please help.
Im getting this (below) when i log in to the OWAadmin even if I already have domain admin rights. Please advise.
Server Error in '/OWAAdmin' Application.
--------------------------
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustomp
</system.web>
</configuration>
Im getting this (below) when i log in to the OWAadmin even if I already have domain admin rights. Please advise.
Server Error in '/OWAAdmin' Application.
--------------------------
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustomp
</system.web>
</configuration>
ASKER
Im sorry for the confusion for I am confused myself. I can use Outlook Web Access no problem but for some reason I could not log in to the OWAadmin utility. I thought maybe there, I could configure the Exchange over the net thing. I guess Im wrong. lol
Anyhow are there any other ways or links I can go to that explains this RTC over HTTPS in lamens terms? I have one machine that can do this (the owner of the company) has a laptop that he takes home and he simply opens his outlook and still gets his emails via exchange over the net. So I assume the certificate thing has already been taken care of. I copied the exact same settings on my machine and I still could not get my emails outside via outlook 2003.
Below is what he has on his Exchange Proxy Settings,
on the https:// it says "servername.domainname.loc
Connect using SSL only IS NOT CHECKED
On fast networks... IS NOT CHECKED
and on slownetworks IS CHECKED
Proxy Authentication settings is set to BASIC AUTHENTICATION.
I dont even understand how his is working.
Please advise.
Anyhow are there any other ways or links I can go to that explains this RTC over HTTPS in lamens terms? I have one machine that can do this (the owner of the company) has a laptop that he takes home and he simply opens his outlook and still gets his emails via exchange over the net. So I assume the certificate thing has already been taken care of. I copied the exact same settings on my machine and I still could not get my emails outside via outlook 2003.
Below is what he has on his Exchange Proxy Settings,
on the https:// it says "servername.domainname.loc
Connect using SSL only IS NOT CHECKED
On fast networks... IS NOT CHECKED
and on slownetworks IS CHECKED
Proxy Authentication settings is set to BASIC AUTHENTICATION.
I dont even understand how his is working.
Please advise.
https://servername.domainname.local isn't going to work (mainly, the dot local part)
I am not totally convinced that this is set up properly yet, from his machine close outlook and go; start> run> outlook /rpcdiag
Does it connect over HTTPS?
If so, then it is working - if not (it will come up with TCP/IP) then it is not right (obviously, test this when he is not on the network OR tick the "on fast networks use HTTPS" box. If it works over TCP/IP from his house, then your server is wide open, so lets hope that isn't the case for now.
As for other guides, assuming it is all configured properly on the server and all you need is client guides, have a look at these;
http://www.amset.info/exchange/rpc-http-client2.asp (same as above, but for outlook)
http://www.petri.co.il/configure_outlook_2003_to_use_rpc_over_http.htm (#2 on my list of favourite Exchange Admins)
-red
I am not totally convinced that this is set up properly yet, from his machine close outlook and go; start> run> outlook /rpcdiag
Does it connect over HTTPS?
If so, then it is working - if not (it will come up with TCP/IP) then it is not right (obviously, test this when he is not on the network OR tick the "on fast networks use HTTPS" box. If it works over TCP/IP from his house, then your server is wide open, so lets hope that isn't the case for now.
As for other guides, assuming it is all configured properly on the server and all you need is client guides, have a look at these;
http://www.amset.info/exchange/rpc-http-client2.asp (same as above, but for outlook)
http://www.petri.co.il/configure_outlook_2003_to_use_rpc_over_http.htm (#2 on my list of favourite Exchange Admins)
-red
ASKER
I did everything on the client side as what amset says. I gues it's on the server side is where I really have to do something. Im really hestant to make changes to the server registries. I'm afraid if I make the changes, our exchange wont work anymore no one gets anyemails. Is this absolutely necessary? If it is, which registry I should change or add?
Please advise
-itc
Please advise
-itc
The only way that following the guides is going to stop email flowing is if you do something NOT in the guides (or out of order, etc)
At this stage, we really do not know where the network is up to in regards to this - it could be configured properly on the server, it may not be. I would be inclined to follow the first link I posted to configure the server, and just make sure it is all as it should be.
If you want extra clarification before making a change, post it here and I will test it on one of my servers for you
-red
At this stage, we really do not know where the network is up to in regards to this - it could be configured properly on the server, it may not be. I would be inclined to follow the first link I posted to configure the server, and just make sure it is all as it should be.
If you want extra clarification before making a change, post it here and I will test it on one of my servers for you
-red
ASKER
Hi Red Thanks. Ok I made the changes in the registries.
Domain Controller Registry which was this:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM
"NSPI Interface protocol sequences"=hex(7):6e,00,63
68,00,74,00,74,00,70,00,3a
and made this change
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWA
"ValidPorts"="server:100-5
swaymail:6001-6002;
swaymail:6004;
swaymail.sway.local:6001-6
swaymail.sway.local:6004;
swaymail.swaystudio.com:60
swaymail.swaystudio.com:60
Anything else I need to do? Btw How do I figure out the SSL Certificate? Because maybe this is why it's not working?
Please advise.
Domain Controller Registry which was this:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM
"NSPI Interface protocol sequences"=hex(7):6e,00,63
68,00,74,00,74,00,70,00,3a
and made this change
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWA
"ValidPorts"="server:100-5
swaymail:6001-6002;
swaymail:6004;
swaymail.sway.local:6001-6
swaymail.sway.local:6004;
swaymail.swaystudio.com:60
swaymail.swaystudio.com:60
Anything else I need to do? Btw How do I figure out the SSL Certificate? Because maybe this is why it's not working?
Please advise.
Nope, your SSL cert is fine (I just tested it) - so you can stop worrying about that (until 2008)
So, you should be good to go, is your Domain controller windows 2003?
When you configure outlook with the above guide, and then open it (close outlook and then go; start> run> outlook /rpcdiag) what does it come up with?
-red
So, you should be good to go, is your Domain controller windows 2003?
When you configure outlook with the above guide, and then open it (close outlook and then go; start> run> outlook /rpcdiag) what does it come up with?
-red
ASKER
yes I have three DCs on 2003 and one of them is my exchange 2003.
When I go to start> run> outlook /rpcdiag, I outlook opens to a Exchange Server Connection Status but there's nothing there.
thanks red
When I go to start> run> outlook /rpcdiag, I outlook opens to a Exchange Server Connection Status but there's nothing there.
thanks red
What is happening on outlook when this happens?
I would be inclined to create a new outlook profile from scratch, as shown here -> http://www.amset.info/exchange/rpc-http-client2.asp
Forget about the settings the boss has (if you are trying to mirror them) get it working as per the guide on your machine, then worry about reconfiguring his.
-red
I would be inclined to create a new outlook profile from scratch, as shown here -> http://www.amset.info/exchange/rpc-http-client2.asp
Forget about the settings the boss has (if you are trying to mirror them) get it working as per the guide on your machine, then worry about reconfiguring his.
-red
ASKER
Actually, I already created a new profile because on my machine at home, Im pop3ing to another email account so I had to create another profile for me to log on to this company. (Im just basically RDCing to my machine at home to test it) Im running Outlook 2003 on XP Pro SP2 at home. Still can't get it to work. When I open outlook, I pick the new profile and an authentication window pops up (Connect to swaymail.swaystudio.com) asking me for my username and password. Nothing happens when I put in my username and password. the authentication window merely comes back everytime. I press ok.
ahhh,
How are you entering the username?
Try entering it like so; username@domain.local
or; DOMAIN\username
-red
How are you entering the username?
Try entering it like so; username@domain.local
or; DOMAIN\username
-red
ASKER
I tried these several times even before posting this topic here.
username doesn't work
DOMAIN\username doesn't work
username@domain.local doesn't work
Again, the authentication window merely comes back everytime I press ok.
I can access OWA w no problems.
I have everything configured EXACTLY how AMSET says for the Client RPC over HTTPS: Client Setup: Remote Machine not on Domain
I tried it in two other machines in different locations outside this network. I am getting the same thing.
Please advise.
There might be more things I need to do to the server?
username doesn't work
DOMAIN\username doesn't work
username@domain.local doesn't work
Again, the authentication window merely comes back everytime I press ok.
I can access OWA w no problems.
I have everything configured EXACTLY how AMSET says for the Client RPC over HTTPS: Client Setup: Remote Machine not on Domain
I tried it in two other machines in different locations outside this network. I am getting the same thing.
Please advise.
There might be more things I need to do to the server?
have you changed any of the permissions on the default website (in IIS)?
If it comes back, it is connecting but refusing you because of an authentication problem. I would expect that to be because you have dodgy permissions in there somewhere.
I will show you the permissions you should have, once I compile them
-red
If it comes back, it is connecting but refusing you because of an authentication problem. I would expect that to be because you have dodgy permissions in there somewhere.
I will show you the permissions you should have, once I compile them
-red
ASKER
Did you mean on the properties of default web site on the IIS?
On the properties of default web site, Directory Security tab - Authentication and access control - edit I see
IUSR_SWAYMAIL
***********
Is this what you mean?
On the properties of default web site, Directory Security tab - Authentication and access control - edit I see
IUSR_SWAYMAIL
***********
Is this what you mean?
OK, here is how one of my working servers is configured;
Default Web Site -> Anonymous, Integrated, Digest
Exadmin -> Integrated
Exchange -> Basic
Exchweb -> Anonymous
RPC -> Integrated, Basic
RPCWithCert -> NONE
How does that compare with what you have?
-red
Default Web Site -> Anonymous, Integrated, Digest
Exadmin -> Integrated
Exchange -> Basic
Exchweb -> Anonymous
RPC -> Integrated, Basic
RPCWithCert -> NONE
How does that compare with what you have?
-red
ASKER
Default Web Site -> Anonymous
Exadmin -> Integrated
Exchange -> Integrated and Basic
Exchweb -> Anonymous
RPC -> Integrated
RPCWithCert -> NONE
I guess I should just copy yours? and restart the IIS services?
Exadmin -> Integrated
Exchange -> Integrated and Basic
Exchweb -> Anonymous
RPC -> Integrated
RPCWithCert -> NONE
I guess I should just copy yours? and restart the IIS services?
Set RPC to the same as mine - leave the exchange dir for now
Then yeah, restart the services (start, run, iisreset)
-red
Then yeah, restart the services (start, run, iisreset)
-red
ASKER
Still no progress my friend.
I'm merely getting "The connection to the Microsoft Server is unavailable. Outlook must be online or connected blah blah blah.
I'm merely getting "The connection to the Microsoft Server is unavailable. Outlook must be online or connected blah blah blah.
Try setting the proxy authetication settings to basic (from NTLM) (it is an option in outlook in the "connect to my server using HTTP")
Step 6 here -> http://www.amset.info/exchange/rpc-http-client2.asp
Step 6 here -> http://www.amset.info/exchange/rpc-http-client2.asp
submitted too soon,
If that doesn't do it for you, I will need to call someone else in - I am tapped, and obviously missing something!
-red
If that doesn't do it for you, I will need to call someone else in - I am tapped, and obviously missing something!
-red
ASKER
Just to let you know. I figured it out. Im not sure how it's working but this is what i put on the
Exchange Server settings: swaymail.sway.local (servername.domain.local)
and then on my Exchange proxy settings window, connection tab I have,
https://swaymail.swaystudio.com
on my connection settings:
Connect using SSL only is CHECKED
Only connect to proxxy servers.. is unchecked
On fast networks is unchecked
On slow is checked
and Proxy Authentication is set to basic.
And lastly I have the ipaddress entry on my host file on the etc folder as x.x.x.x swaymail.swaystudio.com
I'm just not sure why is this working?
It was just luck that I figured it out by trail and error.
Why is this working?
Exchange Server settings: swaymail.sway.local (servername.domain.local)
and then on my Exchange proxy settings window, connection tab I have,
https://swaymail.swaystudio.com
on my connection settings:
Connect using SSL only is CHECKED
Only connect to proxxy servers.. is unchecked
On fast networks is unchecked
On slow is checked
and Proxy Authentication is set to basic.
And lastly I have the ipaddress entry on my host file on the etc folder as x.x.x.x swaymail.swaystudio.com
I'm just not sure why is this working?
It was just luck that I figured it out by trail and error.
Why is this working?
How is that different to what wasn't working?
why have you not got anything in the msstd field?
What makes you think it shouldn't work like above?
why have you not got anything in the msstd field?
What makes you think it shouldn't work like above?
ASKER
when it wasn't working, I had,
Exchange Server settings: swaymail.swaystudio.com
and then on my Exchange proxy settings window, connection tab I have,
https://swaymail.swaystudio.com
on my connection settings:
Connect using SSL only is CHECKED
Only connect to proxxy servers.. is checked and i had the msstd field filled out - msstd: swaymail.swaystudio.com
On fast networks checked
On slow ... checked
and Proxy Authentication is set to NTLM authentication just like the instruction says on AMSET.
Exchange Server settings: swaymail.swaystudio.com
and then on my Exchange proxy settings window, connection tab I have,
https://swaymail.swaystudio.com
on my connection settings:
Connect using SSL only is CHECKED
Only connect to proxxy servers.. is checked and i had the msstd field filled out - msstd: swaymail.swaystudio.com
On fast networks checked
On slow ... checked
and Proxy Authentication is set to NTLM authentication just like the instruction says on AMSET.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the help man! In my efforts to figure this thing out, I learned so much!
You are most welcome!
Also, does your name refer to a TV Show?
-red
Also, does your name refer to a TV Show?
-red
ASKER
haha! yup I'm more like Roy because if I were Moss, I wouldn't be asking you these questions. lol
lmfao, I love that show, shame it was limited to only a few shows.
My wife reckons I am Roy too. "Hello IT, have you turned it off and then on again? OK, are you sure it is plugged in? Excellent, thanks for calling!"
It reminded me very much of BOFH, if I thought the un-nerdy public would not flatly reject it, I would be all for an investment into producing BOFH for TV :)
-red
My wife reckons I am Roy too. "Hello IT, have you turned it off and then on again? OK, are you sure it is plugged in? Excellent, thanks for calling!"
It reminded me very much of BOFH, if I thought the un-nerdy public would not flatly reject it, I would be all for an investment into producing BOFH for TV :)
-red
You want to connect outlook to exchange from outside the network - That is fine, and can be achieved with RPC/HTTP
But, you are trying to use OWA (which doesn't use outlook at all) and to make matters worse you are trying to log on to OWAAdmin to get you there?
If you want to access OWA - go to http://server.domain.com/exchange
If you want to connect Outlook to Exchange over the net, then you will need to do a little work (as opposed to OWA, which is configured by default)
http://www.amset.info/exchange/rpc-http.asp
-red