Outlook Anywhere not working

I am trying to get RPC over HTTPS working for Exchange 2007 on server 2008.  I have enabled outlook anywhere in the management console and installed the RPC over HTTPS feature.  I have installed a 3rd party SSL certificate, and I get now errors when going to OWA, or to RPC through a web browser.
First time with getting outlook anywhere and IIS 7.0 working.  Any help would be appreciated.
newgentechnologiesAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DMTechGrooupCommented:
Start here and post back any results.

https://www.testexchangeconnectivity.com/
0
newgentechnologiesAuthor Commented:
the problem with that test is that I cannot put in the RPC server.  The e-mail domain is test2007@orion.brinkman.ca, but the web page is mail.binkmanforest.com.  Is this not possible with outlook anywhere?
0
MesthaCommented:
It doesn't matter that your domains are different. Just provide the information that it requires. Most sites will have different domains to the host name used for the certificate, just provide the information that it asks for and test.

Simon.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

newgentechnologiesAuthor Commented:
when I tried outlook 2007 auto discovery test, it failed because of it was resolving the orion.brinkman.ca and going to the wrong place.
When I tried Microsoft Office Outlook 2003 RPC/HTTP Connectivity Test, I got an error Attempting to ping RPC Endpoint 6004 (NSPI Proxy Interface) on server sirius.orion.brinkman.ca.  Checking to make sure all the updates are done.
0
newgentechnologiesAuthor Commented:
Tried the outlook 2003 rpc/HTTP connectivity test after installing the Exchange 2007 SP1 RU7  and got this error.

Testing NSPI Interface on Exchange Mailbox Server
  An error occured while testing the NSPI Interface.
 Test Steps
   Attempting to ping RPC Endpoint 6004 (NSPI Proxy Interface) on server sirius.orion.brinkman.ca
  Failed to ping Endpoint
   Tell me more about this issue and how to resolve it
 
 Additional Details
  RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime
 
 
 

0
MesthaCommented:
What is the server the error refers? Your Exchange server or your domain controller?
Is Exchange installed on a domain controller?

Simon.
0
newgentechnologiesAuthor Commented:
the server that is getting the error is the exchange 2007 server.  It is not installed on a domain controller and there is no exchange servers installed on a domain controller.
0
esmith69Commented:
Is Exchange 2007 by any chance installed on a Windows Server 2008 system?  I had a bunch of issues with a recent Exchange 2007 deployment on a 2008 system.  There were several different things that needed to be done to fix it.
0
esmith69Commented:
Sorry, I failed to read your original post completely.  Now I see that it is on 2008.

Have you disabled IPv6? That is one known issue.  Let me look in my bookmarks for the other possible issues.
0
esmith69Commented:
Have you already checked out the suggestions on this MS page?:  http://technet.microsoft.com/en-us/library/dd439392.aspx

0
newgentechnologiesAuthor Commented:
IPV6 is disabled

From that page I did rollup 7, looked in the regedit and siriu.orion.brinkman.ca is there with the ports. We have an exchange 2003 server, and that netbios name is there too.  RPC over HTTPS is working for the exchange 2003 server.
I am able to telnet from other internal servers.
0
MesthaCommented:
I had this happen to me the other day on a client system.
What I ended up doing was disabling Outlook Anywhere, waiting 20 minutes for Exchange to take effect. Then removing the RPC over HTTPS proxy component from Features and removing the RPC virtual directories from IIS Manager. Finally ran IISRESET to write the change to the IIS metabase.
Then reinstalled the RPC Proxy component and enabled the Outlook Anywhere feature again. It then burst in to life.

Simon.
0
esmith69Commented:
What happens when you run the "Test-OutlookWebServices" command from PowerShell?
0
esmith69Commented:
Sorry, I forgot to also mention to add "| list" to the end of the abovecommand.  This will make it easier to read the results.

MS really should have made this command automatically run in list view as it is next to worthless in the default view.
0
newgentechnologiesAuthor Commented:
when I run "test-outlookwebservices" i get this
       Id                       Type Message
       --                       ---- -------
     1003                Information About to test AutoDisc...
     1007                Information Testing server Sirius....
     1019                Information Found a valid AutoDisc...
     1005                      Error When accessing https:/...
     1006                Information The Autodiscover servi...
     1016                    Success [EXCH]-Successfully co...
     1015                Information [EXCH]-The OAB is not ...
     1014                    Success [EXCH]-Successfully co...
     1016                Information [EXPR]-The AS is not c...
     1015                Information [EXPR]-The OAB is not ...
     1014                Information [EXPR]-The UM is not c...
     1017                    Success [EXPR]-Successfully co...
     1006                    Success The Autodiscover servi...

Is there a way to see everything?
0
newgentechnologiesAuthor Commented:
I get some errors about autodiscovery and the ssl certificate.  It tries to go to the local name, so it fails.

Id      : 1005
Type    : Error
Message : When accessing https://sirius.orion.brinkman.ca/Autodiscover/Autodisc
          over.xml the error "RemoteCertificateNameMismatch:CN=mail2.brinkmanfo
          rest.com, OU=Forestry, O=Brinkman & Associates Reforestation Ltd., L=
          New Westminster, S=British Columbia, C=CA" was reported.
0
esmith69Commented:
yea that's what adding the "| list" part does.  It's the vertical bar key ("pipe").  Same key as the backslash.
0
esmith69Commented:
sorry, just saw your post.  Looks like the common name listed on the certificate is not the same as the host name of the server.

What kind of certificate is this?  A UCC/SAN certificate?
0
newgentechnologiesAuthor Commented:
It is a 3rd party ssl from entrust
0
esmith69Commented:
Have you already tried the suggestions that Mestha recommended?  If not, I would focus on that first.  If that doesn't work, there is one other thing you can try.  I need to pull up the exact command, I can't remember it off the top of my head.
0
esmith69Commented:
when you created the certificate did you specify SANs (Subject Alternative Names)?
0
newgentechnologiesAuthor Commented:
yea i am trying Mestha's idea right now.  Didn't do a SANs, not sure what that is, and when doing rpc over https for exchange 2003, never did.
0
esmith69Commented:
If it didn't mention anything about specifying Subject Alternative Names when you created your SSL certificate, then most likely you only purchased a cert that supported a single entry.  a SAN/UCC certificate allows you to specify several different possible host names that clients might use to connect to the server.  While this may sound unnecessary, it's actually required if you want the Exchange Autodiscover feature to work properly from outside of the network.
0
esmith69Commented:
Just wondering...did you recreate the certificate on the Exchange 2007 server (by creating a new CSR file and submitting it to your 3rd-party cert provider and then installing the resulting certificate)?  Or are you trying to use the same certificate that was on the 2003 server?
0
newgentechnologiesAuthor Commented:
I created a new certificate for exchange 2007.  

I also tried Mestha's idea and it didn't work.
0
newgentechnologiesAuthor Commented:
I have found the answer myself.  

It has to do with IPv6, which I disabled on the NIC, but disabling does not stop internal communication using it.  Had to change the HOST file.
* Comment out the line :::1 localhost
* Add the following two lines:
<IPv4 address> <hostname of the computer>
<IPv4 address> <FQDN of the computer>

Links I used to find the answer
http://blog.aaronmarks.com/?p=65
http://weblog.bassq.nl/?p=79
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
esmith69Commented:
Yea I had to do that on a recent Server 2008 implementation as well.  MS really needs to get that stuff fixed.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.