Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 437
  • Last Modified:

rpc over https/outlook anywhere problem

I am attemping to get Outllook 2003 to connect to exchange using rpc over https.  I am getting an error UNABLE TO OPEN YOUR DEFAULT EMAIL FOLDERS.  YOU MUST CONNECT TO YOUR MICROSOFT EXCHANGE SERVER COMPUTER WITH THE CURRENT PROFILE BEFORE YOUC AN SYNCHRONIZE WITH YOU OFF LINE FILE FOLDER.
Here is the environmental description:
Exchange 2007 running on a Windows 2008 Server
Two domain controllers Windows 2008 server a Windows 2003 r2 server
Internal doman - xy.local
external domain - company.com
exchange server name - zzexchange1
a certificate was created on the exchange server using New-ExchangeCertificate command from the exchange management shell using wxyz.company.com as the host domain for external
this certificate is associatred with all iis (is a .pfx cert that is installed in trusted authorities store)
Items of note, I get the authentication dialog and appear to authenticate, also, owa works w/o giving any certificate error.
When I created the exchange profile in outlook w/ rpc over https the user name if found and verified.
When I click on the outlook icon in the tool bar and select connection status I can see it trying to cconnect to zzexchange1.xy.local using https for mail and referal, then quicly clears those and tries several other connections using the machine name only
Then the error written above displays from outlook.
Help Appreciated.
0
jtmoske
Asked:
jtmoske
  • 2
  • 2
  • 2
1 Solution
 
Sanga CollinsSystems AdminCommented:
that message usally pops up when outlook can not resolve the mailbox name in the global address list.
0
 
jtmoskeAuthor Commented:
Thank you for the comment.  When the profile is created in outlook, and you input the https parameters, the exchange server name and the username, it resolves, it discovers the user and shows the delivery destination in the profile as that users mailbox.  
Thoughts on why that would be the case, but when outlook is opened it can't find the mailbox, if that is what the error is indicating.
Again, Thank you for the help.
0
 
MesthaCommented:
The self generated certificate is not supported for use with Outlook Anywhere.
It will also cause a problem because Outlook cannot cope with the certificate prompt. You need to change the certificate for a commercial SAN/UC certificate.

http://blog.sembee.co.uk/archive/2008/05/30/78.aspx

The problem can also occur due to an authentication mismatch, where you have integrated/NTLM enabled in Exchange and basic enabled in Outlook, or vice versa.

Simon.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
Sanga CollinsSystems AdminCommented:
@mestha: good point about the certificate. i too have never been able to succesfully setup RPC over HTTP without a commercial certficate
0
 
jtmoskeAuthor Commented:
I have this working in part.
When I create the profile in outlook and I use either the external or local FQDN for the exchange server, I can not make the connection with the exchange server.  If I open up the firewall for the rpc port and upper ports (to make it simple to test I just opened up all tcp to the exchange server) and use the external FQDN (internal FQDN does not work) the process completes makes the connection with the exchnage server and outlook anywhere recognizes the input user.  I then can close up the firewall to allow only https to the exchange server and the profile just created continues to work as it should.  So, it appears when I first create the profile https fails and straight RPC must be used, after that outlook anywhere (https) works fine.  Obviously this is not an ideal solution.  Does anyone know why this behavior may be occuring?
0
 
MesthaCommented:
That shouldn't be required. As long as you enter the correct information in to Outlook, or have autodiscover do it for you on Outlook 2007 it should just work.

Remember this feature was designed for the hosted Exchange community, which are not going to open the RPC ports or VPN to their network.

Simon.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 2
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now