Outlook Anywhere Setup

I cannot get Oulook exchange account to work outside my LAN. I installed all teh necessary services following teh instructions off the microsoft site. My current setup that I think is wrong is:
Exchange 2007 - IIS server w/Client access role: Outlook Anywhere FQDN pionts to "webmail.mydomain.com". This is friendly name on the UCC certificate with godaddy. It works fine with OWA.

Outlook exchang account: Exchange server: "exchange.domain.local" with HTTP Exchange Proxy Settings : "webmail.mydomain.com" and Basic authentication.

This setup works inside my LAN, but not outside. Is the any part of this setup that is supposed to include "rpc.mydomain.com", or "rpcwithcert.mydomain.com"?
Dennis JansonIT ManagerAsked:
Who is Participating?
 
MesthaCommented:
You need to have one of the three options in place for autodiscover to work.
The preferred method with a SAN/UC certificate is to have autodiscover.example.com pointing to the same IP address that you are using for Outlook Anywhere, OWA etc.

The mutual authentication error is exactly as you have said. Outlook 2003 in particular needs to see host.example.com as the common name, and will fail on host.example.net - therefore you need to use the same name for the msstd value as is the common name.

Simon.
0
 
lacrewgaCommented:
try https:
0
 
Dennis JansonIT ManagerAuthor Commented:
lacrewga: That did not make a difference.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Rajith EnchiparambilOffice 365 & Exchange ArchitectCommented:
You don't need rpc.domain.com in your certificate. Have you installed RPC HTTP Proxy on your server?

With a test account, try Outlook Anywhere test here https://www.testexchangeconnectivity.com/ (4th option). See what it flags.

Rajith.

0
 
Dennis JansonIT ManagerAuthor Commented:
Rajith:
RPC HTTP Proxy is installed.

I ran the test using webmail.mydomain.com as the RPC proxy (is this right?)

These are the results:
 Attempting to Resolve the host name webmail.gmsminerepair.net in DNS.
 Host successfully Resolved
Additional Details
 IP(s) returned: 64.181.39.101

Testing TCP Port 443 on host webmail.gmsminerepair.net to ensure it is listening/open.
 The port was opened successfully.

Testing SSLCertificate for validity.
 The certificate passed all validation requirements.
Additional Details
 Subject: CN=webmail.gmsminerepair.net, OU=Domain Control Validated, O=webmail.gmsminerepair.net, Issuer SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Testing SSL mutual authentication with RPC Proxy server
 Successfully verified Mutual Authentication
Additional Details
 Certificate common name webmail.gmsminerepair.net matches msstd:webmail.gmsminerepair.net

Testing Http Authentication Methods for URL https://webmail.gmsminerepair.net/rpc/rpcproxy.dll
 Http Authentication Methods are correct
Additional Details
 Found all expected authentication methods and no disallowed methods Methods Found: Basic realm="webmail.gmsminerepair.net"

Attempting to Ping RPC Proxy webmail.gmsminerepair.net
 Pinged RPC Proxy successfully
Additional Details
 Completed with HTTP status 200 - OK

Attempting to ping RPC Endpoint 6001 (Exchange Information Store) on server webmail.gmsminerepair.net
 Failed to ping Endpoint
 Tell me more about this issue and how to resolve it

Additional Details
 RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime
0
 
Dennis JansonIT ManagerAuthor Commented:
I checked the RPC registry keys and they are correct.
0
 
MesthaCommented:
If you have been hacking around with registry keys then that is the first problem. Registry hacking is not required with Exchange 2007 version of Outlook Anywhere/RPC over HTTPS.

Therefore I would suggest that you reset the system first.
Disable Outlook Anywhere in EMC, then remove the RPC Proxy component from Windows Components. In IIS manager remove the two RPC directories, then run IISRESET.

Then reinstall install the two RPC Proxy components and enable the feature in EMC again. Wait about 15 minutes and test again.

Simon.
0
 
Dennis JansonIT ManagerAuthor Commented:
I did not hack\change\edit the egistry at all. the error gave me a link to view the registry key to make sure it existed.
0
 
MesthaCommented:
Well I would still reset the system as per my instructions. Outlook Anywhere either works, or it doesn't. There is no mid way point.

Simon.
0
 
Dennis JansonIT ManagerAuthor Commented:
fair enough. I will reset them.
0
 
Dennis JansonIT ManagerAuthor Commented:
After following your instructions I have been able to synchronize my outlook outside the network but cannot send any email. A connection to Microsoft Exchange erro occurs. also Using Outlook 2007 needed to be setup manually because the autodiscover did not work.
0
 
Dennis JansonIT ManagerAuthor Commented:
Ok, I was able to drill down to this problem. After unsuccessfully sending the new mail message from outlook anywhere, I saved it as a draft and synchronized with OWA. I then logged into OWA and tried to send the draft when message popped up. "More than one match was found" for the recipient address. Only one address was listed and once I clicked on it that email sent.
Since then all new email sent from Outlook successfully.

Why did this happen? How can I get it not to happen again once I roll Exchange out in my company?
0
 
Dennis JansonIT ManagerAuthor Commented:
I curretnly have this for example setup for my UCC certificate:

Common Name webmail.gmsminerepair.com
 Subject Alt Names: Exchange.gmsmrm.local
autodiscover.gmsminerepair.net
webmail.gmsminerepair.net
mail.gmsminerepair.net
 autodiscover.gmsminerepair.com
webmail.gmsminerepair.com
mail.gmsminerepair.com

Is this causing an issue with autodiscover?
 

0
 
MesthaCommented:
The names in the SSL certificate will not be a cause of any problems as long as they all resolve correctly and the correct URLs are set in the relevant places within Exchange on the virtual directory configuration.

If you use the test site that will tell you why autodiscover isn't working. You can also test it inside by right clicking on the Outlook icon in the system tray while holding down CTRL and choosing test email auto configuration. Then look at the URL results and ensure that they are correct and resolve to the correct locations.

Simon.
0
 
Dennis JansonIT ManagerAuthor Commented:
Mestha,

Using the test site, I get the following error:

"The certificate common name webmail.gmsminerepair.com, doesn't validate against Mutual Authentication string provided msstd:webmail.gmsminerepair.net"

I believe that there error is due to the *.com vs. *.net usage due to this comment in this comment in the Microsoft pages:
"If the Common Name does not match the Mutual Authentication (msstd:) string entered in the ExRCA tool when testing Outlook Anywhere functionality, ExRCA displays the following error message:

"Mutual Authentication could not be established"

The Mutual Authentication string equates to the, "Only connect to proxy servers that have this principal name in their certificate" setting in Outlook's Exchange Proxy Settings. This error can also occur when the Mutual Authentication string is valid but the CertPrincipalName attribute for the EXPR Outlook Provider stored in Active Directory is not."

Meaning that even though the .net is in the certificate as an alternative name, the proxy server must be the common name.

In my sitiation the common name is the webmail.gmsminerepair.com and this is not currently directed to my exchange server for testing purposes.
0
 
Dennis JansonIT ManagerAuthor Commented:
Mestha,

I have option 4 working on the https://www.testexchangeconnectivity.com/
site, however I am receivng the following errors with autodiscover:

 Attempting each method of contacting the AutoDiscover Service
 Failed to contact the AutoDiscover service successfully by any method
Test Steps
 Attempting to test potential AutoDiscover URL https://gmsminerepair.net/AutoDiscover/AutoDiscover.xml
 Failed testing this potential AutoDiscover URL
Test Steps
 Attempting to Resolve the host name gmsminerepair.net in DNS.
 Host successfully Resolved
Additional Details
 IP(s) returned: 64.181.39.100, 64.127.49.164

Testing TCP Port 443 on host gmsminerepair.net to ensure it is listening/open.
 The specified port is either blocked, not listening, or not producing the expected response.
 Tell me more about this issue and how to resolve it

Additional Details
 A network error occurred while communicating with remote host: Exception Details: Message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 64.127.49.164:443 Type: System.Net.Sockets.SocketException Stack Trace: at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port) at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.PerformTestReally()



Attempting to test potential AutoDiscover URL https://autodiscover.gmsminerepair.net/AutoDiscover/AutoDiscover.xml
 Failed testing this potential AutoDiscover URL
Test Steps
 Attempting to Resolve the host name autodiscover.gmsminerepair.net in DNS.
 The Host could not be resolved.
 Tell me more about this issue and how to resolve it

Additional Details
 Host autodiscover.gmsminerepair.net could not be resolved in DNS Exception Details: Message: No such host is known Type: System.Net.Sockets.SocketException Stack Trace: at System.Net.Dns.GetAddrInfo(String name) at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6) at System.Net.Dns.GetHostAddresses(String hostNameOrAddress) at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()



Attempting to contact the AutoDiscover service using the HTTP redirect method.
 Failed to contact AutoDiscover using the HTTP Redirect method
Test Steps
 Attempting to Resolve the host name autodiscover.gmsminerepair.net in DNS.
 The Host could not be resolved.
 Tell me more about this issue and how to resolve it

Additional Details
 Host autodiscover.gmsminerepair.net could not be resolved in DNS Exception Details: Message: No such host is known Type: System.Net.Sockets.SocketException Stack Trace: at System.Net.Dns.GetAddrInfo(String name) at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6) at System.Net.Dns.GetHostAddresses(String hostNameOrAddress) at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()



Attempting to contact the AutoDiscover service using the DNS SRV redirect method.
 Failed to contact AutoDiscover using the DNS SRV redirect method.
Test Steps
 Attempting to locate SRV record _autodiscover._tcp.gmsminerepair.net in DNS.
 Failed to find AutoDiscover SRV record in DNS.
 Tell me more about this issue and how to resolve it


I am not sure if this is a DNS problem because I could not ping the autodiscover.mydomain.net address. What would cause RPC over HTTP to work but not Autodiscover?
0
 
Dennis JansonIT ManagerAuthor Commented:
I found a possible error with the DNS record. I made a change and now waiting 24-48 hrs. for the update.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.