Outlook Anywhere Setup
I cannot get Oulook exchange account to work outside my LAN. I installed all teh necessary services following teh instructions off the microsoft site. My current setup that I think is wrong is:
Exchange 2007 - IIS server w/Client access role: Outlook Anywhere FQDN pionts to "webmail.mydomain.com". This is friendly name on the UCC certificate with godaddy. It works fine with OWA.
Outlook exchang account: Exchange server: "exchange.domain.local" with HTTP Exchange Proxy Settings : "webmail.mydomain.com" and Basic authentication.
This setup works inside my LAN, but not outside. Is the any part of this setup that is supposed to include "rpc.mydomain.com", or "rpcwithcert.mydomain.com"
Exchange 2007 - IIS server w/Client access role: Outlook Anywhere FQDN pionts to "webmail.mydomain.com". This is friendly name on the UCC certificate with godaddy. It works fine with OWA.
Outlook exchang account: Exchange server: "exchange.domain.local" with HTTP Exchange Proxy Settings : "webmail.mydomain.com" and Basic authentication.
This setup works inside my LAN, but not outside. Is the any part of this setup that is supposed to include "rpc.mydomain.com", or "rpcwithcert.mydomain.com"
try https:
ASKER
lacrewga: That did not make a difference.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Rajith:
RPC HTTP Proxy is installed.
I ran the test using webmail.mydomain.com as the RPC proxy (is this right?)
These are the results:
Attempting to Resolve the host name webmail.gmsminerepair.net in DNS.
Host successfully Resolved
Additional Details
IP(s) returned: 64.181.39.101
Testing TCP Port 443 on host webmail.gmsminerepair.net to ensure it is listening/open.
The port was opened successfully.
Testing SSLCertificate for validity.
The certificate passed all validation requirements.
Additional Details
Subject: CN=webmail.gmsminerepair.n
Testing SSL mutual authentication with RPC Proxy server
Successfully verified Mutual Authentication
Additional Details
Certificate common name webmail.gmsminerepair.net matches msstd:webmail.gmsminerepai
Testing Http Authentication Methods for URL https://webmail.gmsminerepair.net/rpc/rpcproxy.dll
Http Authentication Methods are correct
Additional Details
Found all expected authentication methods and no disallowed methods Methods Found: Basic realm="webmail.gmsminerepa
Attempting to Ping RPC Proxy webmail.gmsminerepair.net
Pinged RPC Proxy successfully
Additional Details
Completed with HTTP status 200 - OK
Attempting to ping RPC Endpoint 6001 (Exchange Information Store) on server webmail.gmsminerepair.net
Failed to ping Endpoint
Tell me more about this issue and how to resolve it
Additional Details
RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime
RPC HTTP Proxy is installed.
I ran the test using webmail.mydomain.com as the RPC proxy (is this right?)
These are the results:
Attempting to Resolve the host name webmail.gmsminerepair.net in DNS.
Host successfully Resolved
Additional Details
IP(s) returned: 64.181.39.101
Testing TCP Port 443 on host webmail.gmsminerepair.net to ensure it is listening/open.
The port was opened successfully.
Testing SSLCertificate for validity.
The certificate passed all validation requirements.
Additional Details
Subject: CN=webmail.gmsminerepair.n
Testing SSL mutual authentication with RPC Proxy server
Successfully verified Mutual Authentication
Additional Details
Certificate common name webmail.gmsminerepair.net matches msstd:webmail.gmsminerepai
Testing Http Authentication Methods for URL https://webmail.gmsminerepair.net/rpc/rpcproxy.dll
Http Authentication Methods are correct
Additional Details
Found all expected authentication methods and no disallowed methods Methods Found: Basic realm="webmail.gmsminerepa
Attempting to Ping RPC Proxy webmail.gmsminerepair.net
Pinged RPC Proxy successfully
Additional Details
Completed with HTTP status 200 - OK
Attempting to ping RPC Endpoint 6001 (Exchange Information Store) on server webmail.gmsminerepair.net
Failed to ping Endpoint
Tell me more about this issue and how to resolve it
Additional Details
RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime
ASKER
I checked the RPC registry keys and they are correct.
If you have been hacking around with registry keys then that is the first problem. Registry hacking is not required with Exchange 2007 version of Outlook Anywhere/RPC over HTTPS.
Therefore I would suggest that you reset the system first.
Disable Outlook Anywhere in EMC, then remove the RPC Proxy component from Windows Components. In IIS manager remove the two RPC directories, then run IISRESET.
Then reinstall install the two RPC Proxy components and enable the feature in EMC again. Wait about 15 minutes and test again.
Simon.
Therefore I would suggest that you reset the system first.
Disable Outlook Anywhere in EMC, then remove the RPC Proxy component from Windows Components. In IIS manager remove the two RPC directories, then run IISRESET.
Then reinstall install the two RPC Proxy components and enable the feature in EMC again. Wait about 15 minutes and test again.
Simon.
ASKER
I did not hack\change\edit the egistry at all. the error gave me a link to view the registry key to make sure it existed.
Well I would still reset the system as per my instructions. Outlook Anywhere either works, or it doesn't. There is no mid way point.
Simon.
Simon.
ASKER
fair enough. I will reset them.
ASKER
After following your instructions I have been able to synchronize my outlook outside the network but cannot send any email. A connection to Microsoft Exchange erro occurs. also Using Outlook 2007 needed to be setup manually because the autodiscover did not work.
ASKER
Ok, I was able to drill down to this problem. After unsuccessfully sending the new mail message from outlook anywhere, I saved it as a draft and synchronized with OWA. I then logged into OWA and tried to send the draft when message popped up. "More than one match was found" for the recipient address. Only one address was listed and once I clicked on it that email sent.
Since then all new email sent from Outlook successfully.
Why did this happen? How can I get it not to happen again once I roll Exchange out in my company?
Since then all new email sent from Outlook successfully.
Why did this happen? How can I get it not to happen again once I roll Exchange out in my company?
ASKER
I curretnly have this for example setup for my UCC certificate:
Common Name webmail.gmsminerepair.com
Subject Alt Names: Exchange.gmsmrm.local
autodiscover.gmsminerepair
webmail.gmsminerepair.net
mail.gmsminerepair.net
autodiscover.gmsminerepair
webmail.gmsminerepair.com
mail.gmsminerepair.com
Is this causing an issue with autodiscover?
Common Name webmail.gmsminerepair.com
Subject Alt Names: Exchange.gmsmrm.local
autodiscover.gmsminerepair
webmail.gmsminerepair.net
mail.gmsminerepair.net
autodiscover.gmsminerepair
webmail.gmsminerepair.com
mail.gmsminerepair.com
Is this causing an issue with autodiscover?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Mestha,
Using the test site, I get the following error:
"The certificate common name webmail.gmsminerepair.com,
I believe that there error is due to the *.com vs. *.net usage due to this comment in this comment in the Microsoft pages:
"If the Common Name does not match the Mutual Authentication (msstd:) string entered in the ExRCA tool when testing Outlook Anywhere functionality, ExRCA displays the following error message:
"Mutual Authentication could not be established"
The Mutual Authentication string equates to the, "Only connect to proxy servers that have this principal name in their certificate" setting in Outlook's Exchange Proxy Settings. This error can also occur when the Mutual Authentication string is valid but the CertPrincipalName attribute for the EXPR Outlook Provider stored in Active Directory is not."
Meaning that even though the .net is in the certificate as an alternative name, the proxy server must be the common name.
In my sitiation the common name is the webmail.gmsminerepair.com and this is not currently directed to my exchange server for testing purposes.
Using the test site, I get the following error:
"The certificate common name webmail.gmsminerepair.com,
I believe that there error is due to the *.com vs. *.net usage due to this comment in this comment in the Microsoft pages:
"If the Common Name does not match the Mutual Authentication (msstd:) string entered in the ExRCA tool when testing Outlook Anywhere functionality, ExRCA displays the following error message:
"Mutual Authentication could not be established"
The Mutual Authentication string equates to the, "Only connect to proxy servers that have this principal name in their certificate" setting in Outlook's Exchange Proxy Settings. This error can also occur when the Mutual Authentication string is valid but the CertPrincipalName attribute for the EXPR Outlook Provider stored in Active Directory is not."
Meaning that even though the .net is in the certificate as an alternative name, the proxy server must be the common name.
In my sitiation the common name is the webmail.gmsminerepair.com and this is not currently directed to my exchange server for testing purposes.
ASKER
Mestha,
I have option 4 working on the https://www.testexchangeconnectivity.com/
site, however I am receivng the following errors with autodiscover:
Attempting each method of contacting the AutoDiscover Service
Failed to contact the AutoDiscover service successfully by any method
Test Steps
Attempting to test potential AutoDiscover URL https://gmsminerepair.net/AutoDiscover/AutoDiscover.xml
Failed testing this potential AutoDiscover URL
Test Steps
Attempting to Resolve the host name gmsminerepair.net in DNS.
Host successfully Resolved
Additional Details
IP(s) returned: 64.181.39.100, 64.127.49.164
Testing TCP Port 443 on host gmsminerepair.net to ensure it is listening/open.
The specified port is either blocked, not listening, or not producing the expected response.
Tell me more about this issue and how to resolve it
Additional Details
A network error occurred while communicating with remote host: Exception Details: Message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 64.127.49.164:443 Type: System.Net.Sockets.SocketE
Attempting to test potential AutoDiscover URL https://autodiscover.gmsminerepair.net/AutoDiscover/AutoDiscover.xml
Failed testing this potential AutoDiscover URL
Test Steps
Attempting to Resolve the host name autodiscover.gmsminerepair
The Host could not be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host autodiscover.gmsminerepair
Attempting to contact the AutoDiscover service using the HTTP redirect method.
Failed to contact AutoDiscover using the HTTP Redirect method
Test Steps
Attempting to Resolve the host name autodiscover.gmsminerepair
The Host could not be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host autodiscover.gmsminerepair
Attempting to contact the AutoDiscover service using the DNS SRV redirect method.
Failed to contact AutoDiscover using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.gmsmine
Failed to find AutoDiscover SRV record in DNS.
Tell me more about this issue and how to resolve it
I am not sure if this is a DNS problem because I could not ping the autodiscover.mydomain.net address. What would cause RPC over HTTP to work but not Autodiscover?
I have option 4 working on the https://www.testexchangeconnectivity.com/
site, however I am receivng the following errors with autodiscover:
Attempting each method of contacting the AutoDiscover Service
Failed to contact the AutoDiscover service successfully by any method
Test Steps
Attempting to test potential AutoDiscover URL https://gmsminerepair.net/AutoDiscover/AutoDiscover.xml
Failed testing this potential AutoDiscover URL
Test Steps
Attempting to Resolve the host name gmsminerepair.net in DNS.
Host successfully Resolved
Additional Details
IP(s) returned: 64.181.39.100, 64.127.49.164
Testing TCP Port 443 on host gmsminerepair.net to ensure it is listening/open.
The specified port is either blocked, not listening, or not producing the expected response.
Tell me more about this issue and how to resolve it
Additional Details
A network error occurred while communicating with remote host: Exception Details: Message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 64.127.49.164:443 Type: System.Net.Sockets.SocketE
Attempting to test potential AutoDiscover URL https://autodiscover.gmsminerepair.net/AutoDiscover/AutoDiscover.xml
Failed testing this potential AutoDiscover URL
Test Steps
Attempting to Resolve the host name autodiscover.gmsminerepair
The Host could not be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host autodiscover.gmsminerepair
Attempting to contact the AutoDiscover service using the HTTP redirect method.
Failed to contact AutoDiscover using the HTTP Redirect method
Test Steps
Attempting to Resolve the host name autodiscover.gmsminerepair
The Host could not be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host autodiscover.gmsminerepair
Attempting to contact the AutoDiscover service using the DNS SRV redirect method.
Failed to contact AutoDiscover using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.gmsmine
Failed to find AutoDiscover SRV record in DNS.
Tell me more about this issue and how to resolve it
I am not sure if this is a DNS problem because I could not ping the autodiscover.mydomain.net address. What would cause RPC over HTTP to work but not Autodiscover?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I found a possible error with the DNS record. I made a change and now waiting 24-48 hrs. for the update.