Solved

Outlook Anywhere and Internal Users

Posted on 2009-05-05
3
789 Views
Last Modified: 2012-05-06
I'm in the process of building a new Exchange 2007 environment.  I have enabled Outlook Anywhere in my Exchange 2007 environment and have setup the appropriate internal and external URLs.   I have separate CAS, HT, and Mailbox servers.  

How are internal domain users supposed to be configured in Outlook?  Using Outlook Anywhere (RPC over HTTPS) and connecting to the CAS serves or should they be using MAPI and connecting directly to the mailbox server?

Currently when I configure Outlook 2007 on a domain connected workstation, the AutoDiscover process configures the Outlook profile to connect using Outlook Anywhere (RPC over HTTPS).  Is this correct?
0
Comment
Question by:cobrian
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 2

Accepted Solution

by:
Dave_Angel_Portsmouth earned 250 total points
ID: 24311949
Personally, i use RPC over HTTPs internally and externally, it means having less ports open and therefor more secure.

If you have no need to use MAPI, i'd turn it off all together. There is a good artical on how to turn it off here:
http://msexchangeteam.com/archive/2005/07/27/408274.aspx

The only issue i can see you having is you will have to maintain a split DNS so that your certificates will work, but this is fairly straight forward.
0
 
LVL 58

Assisted Solution

by:tigermatt
tigermatt earned 250 total points
ID: 24317815

Autodiscover uses an internal Service Connection Point (SCP) in the domain to locate all the authoritative autodiscover URLs on the network. Outlook then connects to one of these Exchange Servers defined by the URL and locates the correct mailbox for the user. It also configures RPC/HTTPS so it works externally.

Internally, MAPI will probably still be used; I would expect Exchange to configure Outlook in this fashion. However, Outlook Anywhere is also configured as part of the process, so that user's machine (particularly if it is a laptop or portable device) will work immediately when connected up outside the network.

Since MAPI is still used internally it would therefore be counter-productive to disable MAPI as the previous poster suggested, because that would require every Outlook client being reconfigured away from the default Exchange/Autodiscover setting in order for it to connect to Exchange.

In short, the behaviour you are seeing is fine and how things should be working.

-Matt
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Read this checklist to learn more about the 15 things you should never include in an email signature.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question