Solved

outlook anywhere & removing /owa from exchange 2007

Posted on 2009-05-10
23
2,073 Views
Last Modified: 2013-11-30
i am configuring outlook anywhere. currently my external web address for the owa is,
https://webmail.uob.edu.bh/owa. i need to remove /owa and i need to configure my outlook anywhere, i tried it is not working .
what could be the problem. My owa is working without any issue. please note that i have two cas servers with NLB

0
Comment
Question by:mishalk
23 Comments
 
LVL 12

Expert Comment

by:geowrian
Comment Utility
Shot in the dark:

It looks like Exchange was installed in IIS under an alias of /owa only. The Exchange servers I administer serve Exchange on the root of IIS and forward to /owa automatically (this was done automatically during the setup of Exchange). Is there something else running on IIS that you can't just make the root point to the OWA?
0
 
LVL 6

Expert Comment

by:ikshf143
Comment Utility
What is the OS version for both the CAS servers? Do we have the RPC proxy component installed on those servers? Have we enabled Outlook Anywhere from Exchange Management Console for both the NLB servers? I also noticed that the certificate installed in IIS is an Internal Certificate and also does not have the above mentioned URL in it. The Above URL is https://webmail.uob.edu.bh/owa but the certificate reflects as https://webmail.ads.uob, you will have to install a certificate with the exact URL, if there is a certificate error than you will not be able to connect Outlook Anywhere.

Try running the Outlook RPC over HTTP test from here
https://www.testexchangeconnectivity.com

What do you mean when you say "i need to remove /owa and i need to configure my outlook anywhere", do you mean you do not want to have users access OWA?
0
 
LVL 5

Expert Comment

by:DTAHARLEV
Comment Utility
create a blank page in the root directory, that has a meta-redirect to the "/owa" directory. users can just type in the root address, and they'll be redirected.
0
 

Author Comment

by:mishalk
Comment Utility
dear geowrian:
nothing in installed . It is a fresh installation, microsoft says, by default we will have to use https://externaldomain.com/owa and we need to redirect if we dont want to use /owa, under IIS
0
 

Author Comment

by:mishalk
Comment Utility
Dear ikshf143

What is the OS version for both the CAS servers? windows 2003-enterprise 64 bit sp2
have the RPC proxy component installed on those servers?  yes i have installed on both servers
Have we enabled Outlook Anywhere for both the NLB servers? yes i have enabled on both servers

yes i have an internal certificate for the internal users
https://webmail.ads.uob/owa , which is used to access from internal

is it ok if we install a certificate (external) using my CA server?

What do you mean when you say "i need to remove /owa and i need to configure my outlook anywhere",?

i mean to say i dont want users to use https://mail.uob.edu.bh/owa.. they have to use without /owa

0
 

Author Comment

by:mishalk
Comment Utility
Test Details

 Testing Outlook Anywhere using the Autodiscover Service to obtain Settings
  Failed to test Outlook Anywhere using the Autodiscover Service to obtain Settings
 Test Steps
   Attempting to test Autodiscover for faisal@uob.edu.bh
  Testing Autodiscover failed
 Test Steps
   Attempting each method of contacting the AutoDiscover Service
  Failed to contact the AutoDiscover service successfully by any method
 Test Steps
   Attempting to test potential AutoDiscover URL https://uob.edu.bh/AutoDiscover/AutoDiscover.xml
  Failed testing this potential AutoDiscover URL
 Test Steps
   Attempting to Resolve the host name uob.edu.bh in DNS.
  The Host could not be resolved.
   Tell me more about this issue and how to resolve it
 
 Additional Details
  Host uob.edu.bh could not be resolved in DNS Exception Details:
Message: No such host is known
Type: System.Net.Sockets.SocketException
Stack Trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
 
 
 
 
 Attempting to test potential AutoDiscover URL https://autodiscover.uob.edu.bh/AutoDiscover/AutoDiscover.xml
  Failed testing this potential AutoDiscover URL
 Test Steps
   Attempting to Resolve the host name autodiscover.uob.edu.bh in DNS.
  The Host could not be resolved.
   Tell me more about this issue and how to resolve it
 
 Additional Details
  Host autodiscover.uob.edu.bh could not be resolved in DNS Exception Details:
Message: No such host is known
Type: System.Net.Sockets.SocketException
Stack Trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
 
 
 
 
 Attempting to contact the AutoDiscover service using the HTTP redirect method.
  Failed to contact AutoDiscover using the HTTP Redirect method
 Test Steps
   Attempting to Resolve the host name autodiscover.uob.edu.bh in DNS.
  The Host could not be resolved.
   Tell me more about this issue and how to resolve it
 
 Additional Details
  Host autodiscover.uob.edu.bh could not be resolved in DNS Exception Details:
Message: No such host is known
Type: System.Net.Sockets.SocketException
Stack Trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
 
 
 
 
 Attempting to contact the AutoDiscover service using the DNS SRV redirect method.
  Failed to contact AutoDiscover using the DNS SRV redirect method.
 Test Steps
   Attempting to locate SRV record _autodiscover._tcp.uob.edu.bh in DNS.
  Failed to find AutoDiscover SRV record in DNS.
 
 
 
 
 
 
 
 
 
 
0
 
LVL 6

Expert Comment

by:ikshf143
Comment Utility
Yes you can use the Internal CA to issue a New Certificate and also you can go for a SAN(UCC) certificate so you can have the Internal URL, External URL, CAS Server name and also AUtodiscover in the Same certificates. Inshort you can have multiple names that a single certificate will validate.
0
 
LVL 6

Expert Comment

by:ikshf143
Comment Utility
Also Try the Following

+ From the Client try to browse https://webmail.uob.edu.bh/rpc/rpcproxy.dll and see what you get. Expected response is a Blank Page.

+ Try to telnet ports 6001, 6002, 6004 from the CAS to the Mailbox
   EG: from the CAS server open Command prompt and run this command Telnet Mailbox_server 6001, then 6002 and 6004.

+ As you are using an Internal Certificate you will have to install the Root Certificate on all the Client Machines. And to confirm the certificate is fine try accessing OWA from the client and make sure you do not get any certificate errors.
0
 
LVL 65

Expert Comment

by:Mestha
Comment Utility
The only reliable way to remove the /owa from the URL and ensure that everything else works correctly is to use the HTML redirect method. That basically means putting a file in the root of the web site that redirects the user to the /owa variant.

You should also switch the home grown certificate for a commercial certificate.

I have outlined that process here:
http://blog.sembee.co.uk/archive/2008/05/30/78.aspx

Finally get autodiscover working, which is a combination of having the autodiscover host in your public DNS and the URL in the SSL certificate.

Simon.
0
 

Author Comment

by:mishalk
Comment Utility
dear ikshf143:
from the client, (internally) no issues, it is working fine without any certificate error.
0
 

Author Comment

by:mishalk
Comment Utility
mbprint B4F1164C105DFD3B8A6EE6FF70D3954C812E6E2A -Services "IMAP,POP,SMTP"
[PS] C:\Documents and Settings\administrator.ADS>Get-ExchangeCertificate

Thumbprint                                Services   Subject
----------                                --------   -------
B4F1164C105DFD3B8A6EE6FF70D3954C812E6E2A  IP..S      CN=webmail.uob.edu.bh
1ED316C950BB03A677A32B74E7A78DD414C64AF0  ...W.      CN=webmail.ads.uob, DC=...
B4676770099C495A801F61E1ABBE8B3374902CA0  .....      CN=webmail.ads.uob, DC=...
0BE8B6BAC5B5D0B5F7A29884326BED6BCA665C6E  ....S      CN=uob-srv-cas01
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:mishalk
Comment Utility
Now my owa from internal and external also not working!!!

[PS] C:\Documents and Settings\administrator.ADS>Get-ExchangeCertificate |fl


AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System
                     .Security.AccessControl.CryptoKeyAccessRule, System.Securi
                     ty.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {webmail.uob.edu.bh}
HasPrivateKey      : True
IsSelfSigned       : True
Issuer             : CN=webmail.uob.edu.bh
NotAfter           : 5/11/2010 9:09:46 AM
NotBefore          : 5/11/2009 9:09:46 AM
PublicKeySize      : 2048
RootCAType         : None
SerialNumber       : 4D9457DF34D6B7A94BD02F3F4DF6C979
Services           : IMAP, POP, SMTP
Status             : Valid
Subject            : CN=webmail.uob.edu.bh
Thumbprint         : B4F1164C105DFD3B8A6EE6FF70D3954C812E6E2A

AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System
                     .Security.AccessControl.CryptoKeyAccessRule, System.Securi
                     ty.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {uob-srv-cas01, webmail.ads.uob, uob-srv-cas01.ads.uob}
HasPrivateKey      : True
IsSelfSigned       : True
Issuer             : CN=uob-srv-cas01
NotAfter           : 4/4/2010 5:08:04 PM
NotBefore          : 4/4/2009 5:08:04 PM
PublicKeySize      : 2048
RootCAType         : None
SerialNumber       : D46E43E8EDE4C38C459180B50ADDBD61
Services           : SMTP
Status             : Valid
Subject            : CN=uob-srv-cas01
Thumbprint         : 0BE8B6BAC5B5D0B5F7A29884326BED6BCA665C6E



[PS] C:\Documents and Settings\administrator.ADS>



0
 

Author Comment

by:mishalk
Comment Utility
dear ikshf143:
From the Client try to browse https://webmail.uob.edu.bh/rpc/rpcproxy.dll and see what you get. Expected response is a Blank Page.

+ Try to telnet ports 6001, 6002, 6004 from the CAS to the Mailbox
   EG: from the CAS server open Command prompt and run this command Telnet Mailbox_server 6001, then 6002 and 6004.

i tested this and i am able to succeed, but still i cannot get my outlook anywhere works. When i do a netstat -ano, i cannot see these above ports listed


connection-status-outlookanywher.JPG
0
 
LVL 6

Expert Comment

by:ikshf143
Comment Utility
Where are you trying to check the ports by running netstat -ano, If you are doing it on the CAS server then it won't be there those ports are on the Mailbox server.
Also as per the attachment attached I see that we are having issues connecting to the directory service that is port 6004. On the CAS server check the valid ports registry under
HKEY_LOCAL_MACHINE\Software\Microsoft\RPC\RpcProxy ValidPorts:
Mailbox_NETBIOS:6001-6002;Mailbox_FQDN:6001-6002;Mailbox_NETBIOS:6004;Mailbox_FQDN:6004;
0
 

Author Comment

by:mishalk
Comment Utility
dear ikshf143:
 i did checke the ports in the cas server, and i could see the valid entries as you mentioned.
0
 
LVL 6

Expert Comment

by:ikshf143
Comment Utility
Try running the https://testexchangeconnectivity.com and if you see what is the error we get.
0
 

Author Comment

by:mishalk
Comment Utility
testing is failed ,
says autodiscover for the email failed
0
 

Author Comment

by:mishalk
Comment Utility
pls note that outlolook anywhere is not working from internal as well
0
 

Author Comment

by:mishalk
Comment Utility
its taking almost 2 hrs to get connected , now connection status shows connected but which is after two hours
0
 
LVL 6

Expert Comment

by:ikshf143
Comment Utility
Internally when you configure a profile for Outlook Anywhere. It would fail over to TCP/IP under connection status. Is that what you are trying to tell.

Also try uninstalling the RPC component from the Control Panel and then re-install it and see what is the result.
0
 

Author Comment

by:mishalk
Comment Utility
i did removed the rpc component and tried to installing again, but same result i am not able to succeed the outlook anywhere, Yes i was testing outlook anywhere from internal as well, But it is failed to connect using http,
0
 

Author Comment

by:mishalk
Comment Utility
microsoft is trying to resolve this issue, they have taken the case and studying what causing the problem
0
 

Accepted Solution

by:
mishalk earned 0 total points
Comment Utility
after bypassing our bluecoat proxy we were able to get connected to outlook anywhere without any intermittency
0

Featured Post

Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

Join & Write a Comment

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now