Outlook connection error (0x8004011d)

Is Outlook Anywhere configured on Exchange with a public trusted cert?   or is the self-signed cert installed on your workstation that your connecting via outlook.       If a self-signed does it have the same DNS namespace on the cert that owa is setup with?

I am a litle confused. What is Outlook anywhere and what I have to do to configure it?

It's not the same when I am on my vlan1 and via internet?

I am here again! I have enabled the outlook anywhere from my exchange server (client access tab) and still I can't connect my outlook via internet!

Well, I just made those settings and now I get this warning:


outlook-error.PNG

Cool you are about there...hit your OWA site and you will see...and depending on the version of IE you will see a Certificate Error to the right of the http address...click on that and at the bottom...view certificate.    Now the issued to:  is that the same as your OWA site?  If so click Install Certificate... then in the wizard select Place all certificates in the flowing store, select Trusted Root Certificate Auth...

Now you should be able to connect...if now you will have to gen a new cert...this is a manual process so you would know if you did it.

creating a selfsigned cert with the public namespace, from the Exchange shell:

New-ExchangeCertificate -SubjectName "c=US,o=Anything,cn=mail.domain.com"

Next command:  Enable-ExchangeCertificate -thumbprint <thumbprintofcert> -services IIS

Now follow the same steps as above about installing the cert on your workstation that your attempting to connect remotely.

If this is just for you that is fine...but for a company you might want to invest in a UC Certificate...with this you don't need to install the cert on each workstation that you want Outlook Anywhere to connect.

Right, we have to invest in a UC Certificate, that's real. We are not able to do this for each client!

I received a authontication error. The username and the password, are not the same as OWA?

So your not getting the proxy error now?     for login the DOMAIN\username     or   username@domain.local    

It will be the same auth because its all tied into AD

WOW After outlook's restart, I got this error and I server does not accept my username and password:
error-code-0.PNG

Either your Exchange cert for OWA is not the same namespace as the public dns or you don't have the cert installed on the workstation.

How can I check if I have installed a cert?

I made the procedure and I installed the cert from the IE and now enters to OWA without the warning page. The cert, as far as i can see, is the same as that I have set as server's address in outlook. :(

When you go to your OWA site...you hit https://webmail.mydomain.com/owa ...  webmail.mydomain.com is the DNS namespace.    Your certificate needs to have this same name space.   If you have not created any selfsigned certs you need to create one.

If you go to your OWA site click on the cert error

Is the Issued To:  the same as your OWA DNS site?    for instant webmail.mydomain.com

Image2.gif

My OWA is at server1.mydomain.gr/exchange and the certificate, in the details, appears the server1. This is what i get from certificate details:


certificate.PNG

Ok you need to create a self-signed certificate with in the exchange shell:
New-ExchangeCertificate -SubjectName  "c=US,o=Anything,cn=server1.mydomain.gr"

it should display the new generated thumbprint...if not you can do get-exchangecertificate and it will appear

Next command: Enable-ExchangeCertificate -thumbprint  <thumbprintofcert> -services IIS

Now go to OWA and you the Issued to should be server1.mydomain.gr...now install this cert and Outlook Anywhere should work.

At the second command, I have to type it exactly as <thumbprintofcert> or i have to inser a value? If yes, what value?

Whit the first command, I got a new thumbprint and appears the thumbprint, services and subject.

No you have to insert the thumbprint of the cert you created

If you run Get-ExchangeCertificate you should see the thumbprint for this cert...example of a thumbprint:

DD5AE4BEAA18E1D5CD28B0DC2B4B2BD3C5B35B39  example:

Enable-ExchangeCertificate  -thumbprint  DD5AE4BEAA18E1D5CD28B0DC2B4B2BD3C5B35B39
 -services IIS

Yes, now the Issued is server1.mydomain.gr and I installed the certificate successfully!

When I open the outlook, i get again the error code 0. :(

(I have no changed something, again, in the outlook's settings)

ok it sounds like you have exchabge setup with a good cert...you have installed this cert on the workstation that your attemoting to connect to outlook.    In outlook you have setup proxy settings in outlook

My guess is this error 0 is indicating a problem with the certificate now...is this what you get:

There is a problem with the proxy server's security certificate.
 The name on the security certificate is invalid or does not match the  name  of the target site server1.mydomain.gr.
 
 Outlook is unable to connect to the proxy server. (Error Code 0)

Ugh and I forgot about the Exchange Remote Connectivity Analyzer https://www.testexchangeconnectivity.com/ 

Use this site to test your config...under Microsoft Office Outlook Connectivity Tests, select Outlook Anywhere...(RPC over HTTPS)     Let me know what you get.

a) Yes, that's the message that you placed on your previous post!

There is a problem with the proxy server's security certificate.
The name on the security certificate is invalid or does not match the  name  of the target site server1.mydomain.gr.

Outlook is unable to connect to the proxy server. (Error Code 0)


b) Here are the results from the test:
connectivity-test--1-.PNG
connectivity-test--2-.PNG
connectivity-test--3-.PNG

In your outlook anywhere setup on Exchange Outlook Anywhere setup do you have it set with server1.scientiaconsulting.gr as an address?

Exactly!

When you go to https://server1.scientiaconsulting.gr/owa  do you get the error Problem with the sites security certificate?   or does it go right to web app with the padlock image?  





Image2.gif
Image4.gif

It go right to the second image, without error page!

If you want, I can create an account for you, just to make sure what I said! :)

Can you take a screen shot  in Outlook your Microsoft  Exchange Proxy Settings, which is connection tab.    I want to say a look at those settings.   If still a no go I would say recreate the cert.          

Sure, here are the settings:


outlook-anywhere-settings.PNG

I see you issue!    Look at msstd:    you have gt not gr

Sorry for my late response. This is not a real error, cause I deleted my exchange account from the outlook and created again, 5 min before the screenshot, just to make sure that is not working. So, I had the correct settings.

Once again, I made the correct settings and I can't login. Look at the photo:

outlook-anywhere-settings.PNG

Change the Proxy Auth to Basic

Done, nothing again! Have I to create a new cert?

well darn...odd odd...look if you want to create a test account so I can try feel free.    Send me the info to rfee@rickfee.com    I will then post here what I found