Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Outlook Anywhere settings keep changing on Clients - Where can this be modified?

Posted on 2010-08-23
23
Medium Priority
?
18,410 Views
Last Modified: 2012-05-10
Even after reviewing the Autodiscover settings to enter the settings correctly, it seems that my Outlook Anywhere settings for remote users keep resetting to the incorrect options.  When remote users on Outlook 2007 or 2010 have Outlook Anywhere manually configured as follows:
- Connect to MS Exchange using HTTP Enabled
- Use this URL to connect to my proxy server: 'http://mail.company.com'
- Only connect to proxy servers that have this principal name (unchecked)
- Authentication: basic

This is how it is setup manually and works great.  However after authenticating, if the person closes Outlook and opens it back up, it pulls in the default settings that seem to be somewhere on the server.  These settings also keep updating local clients (even though I try to disable Outlook Anywhere locally).  These settings are similar, however, it instead has:
- Use this URL to connect to my proxy server 'SERVERNAME01'
- Only connect to proxy servers that have this principal name in their cert 'mail.domain.com'

Obviously, they cannot see the actual servername to connect to this server since they are not in the local environment.  I cannot figure out where these settings are pulling from (AutoDiscover?  the Certificate?).

Any idea where this can be changed?
0
Comment
Question by:jaelae
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 7
  • 5
  • +1
23 Comments
 
LVL 8

Expert Comment

by:rr1968
ID: 33504816
Are you using SSL for mail.company.com?
0
 

Author Comment

by:jaelae
ID: 33505003
Yes. Connect using SSL is ticked off and thats what we use for mail.company.com
0
 
LVL 8

Expert Comment

by:rr1968
ID: 33505075
Then try this:
Enable connect using SSL only and check "only connect to proxy......."
In the edit box type: msstd:mail.company.com
Let me know how it goes...
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 

Author Comment

by:jaelae
ID: 33505119
This cannot be done.  The problem is not that it won't connect.  I can add the settings so it connects to Exchange fine.  However, even after I input "msstd:mail.company.com" under the proxy server setting - as soon as I close Outlook and reconnect, it erases this and goes back to the default settings:
Use this URL: SERVERNAME01

Only connect to proxy server: mail.company.com
0
 
LVL 8

Expert Comment

by:rr1968
ID: 33505178
What happens when you recreate the Outlook profile from scratch? Does the setting revert back to server name?
0
 

Author Comment

by:jaelae
ID: 33505215
rr1968:

Yes.  THis is on every single Outlook install out there, this includes brand new installs, and existing installs.  I can create a new profile and this happens right away.  As soon as I create a profile internally, for example, I disable Outlook Anywhere since it is not necessary (I am local to the Exchange 2010 Server).

As soon as I close Outlook, and open it back up - these defaults are back.  There seems to be a setting somewhere that has these settings filled in and as soon as you connect to the server, it uses these settings.

0
 
LVL 8

Expert Comment

by:rr1968
ID: 33505310
Got it.
Did you check autodiscover configuration?
When outlook is open (with the servername) hold control key and click the outlook button on the taskbar and select "Test email autoconfiguration" and select all options and just enter email address of the user and click "Test"
Can you please publish the result? You may have to take snapshot, but remove server information by using tools like snag it, etc.
0
 
LVL 1

Expert Comment

by:syvaki-2
ID: 33505441
Hello,

Autodiscover rewrites values every 15 minutes or so.

Here's checklist:

check your Outlook Anywhere external hostname from EMC GUI (CAS Properties,Enable Outlook Anywhere). It should be mail.company.com. Is there SERVER01 now?

After that you can modify OutlookProvider.

From the Exchange Command Shell:

    Set-OutlookProvider EXPR -Server $null -CertPrincipalName msstd:mail.company.com

or

 Alternate Fix - Disable MSSTD checkbox in Outlook Anywhere (not recommended) in Powershell

    Set-OutlookProvider EXPR -Server $null -CertPrincipalName none (works for me)

Helps with Outlook 2007/Windows XP clients.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33509655
can you get me this

get-autodiscovervirtualdirectory | fl
get-clientaccessserver | fl

thanks
0
 

Author Comment

by:jaelae
ID: 33544053
rr1968 -

Sorry for the delay, I am responding to these messages now --
http://i35.tinypic.com/w16yj7.jpg - screen 1 from test e-mail autoconfig
http://i33.tinypic.com/2qvr09e.jpg - screen 2 from test e-mail autoconfig
0
 

Author Comment

by:jaelae
ID: 33544185
syvaki-2 -

I ran the Exchange shell command but this didn't help.  Also, I didn't try to disable the MSSTD checkbox but I am not sure if that would help.  A screenshot of the screen is below:
http://i38.tinypic.com/rh34tt.jpg

Now this is the correct setting, but as soon as I log out of Outlook, and go back in, this will default to "https://   SERVER01 "

Which is the big problem
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33544209
Please let me know the results of this

get-autodiscovervirtualdirectory | fl
get-clientaccessserver | fl
0
 

Author Comment

by:jaelae
ID: 33544260
sunnyc7 -

results to these are below:
http://i35.tinypic.com/o8cw79.jpg
0
 
LVL 28

Accepted Solution

by:
sunnyc7 earned 2000 total points
ID: 33544311
a) Your SCP is set from get-clientaccessserver
because this field is set
AutodiscoverinternalURI

b) Your autodiscoverfields are not set because these fields are empty

internal url
externalurl

get-autodiscovervirtualdirectory | set-autodiscovervirtualdirectory -internalurl:"https://mail.domain.local/autodiscover/autodiscover.xml"

get-autodiscovervirtualdirectory | set-autodiscovervirtualdirectory -externalurl:"https://mail.domain.com/autodiscover/autodiscover.xml"

Run these 2.

After this
a) your outlook clients will be set.
b) your external autodiscover URL will be set.

You have to ensure that your UCC/SAN cert has the following names

mail.domain.com (external)
autodiscover.domain.com (external)
mail.domain.local (internal FQDN)
mailservername (internal mail server)

try that and let me know.

0
 
LVL 8

Expert Comment

by:rr1968
ID: 33544519
Hi,
I see some inconsistency in the RPC and HTTP configuration for Outlook.
Before you do anything, can you enable Exchange Proxy settings on one WS?
Check the box "Only connect to Proxy......." and enter the next field: msstd:mail.yourdomain.com
save and restart outlook, if it resolves.

0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33546056
Let me know your thoughts on my post ?
0
 

Author Comment

by:jaelae
ID: 33546289
sunnyc7 -

I made these changes and I will be testing now on clients.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33546306
Thanks let me know how that goes.
0
 

Author Comment

by:jaelae
ID: 33588076
- This didn't completely work.  What it does is now the https:// URL to connect to my proxy is filled in with 'mail.company.com'.

Which is great.  However, under: 'Only connect to proxy servers that have this principal name in their certificate:' is filled in with "MSSTD://mail.company.com"

This does not work.  if I erase this and uncheck that box it works.  Is there a way to update this so nothing is filled into the principal name prompt?
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33590357
get-outlookprovider | fl

Please post back the output.
0
 

Author Comment

by:jaelae
ID: 33590997
sunnyc7 -
http://i54.tinypic.com/358v4vc.jpg

Please see the above link.  You will notice next to Certprincipalname - that is the field that gets filled in that should be blank in the Outlook client (well it should be blank because when I blank it out - it works).
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33591011
Are you testing RPC/HTTPS from within the lan or from home / outside ?
0
 

Author Closing Comment

by:jaelae
ID: 33635636
After testing onsome remote workstations, this has resolved the issue.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question