Solved

outlook https connectivity fails

Posted on 2010-09-17
39
1,287 Views
Last Modified: 2012-05-10
My outlook clients randomly disconnect. I verify the server is working by using outlook web app. When I go into mail properties and check the https connection it puts a * for the host name (eg *.domain.com). so the host name becomes unresolvable.  If I click ok to the screen it says invalid configuration error. I have to change it to the fqdn to ok.

If I change it and reopen outlook it connects. When I close outlook and reopen again it does not connect. it goes back to the same configuration.
0
Comment
Question by:magapie
  • 19
  • 10
  • 9
  • +1
39 Comments
 
LVL 26

Expert Comment

by:Leon Fester
Comment Utility
Use this link to test you Configuration:
https://www.testexchangeconnectivity.com/

It sounds like your configuration is not being saved when you make changes.
Open the profile and check that you've got the correct settings.
Just double check that somebody didn't save the configuration with the wildcard character.
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
run "get-outlookanywhere | fl external*"
post the results
0
 
LVL 28

Expert Comment

by:sunnyc7
Comment Utility
You should have your fqdn in there instead of *

Close outlook
Start run
Outlook /rpcdiag

See if the connection state says established
If its just one workstation and you want to get past the error

Go here
C / windows / system32/drivers/etc

Right click on hosts
Open with notepad

Go to the endof the file and
Enter the ip address of your fqdn followed by fqdn

Like
1.2.3.4. Mail.google.com

Thanks
0
 

Author Comment

by:magapie
Comment Utility
I already did that it works.
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
please post the results from
get-outlookanywhere | fl exter*
0
 

Author Comment

by:magapie
Comment Utility
Its an outlook configuration issue not dns. The system works but outlook keeps changing the rpc/http config. I can't use a host file I have too many laptops.
0
 
LVL 28

Expert Comment

by:sunnyc7
Comment Utility
You are having name resolution issues if it connects first and then fails

You should also test using rpcping
0
 
LVL 28

Expert Comment

by:sunnyc7
Comment Utility
This is the command from workstation
Fill out appropriate parts and try it

Start run command
RPCPing.exe -t ncacn_http -o RpcProxy=fqdn.yourdomain.com -P "testuser,yourdomain,testpassword" -I "testuser,yourdomain,testpassword" -H 1 -u 10 -a connect -F 3 -E -v -3 -R none -q    
0
 

Author Comment

by:magapie
Comment Utility
This is part of my problem. I still cannot figure out how to remove this botched installation.

[PS] C:\Windows\system32>get-outlookanywhere | fl exter*
The task wasn't able to connect to IIS on the server 'WIN-2XBACKUP.blumelectric.com'. Make sure that the server exists
and can be reached from this computer: The RPC server is unavailable.
    + CategoryInfo          : ReadError: (WIN-2XBACKUP\Rpc (Default Web Site):ADObjectId) [Get-OutlookAnywhere], IISNo
   tReachableException
    + FullyQualifiedErrorId : B4F80054,Microsoft.Exchange.Management.SystemConfigurationTasks.GetRpcHttp
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
remove rpc over http proxy
reinstall rpc over http proxy
enable outlook anywhere again
0
 

Author Comment

by:magapie
Comment Utility
am I doing something wrong?

RPCPing v6.0. Copyright (C) Microsoft Corporation, 2002-2006
 RPCPing set Activity ID:  {2cee4ecd-043a-4a27-8d27-9efc5b790243}
 RPCPinging proxy server carparray.blumelectric.com with Echo Request Packet
 Setting autologon policy to high
 WinHttpSetCredentials for target server called
 Error 87 : The parameter is incorrect.
 returned in WinHttpSetCredentials
 Ping failed
0
 
LVL 28

Expert Comment

by:sunnyc7
Comment Utility
Start run
Control useraccountpasswords2

Go to advanced tab
In the servername
Enter your exchange servername

Try rpcping too and see if that gives you a response.
I am in a tr
0
 

Author Comment

by:magapie
Comment Utility
that command doesn't work. I'm running windows 7 not sure if it matters. Like I said before, it works. It's just that the client side changes. If it is configured correctly it works. Let me reinstall rpc/http and see what happens.
0
 
LVL 28

Expert Comment

by:sunnyc7
Comment Utility
Ok - I am with reinstallation of rpcproxy.
I remember this domain - it has been floating arounf ee for a while

Reinstall rpc proxy

Check http to https redirect requests in iis worker process

Start run inetmgr
Go to your servername
On the right pane click worker process
Click default website / sbs default website (under which you have your rpc virdir)

Now run testexchangeconnectivity rpc/ https tests
See if any httpto https redirect requests start popping up in iis above

I am in a train. Can't get you screenshots / kb :(
0
 

Author Comment

by:magapie
Comment Utility
Now that is what I call service. I'm trying all this now.
0
 
LVL 28

Expert Comment

by:sunnyc7
Comment Utility
Your error says iis not reachable for get outlookanywhere

Did you restart iis after that / restart server if possible

 CategoryInfo          : ReadError: (WIN-2XBACKUP\Rpc (Default Web Site):ADObjectId) [Get-OutlookAnywhere], IISNo   tReachableException    + FullyQualifiedErrorId : B4F80054,Microsoft.Exchange.Management.SystemConfigurationTasks.GetRpcHttp    
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
@sunnyc7 - i tried to suggest it earlier

let me know if you need any articles, i can provide since sunny is traveling
0
 
LVL 28

Expert Comment

by:sunnyc7
Comment Utility
There is one from msexchangeteam about httptohttpsredirect

Thanks man @endital
0
 

Author Comment

by:magapie
Comment Utility
after reinstalling it does not connect at all. If I run rpcdiag it connects tcp/ip in the office even with the boxes checked to connect https.
0
Shouldn't all users have the same email signature?

You wouldn't let your users design their own business cards, would you? So, why do you let them design their own email signatures? Think of the damage they could be doing to your brand reputation! Choose the easy way to manage set up and add email signatures for all users.

 

Author Comment

by:magapie
Comment Utility
I restarted the server. The win2x backup server no longer exists and I don't know how to remove it.
0
 

Author Comment

by:magapie
Comment Utility
owa is down also.
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
go into adsiedit
configuration - services - microsoft exchange - org name - administatrive groups - exchange admin group... - servers

if the server no longer exists (offline, wiped) then delete from under servers
0
 

Author Comment

by:magapie
Comment Utility
That fixes the rogue server name. But now owa nor outlook anywhere will connect.
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
make sure you default web site is running
0
 
LVL 28

Expert Comment

by:sunnyc7
Comment Utility
From your exchange serverstart > run > inetmgrClick on server name > on right panel > go to Worker ProcessClick on Default App PoolCheck if you are getting any Begin Request for http to https redirect, like the screenshot herehttp://blogs.technet.com/blogfiles/sbs/WindowsLiveWriter/SlowConnectivityforOutlookAnywhereandSit_D110/clip_image006_2.jpg
0
 
LVL 28

Expert Comment

by:sunnyc7
Comment Utility
I am out. Won't be available for sometime
0
 

Author Comment

by:magapie
Comment Utility
I see three things that says msexchange in them and they all say running. Nothing like the screen shot. The process for owa was stopped. Now it is working.

But still no https/rpc access.
0
 

Author Comment

by:magapie
Comment Utility
It's the same thing. It changes the name back to *.blumelectric.com
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
did you re-enable outlookanywhere?
0
 

Author Comment

by:magapie
Comment Utility
Yes. Went through the wizard.

[PS] C:\Windows\system32>get-outlookanywhere | fl exter*


ExternalHostname : carparray.blumelectric.com
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
is your certificate a wildcard certificate
0
 

Author Comment

by:magapie
Comment Utility
UCC cert. All of this has been working before. owa works also.
0
 

Author Comment

by:magapie
Comment Utility
At this point outlook anywhere does not work at all.
0
 
LVL 32

Expert Comment

by:endital1097
Comment Utility
post the results for
get-outlookprovider | fl
0
 

Author Comment

by:magapie
Comment Utility
When I run test echange connectivity it only works if I take out the mutual authetication section.
0
 

Author Comment

by:magapie
Comment Utility
I see the star in there. How do I get it out?

[PS] C:\Windows\system32>get-outlookprovider | fl


RunspaceId           : 94742aee-67a6-4929-b721-02c978653158
CertPrincipalName    :
Server               :
TTL                  : 1
OutlookProviderFlags : None
AdminDisplayName     :
ExchangeVersion      : 0.1 (8.0.535.0)
Name                 : EXCH
DistinguishedName    : CN=EXCH,CN=Outlook,CN=AutoDiscover,CN=Client Access,CN=Blum Electric,CN=Microsoft Exchange,CN=Se
                       rvices,CN=Configuration,DC=blumelectric,DC=com
Identity             : EXCH
Guid                 : f1df6d21-3846-4be7-9de4-954cc5de046e
ObjectCategory       : blumelectric.com/Configuration/Schema/ms-Exch-Auto-Discover-Config
ObjectClass          : {top, msExchAutoDiscoverConfig}
WhenChanged          : 7/19/2010 5:09:39 PM
WhenCreated          : 7/19/2010 5:09:39 PM
WhenChangedUTC       : 7/20/2010 12:09:39 AM
WhenCreatedUTC       : 7/20/2010 12:09:39 AM
OrganizationId       :
OriginatingServer    : FRONTOFFICE.blumelectric.com
IsValid              : True

RunspaceId           : 94742aee-67a6-4929-b721-02c978653158
CertPrincipalName    : msstd:carparray.blumelectric.com
Server               : *.blumelectric.com
TTL                  : 1
OutlookProviderFlags : None
AdminDisplayName     :
ExchangeVersion      : 0.1 (8.0.535.0)
Name                 : EXPR
DistinguishedName    : CN=EXPR,CN=Outlook,CN=AutoDiscover,CN=Client Access,CN=Blum Electric,CN=Microsoft Exchange,CN=Se
                       rvices,CN=Configuration,DC=blumelectric,DC=com
Identity             : EXPR
Guid                 : 94d425f6-fad9-46c1-9a2b-b765e358d4b8
ObjectCategory       : blumelectric.com/Configuration/Schema/ms-Exch-Auto-Discover-Config
ObjectClass          : {top, msExchAutoDiscoverConfig}
WhenChanged          : 9/17/2010 7:39:49 AM
WhenCreated          : 7/19/2010 5:09:40 PM
WhenChangedUTC       : 9/17/2010 2:39:49 PM
WhenCreatedUTC       : 7/20/2010 12:09:40 AM
OrganizationId       :
OriginatingServer    : FRONTOFFICE.blumelectric.com
IsValid              : True

RunspaceId           : 94742aee-67a6-4929-b721-02c978653158
CertPrincipalName    :
Server               :
TTL                  : 1
OutlookProviderFlags : None
AdminDisplayName     :
ExchangeVersion      : 0.1 (8.0.535.0)
Name                 : WEB
DistinguishedName    : CN=WEB,CN=Outlook,CN=AutoDiscover,CN=Client Access,CN=Blum Electric,CN=Microsoft Exchange,CN=Ser
                       vices,CN=Configuration,DC=blumelectric,DC=com
Identity             : WEB
Guid                 : 3bcbf598-855b-4300-a9ca-3d207164b4ad
ObjectCategory       : blumelectric.com/Configuration/Schema/ms-Exch-Auto-Discover-Config
ObjectClass          : {top, msExchAutoDiscoverConfig}
WhenChanged          : 7/19/2010 5:09:41 PM
WhenCreated          : 7/19/2010 5:09:41 PM
WhenChangedUTC       : 7/20/2010 12:09:41 AM
WhenCreatedUTC       : 7/20/2010 12:09:41 AM
OrganizationId       :
OriginatingServer    : FRONTOFFICE.blumelectric.com
IsValid              : True




0
 
LVL 32

Accepted Solution

by:
endital1097 earned 250 total points
Comment Utility
set-outlookprovider expr -server $null
0
 

Author Comment

by:magapie
Comment Utility
I think that fixed it. When I tell you that you are awesome you are a true genius! Hopefully this closes the book on this server.
0
 

Author Closing Comment

by:magapie
Comment Utility
Once again another problem solved.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
how to add IIS SMTP to handle application/Scanner relays into office 365.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now