stevenvanheerden
asked on
Remote Client Access for Exchange 2003
Hi there
I have just installed Windows Server 2003 SBE with Exchange 2003.
I have also updated the server with SP1 and relevant updates.
Everything is working fine and the server is running smooth.
I need to know however, how can I configure this exchange to be available to people working on laptops outside the local area network?
I need the outlook to connect directly to the exchange.
Thanks a lot
I have just installed Windows Server 2003 SBE with Exchange 2003.
I have also updated the server with SP1 and relevant updates.
Everything is working fine and the server is running smooth.
I need to know however, how can I configure this exchange to be available to people working on laptops outside the local area network?
I need the outlook to connect directly to the exchange.
Thanks a lot
Assuming that you mean Windows 2003 Small Business Server (which has Exchange 2003 installed, not Exchange 6.5), then please have a read of the following and configure RPC over HTTPs
http://www.petri.co.il/how-can-i-configure-rpc-over-https-on-exchange-2003-single-server-scenario.htm
Make sure your certificate is named correctly, such as mail.yourdomain.com or better still, buy a 3rd party one from somewhere like GoDaddy otherwise you will have to install the SBS certificate onto each and every laptop / PC you want to connect to your server.
http://www.petri.co.il/how-can-i-configure-rpc-over-https-on-exchange-2003-single-server-scenario.htm
Make sure your certificate is named correctly, such as mail.yourdomain.com or better still, buy a 3rd party one from somewhere like GoDaddy otherwise you will have to install the SBS certificate onto each and every laptop / PC you want to connect to your server.
if this exchange for internal use only (i.e authoritave for a domain different than company domain) and not connected to the internet and does not has internet mx records, then you can use either vpn or publish it by opining incoming pop3, smtp ports and map it to your local exchange server ip,
RPC over HTTPS is the way to go as Alan said. Laptops users can just start Outlook, enter in their username.password, and connect. No VPN or other fussing around. On Outlook 2007 and Exchange 2007, I don't even need to enter in the password if I am logged into the laptop with valid credentials. I don't know if that needs Outlook 2007, Exchange 2007, or both to take advantage of the single sign on.
ASKER
hi Alan
thanks for your help so far.
according to the link, the only steps i still have to do is to create the certificate on this server and configure outlook.
i'm struggling a bit with the certificate. when i go to the part to create the new certificate i dont have the option to create a new one. (See Attached)
i have a certificate already available though that i can export, but i dont know how to see if it uses port 443
do you know how i can get around this one?
thanks so far.
ISS.JPG
thanks for your help so far.
according to the link, the only steps i still have to do is to create the certificate on this server and configure outlook.
i'm struggling a bit with the certificate. when i go to the part to create the new certificate i dont have the option to create a new one. (See Attached)
i have a certificate already available though that i can export, but i dont know how to see if it uses port 443
do you know how i can get around this one?
thanks so far.
ISS.JPG
ASKER
hi Guys
do yo u have any suggestions for me please....i'm almost there, just the last bit to do still.
thanks
do yo u have any suggestions for me please....i'm almost there, just the last bit to do still.
thanks
Sorry - missed the last email notif as I was up to my eyes in FTMG fun :)
With SBS - just re-run the Connect To The Internet Wizard and get that to create a new Certificate.
Start> SBS Management> To-Do List> Connect To The Internet.
Change nothing apart from the Certificate part and make sure you use something like mail.yourdomain.com or www.yourdomain.com (something that resolves in DNS to your server.
With SBS - just re-run the Connect To The Internet Wizard and get that to create a new Certificate.
Start> SBS Management> To-Do List> Connect To The Internet.
Change nothing apart from the Certificate part and make sure you use something like mail.yourdomain.com or www.yourdomain.com (something that resolves in DNS to your server.
ASKER
hi Alan
No worries. i have done the new certificate and have used the dyndns account that i use for remote access in the new certificate setup. it still gave me no option to specify port 443.
by sounds of things it seems like SBS does everything automatically - sp i'm not sure if i must worry about this.
i will test the outlook 2003 tomorrow and will get back to you on that.
thanks a lot so far - u have been most helpful!
No worries. i have done the new certificate and have used the dyndns account that i use for remote access in the new certificate setup. it still gave me no option to specify port 443.
by sounds of things it seems like SBS does everything automatically - sp i'm not sure if i must worry about this.
i will test the outlook 2003 tomorrow and will get back to you on that.
thanks a lot so far - u have been most helpful!
You are welcome - here if you need me.
Alan
Alan
ASKER
hi Alan
I'm still not getting this right.
i have run the connect to the internet wizard again and created a new certificate which i have exported and installed on the laptop connecting remotely.
i use a dyndns account to resolve my dynamic ip from the ISP. it works fine for remote desktop.
so i just created that address in the certificate.
i have also opened port 443 on the router to forward to the ip address of the exchange server.(not sure if i should open port 80 as well?
the other thing i noticed is that if i go to my browser and type in https://mydomain.dyndns.info, i get to the server and it displays a welcome to the windows small business server "home page"
i'm also not to sure what to put in at the https: adress under exchange proxy settings page, wil this be my dyndns name?
hope all this makes sense to you...
thanks
steven
I'm still not getting this right.
i have run the connect to the internet wizard again and created a new certificate which i have exported and installed on the laptop connecting remotely.
i use a dyndns account to resolve my dynamic ip from the ISP. it works fine for remote desktop.
so i just created that address in the certificate.
i have also opened port 443 on the router to forward to the ip address of the exchange server.(not sure if i should open port 80 as well?
the other thing i noticed is that if i go to my browser and type in https://mydomain.dyndns.info, i get to the server and it displays a welcome to the windows small business server "home page"
i'm also not to sure what to put in at the https: adress under exchange proxy settings page, wil this be my dyndns name?
hope all this makes sense to you...
thanks
steven
ASKER
hi Alan
hope you can assist me further here with this issue.
i'm not completely coming right here.
thanks so far
hope you can assist me further here with this issue.
i'm not completely coming right here.
thanks so far
Okay - sounds like you are making good progress.
Please visit https://testexchangeconnectivity.com and run the Outlook Anywhere (RPC over HTTP) test and then post the results.
Alan
Please visit https://testexchangeconnectivity.com and run the Outlook Anywhere (RPC over HTTP) test and then post the results.
Alan
ASKER
Hi Alan
ok here it is
ExRCA is testing RPC/HTTP connectivity.
The RPC/HTTP test failed.
Test Steps
Attempting to resolve the host name autohaus.dyndns.info in DNS.
Host successfully resolved
Additional Details
IP(s) returned: 41.145.145.51
Testing TCP Port 443 on host autohaus.dyndns.info to ensure it is listening and open.
The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
The certificate name is being validated.
Successfully validated the certificate name
Additional Details
Found hostname autohaus.dyndns.info in Certificate Subject Common name
Certificate trust is being validated.
Certificate trust validation failed.
Tell me more about this issue and how to resolve it
Additional Details
The certificate chain did not end in a trusted root. Root = CN=autohaus.dyndns.info, CN=companyweb, CN=cahsrv, CN=localhost, CN=cahsrv.Autohaus.local
ok here it is
ExRCA is testing RPC/HTTP connectivity.
The RPC/HTTP test failed.
Test Steps
Attempting to resolve the host name autohaus.dyndns.info in DNS.
Host successfully resolved
Additional Details
IP(s) returned: 41.145.145.51
Testing TCP Port 443 on host autohaus.dyndns.info to ensure it is listening and open.
The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
The certificate name is being validated.
Successfully validated the certificate name
Additional Details
Found hostname autohaus.dyndns.info in Certificate Subject Common name
Certificate trust is being validated.
Certificate trust validation failed.
Tell me more about this issue and how to resolve it
Additional Details
The certificate chain did not end in a trusted root. Root = CN=autohaus.dyndns.info, CN=companyweb, CN=cahsrv, CN=localhost, CN=cahsrv.Autohaus.local
Okay - forgot you have a self-certified cert - that test won't work! Sorry.
So - your certificate is named properly. Are you using autohaus.dyndns.info in the proxy settings withing Outlook?
Also, which version of Outlook do you have?
So - your certificate is named properly. Are you using autohaus.dyndns.info in the proxy settings withing Outlook?
Also, which version of Outlook do you have?
ASKER
Hi Alan
ok, so i think my certificate is correctly named: it has the correct info when i view it under IIS, and that is the certificate i exported and installed on the client pc.
in outlook at the exchange proxy settings i have put in autohaus.dyndns.info yes...
it just bothers me a bit tat it has a prefix "https://"
its Outlook 2003 Pro
ok, so i think my certificate is correctly named: it has the correct info when i view it under IIS, and that is the certificate i exported and installed on the client pc.
in outlook at the exchange proxy settings i have put in autohaus.dyndns.info yes...
it just bothers me a bit tat it has a prefix "https://"
its Outlook 2003 Pro
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Alan
Eureka! got it!
thanks a lot for your help with this.
seems like i had the certificate installed in the wrong directory on the client pc.
Cheers
Steven
Eureka! got it!
thanks a lot for your help with this.
seems like i had the certificate installed in the wrong directory on the client pc.
Cheers
Steven
ASKER
Great Help thanks Alan
Great news - glad you are sorted now. Certs can be tricky little fellas to install in the right place.
Enjoy remote mail now : )
Thanks for the points.
Alan
Enjoy remote mail now : )
Thanks for the points.
Alan
ASKER
Pleasure!
Cheers...
Cheers...
http://articles.techrepublic.com.com/5100-10878_11-6155394.html