Solved

Outlook Anywhere Exchange 2007 Fails to Configure Clients

Posted on 2010-11-24
15
337 Views
Last Modified: 2012-05-10
We're trying to configure outlook anywhere for a client. Currently, exchange 2007 is configured to deliver over HTTP and firewall exceptions have been put in place for 25, 80, and 443 as required. The certificate is configured as well. Our test user can connect to OWA without issue, however when connecting to Outlook Anywhere from an outlook client, we're seeing issues.

heres the process i'm using, perhaps its wrong?
(using outlook 2007) i go to setup the account
setup for exchange, use the internal exchange server name (FQDN), select more options, under the connections tab, check the "Connect to Microsoft Exchange using HTTP" and configure the proxy to point to "remote.$SERVERNAME.org" when i check the name it prompts me for a username and password but will not authenticate.

any help would be appreciated.
0
Comment
Question by:redeyeinc
  • 7
  • 5
  • 2
  • +1
15 Comments
 
LVL 3

Accepted Solution

by:
drpoppers earned 500 total points
ID: 34206839
check that autodiscover.yourdomain.com resolves back to the exchange server.
It should autoconfigure itself if these are correct.

Also, check this out. https://www.testexchangeconnectivity.com/
0
 
LVL 1

Expert Comment

by:GandalphWizard
ID: 34206878
I noticed when setting up mine in Exchange 2010, which is quite similar, that at the user/password prompt, we had to use domain\user and pasword or it would not authenticate.
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 34207770
Put
msstd:
In front of your proxy server name in the outlook settings
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 34207876
What I meant to say was put that in front of your name in the "Proxy servers with this principal name" box
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 34207907
Have you tried Basic authentication?

What about using the certificate's "Issued To" name as your proxy server URL?
0
 

Author Comment

by:redeyeinc
ID: 34208173
drpoppers,

thanks for the link, its been very helpful. it appears that the RPC over HTTP is failing to get a ping response from NSPI  on port 6004. initially it looks like Microsoft had a problem using IPv6 internally between server 2008 and exchange 2007 which was resolved in SP1 RU4. however i have SP3 installed.

using netstat -apo|findstr i looked to ensure ports 6001,6002,6004 are being listened by the correct processes. but heres what i got

6001 by store.exe for both IPv4 and IPv6
6002 by mad.exe for both IPv4 and IPv6
6004 by mad.exe for both IPv4 and IPv6

note that this is not a DC so lsass.exe is not listening on 6004.

yet i'm still getting the NSPI failure on 6004. ideas?

0
 

Author Comment

by:redeyeinc
ID: 34208202
meganuk3,

using "msstd:"in the proxy servers principal name wont work, the msstd: entry is for mutual authentication, which i'm not using here. additionally i'm currently using basic authentication.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 31

Expert Comment

by:MegaNuk3
ID: 34208437
Tried NTLM?
0
 

Author Comment

by:redeyeinc
ID: 34208516
meganuk3,

the system is setup for basic authentication.
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 34208600
Ok, did you try my cert name test?
0
 
LVL 3

Assisted Solution

by:drpoppers
drpoppers earned 500 total points
ID: 34208619
Also did you check what autodiscover.yourdomain resolved to?
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 34208624
Is the cert "issued to" remote.$servername.org?

Has outlook anywhere ever worked? Have you tested it internally
0
 

Author Comment

by:redeyeinc
ID: 34208711
drpoppers,

the autodiscover is not working, it appears we forgot to add an 'A' record with the host for autodiscover.$SERVERNAME.org. i'm currently updating this record.

meganuk3,

yes thats how the cert is issued. and no Outlook anywhere is a new feature we're setting up. the test fails internally as well at the same location, so i'm fairly confident the network layer is not at issue here.

i'll post back with results once the autodiscover 'A' record propagates. a colleague has informed me that outlook2007 needs the autodiscover features to function normally so perhaps this will help.
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 34208794
To quickly test autodiscover add a HOSTS entry
0
 

Author Closing Comment

by:redeyeinc
ID: 34239816
It turned out that the Autodiscover features were not working.  These are *not* optional. even though i had all the manual information correct, the Autodiscover function is used by the outlook client and thus must be working in order for Outlook Anywhere to work
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Outlook Free & Paid Tools
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now