Exchange 2003 Connection over HTTPS in Outlook 2007-2010
I've got two (2) Exchange 2003 servers that host our email for our domain.
On the first Exchange box, I am able to connect people to the server on the LAN, as well as via HTTPS with those users who are more remote. iPhone users are able to connect this email server without difficultly. The public name of the server is the same as the local domain name of the server. This machine is called exchange.ourdomain.com
So, our public domain name, ourdomain.com, happens to also be the local windows domain name, ourdomain.com -- I didn't set this up, but this is the way it is.
The second Exchange box, also on the same LAN, has a name exchangesrv.ourdomain.com.
The server has a DIFFERENT public name (but forwarded to the correct IP address) than the local domain name. So, this second server uses, let's say, exchangesrv.ourotherdomain
This second server has an SSL certificate that appears to be working just fine, but for whatever reason, when I attempt to add the Exchange users's email account in Outlook using Connect using my LAN options, etc.
Any ideas why this might not be working? My head is spinning trying to figure this thing out.
On the first Exchange box, I am able to connect people to the server on the LAN, as well as via HTTPS with those users who are more remote. iPhone users are able to connect this email server without difficultly. The public name of the server is the same as the local domain name of the server. This machine is called exchange.ourdomain.com
So, our public domain name, ourdomain.com, happens to also be the local windows domain name, ourdomain.com -- I didn't set this up, but this is the way it is.
The second Exchange box, also on the same LAN, has a name exchangesrv.ourdomain.com.
The server has a DIFFERENT public name (but forwarded to the correct IP address) than the local domain name. So, this second server uses, let's say, exchangesrv.ourotherdomain
This second server has an SSL certificate that appears to be working just fine, but for whatever reason, when I attempt to add the Exchange users's email account in Outlook using Connect using my LAN options, etc.
Any ideas why this might not be working? My head is spinning trying to figure this thing out.
ASKER
Yes, 2 servers part of the same local domain.
I have set up each one on their own public IP address. Should I set the front-end server box on one or both?
Each of the 2 servers has mailboxes on it.
I have set up each one on their own public IP address. Should I set the front-end server box on one or both?
Each of the 2 servers has mailboxes on it.
Ideally you should have a frontend and backend scenario as mentioned by demazter.
Since you are connecting directly to the second box, outlook will look for certificate, do you have a registered cert with fqdn as your second box fqdn?
Since you are connecting directly to the second box, outlook will look for certificate, do you have a registered cert with fqdn as your second box fqdn?
ASKER
I do have a registered cert with the fqdn for the 2nd box, yes.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Some bullet points to clarify the situation:
1. Users do not go to the incorrect address, nor are they confused. There are very few mailboxes on the new server (5 total), and these people have been specifically provided the correct URL. Other users are not brought in on this conversation, so there is no cause for confusion among them.
2. I do have licensing to install/configure another Exchange server to be front-end only, if need be.
3. If I could simply connect over SSL using Outlook to the 2nd server, I wouldn't be asking the question.
4. I have no desire to completely re-configure my environment. That is not at all a viable solution. There must be something small (or big!) that I'm missing to get this working correctly.
Other than the face that I can't get Outlook to remotely connect to the 2nd Exchange box, everything is working well. We added a second Exchange server because we were running out of disk space on the first one. So, unfortunately, though the setup doesn't meet some people's ideal (or mine, for that matter), this is the environment I am working with.
Thanks in advance for any solutions that help!
I will check on RPC being enabled.
1. Users do not go to the incorrect address, nor are they confused. There are very few mailboxes on the new server (5 total), and these people have been specifically provided the correct URL. Other users are not brought in on this conversation, so there is no cause for confusion among them.
2. I do have licensing to install/configure another Exchange server to be front-end only, if need be.
3. If I could simply connect over SSL using Outlook to the 2nd server, I wouldn't be asking the question.
4. I have no desire to completely re-configure my environment. That is not at all a viable solution. There must be something small (or big!) that I'm missing to get this working correctly.
Other than the face that I can't get Outlook to remotely connect to the 2nd Exchange box, everything is working well. We added a second Exchange server because we were running out of disk space on the first one. So, unfortunately, though the setup doesn't meet some people's ideal (or mine, for that matter), this is the environment I am working with.
Thanks in advance for any solutions that help!
I will check on RPC being enabled.
ASKER
RPC is enabled.
ASKER
Does it matter that the FQDN of the local machine is exchangesrv.ourdomain.com and the fqdn of the ssl cert and the ip address are being accessed from exchangesrv.ourOTHERdomain
For iPhones, it doesn't seem to present a problem. Just for Outlook. Webmail continues to work properly though.
For iPhones, it doesn't seem to present a problem. Just for Outlook. Webmail continues to work properly though.
The certificate should be fine. iPhones are actually using a different method - they are getting mail via ActiveSync, not RPC over HTTP.
What are the errors you receive when trying to use Outlook remotely?
What are the errors you receive when trying to use Outlook remotely?
ASKER
Doh! I had typed up the specific errors, but guess I never pressed Submit!
Here are the typical steps I'm using, and the errors along the way, to setup Outlook for remote access. These steps work on Server1 but not on Server2.
-- Open Outlook to configure new Exchange account
-- Choose manual settings for the account
-- Select Microsoft Exchange or compatible account
-- Enter Server2's FQDN in the Server field: server2.ourdomain.com
-- Enter username in the User Name field: username
-- Click 'More Settings'
-- Select 'Connection' Tab
-- Check 'Connect to Microsoft Exchange using HTTP'
-- Click 'Exchange Proxy Settings' button
-- Enter Server2 FQDN in the https:// field
-- Ensure NTLM Authentication is selected (it is by default)
-- Click 'OK' button
-- Choose 'Security' Tab
-- Check 'Always prompt for logon credentials' box
-- Set 'Logon network security' to Password Authentication (NTLM)
-- Click 'Apply' button
-- Click 'OK' button
[No errors up to this point]
[Now back on Outlook's main 'Server Settings' page, ready to click 'Next']
-- Click 'Next' button
-- Prompt for credentials pops up, and I enter appropriate credentials using ourdomain\username, and the user's network password
-- Press 'OK' button
[Here's where the errors begin]
-- Outlook appears to time out here, screen may go white for a moment, or it appears as though nothing is happening
[ERROR: The action cannot be completed. The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action.]
-- Press 'OK' button to click off the error
-- A "mini" server settings dialog appears, and I have a chance to press 'Check Name' if I'd like.
-- Clicking 'Check Name' or 'OK' produces a timeout again... Window title bar displays (Not Responding) while Outlook is checking for stuff.
[ERROR: The name cannot be resolved. The connection to Exchange is unavailable. Outlook must be online or connected to complete this action.] Essentially the same error as above.
After clicking through the errors just to get off the setup screens and get to Finish, opening Outlook then produces the same errors again.
Here are the typical steps I'm using, and the errors along the way, to setup Outlook for remote access. These steps work on Server1 but not on Server2.
-- Open Outlook to configure new Exchange account
-- Choose manual settings for the account
-- Select Microsoft Exchange or compatible account
-- Enter Server2's FQDN in the Server field: server2.ourdomain.com
-- Enter username in the User Name field: username
-- Click 'More Settings'
-- Select 'Connection' Tab
-- Check 'Connect to Microsoft Exchange using HTTP'
-- Click 'Exchange Proxy Settings' button
-- Enter Server2 FQDN in the https:// field
-- Ensure NTLM Authentication is selected (it is by default)
-- Click 'OK' button
-- Choose 'Security' Tab
-- Check 'Always prompt for logon credentials' box
-- Set 'Logon network security' to Password Authentication (NTLM)
-- Click 'Apply' button
-- Click 'OK' button
[No errors up to this point]
[Now back on Outlook's main 'Server Settings' page, ready to click 'Next']
-- Click 'Next' button
-- Prompt for credentials pops up, and I enter appropriate credentials using ourdomain\username, and the user's network password
-- Press 'OK' button
[Here's where the errors begin]
-- Outlook appears to time out here, screen may go white for a moment, or it appears as though nothing is happening
[ERROR: The action cannot be completed. The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action.]
-- Press 'OK' button to click off the error
-- A "mini" server settings dialog appears, and I have a chance to press 'Check Name' if I'd like.
-- Clicking 'Check Name' or 'OK' produces a timeout again... Window title bar displays (Not Responding) while Outlook is checking for stuff.
[ERROR: The name cannot be resolved. The connection to Exchange is unavailable. Outlook must be online or connected to complete this action.] Essentially the same error as above.
After clicking through the errors just to get off the setup screens and get to Finish, opening Outlook then produces the same errors again.
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
You have 2 servers part of Thessaly domain/exchange org?
If so then you need a front end server, especially if you only have a single IP address.