Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Installed UCC Cert for Exchange 2007, now Outlook Anywhere not working

Posted on 2011-03-03
Medium Priority
Last Modified: 2012-05-11
As the title suggests, I've installed a UCC certificate for Exchange 2007, replacing a wild card cert.  My internal and external webmail work fine, and ActiveSync clients are connecting with no problems.  But I can't get an Outlook Anywhere client to connect.  I keep getting prompted for a username/password and it won't accept anything.  I've tried fiddling around with every different setting, and at this point I'm at my wits end and need this resolved ASAP.  

Any suggestions, things to try, I've done some research on here and also other exchange forums but I'm stuck.  Thank you.
Question by:Sma11T0wnITGuy
  • 4
  • 4
LVL 11

Expert Comment

ID: 35029872
Hi there,

what type of authentication have you set for Outlook Anywhere?

You can view the settings with Get-OutlookAnywhere from the shell.


Author Comment

ID: 35029920
Output from Get-OutlookAnywhere command:

ServerName                      : LSIEXCHANGE
SSLOffloading                   : False
ExternalHostname                : getmymail.lsisolutions.com
ClientAuthenticationMethod      : Ntlm
IISAuthenticationMethods        : {Ntlm}
MetabasePath                    : IIS://LSIEXCHANGE.lsisolutions.com/W3SVC/1/RO
Path                            : C:\Windows\System32\RpcProxy
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags         : {}
ExtendedProtectionSPNList       : {}
Server                          : LSIEXCHANGE
AdminDisplayName                :
ExchangeVersion                 : 0.1 (8.0.535.0)
Name                            : Rpc (Default Web Site)
DistinguishedName               : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocol
                                  s,CN=LSIEXCHANGE,CN=Servers,CN=Exchange Admin
                                  istrative Group (FYDIBOHF23SPDLT),CN=Administ
                                  rative Groups,CN=LSI Solutions Inc,CN=Microso
                                  ft Exchange,CN=Services,CN=Configuration,DC=l
Identity                        : LSIEXCHANGE\Rpc (Default Web Site)
Guid                            : e07a7d60-fb53-4b20-b535-56ced82af173
ObjectCategory                  : lsisolutions.com/Configuration/Schema/ms-Exch
ObjectClass                     : {top, msExchVirtualDirectory, msExchRpcHttpVi
WhenChanged                     : 3/3/2011 12:41:12 PM
WhenCreated                     : 7/21/2010 9:54:00 AM
OriginatingServer               : lsiadc02.lsisolutions.com
IsValid                         : True

LVL 11

Expert Comment

ID: 35030273
Can you change the authentication from NTLM to basic please?
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

LVL 20

Expert Comment

by:Satya Pathak
ID: 35030280
did u rty to ran the https://www.testexchangeconnectivity.com/ and check it .

Author Comment

ID: 35030450
Michael-Changing the authentication level does not help

Satya-The test is fine until the final step, Testing SSL mutual authentication with the RPC proxy server.  

The certificate common name lsiexchange.lsisolutions.com doesn't validate against the mutual authentication string that was provided: msstd:*.lsisolutions.com
LVL 11

Accepted Solution

MichaelVH earned 2000 total points
ID: 35030525
Your outlook still represents the config for the wildcard cert you had before. You should first of all change the Outlookprovider

first check the Outlookprovider "EXPR" to see what setting it has for the certprincipalname. (probably "*.etc")

You should (if it's set to "*.etc") change it like this:

Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:lsiexchange.lsisolutions.com



Author Comment

ID: 35030666

I just ran that command, and it looks like I'm able to connect now.  I will try a few other clients as well.  testexchangeconnectivity.com is going through now as well.

Author Closing Comment

ID: 35036719

Great work, that fixed it up.  My remotes need to VPN in once to get the settings, but its working beyond that.  Thank you again.
LVL 11

Expert Comment

ID: 35042111
You're most welcome.

I'm glad you got it working again.



Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes Top 9 Exchange troubleshooting utilities that every Exchange Administrator should know. Most of the utilities are available free of cost. List of tools that I am going to explain in this article are:   Microsoft Remote Con…
There can be many situations demanding the conversion of Outlook OST files to PST format and as such, there is no shortage of automated tools to perform this conversion. However, what makes Stellar OST to PST converter stand above the rest? Let us e…
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses
Course of the Month14 days, 1 hour left to enroll

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question