[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Outlook Anywere

Posted on 2011-03-21
22
Medium Priority
?
3,596 Views
Last Modified: 2012-06-27
I am having some issues setting up Outlook Anywhere using exchange 2010.

I have enabled Outlook Anywhere and attempted to connect using the following settings:

 image1 image2
On the server side we have 2008 R2 with Exchange 2010. We can connect to OWA and have configured are own certificate.

The certificate was setup by installing the certificate authority on the server; we created an exchange certificate and got this issued by our own certificate authority. After adding our certificate to the external client OWA has no problems with the certificate.

However when opening up outlook it asks for the username and password then brings up the following error:

 image3
Does anyone have any ideas on how to fix and/ or diagnose the issue?
0
Comment
Question by:patrickfreer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 7
  • 5
  • +1
22 Comments
 
LVL 7

Expert Comment

by:Saoi
ID: 35179801
Hi,

Have you tried using the Exchange Connectivity Analyzer? https://www.testexchangeconnectivity.com/ Run the Outlook Anywhere Test and post back any errors :)

Sam
0
 
LVL 22

Expert Comment

by:chakko
ID: 35179812

In the Outlook setting for server name (same screen where you put your username).  Use the internal server name (same as you would put in the local LAN).
0
 
LVL 1

Author Comment

by:patrickfreer
ID: 35180741
Chakko the server name is set to my internal server name.

Saoi please see attached:

 oa-errors
Another note https://server.domain.com/owa works without any certificate errors.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 19

Expert Comment

by:R--R
ID: 35180904
Open the certificate go to certificate path tab then you will the root certificate/chain.
Just highlight/select it and view certificate and install it.

Install all of them which you can see in the certificate path.
0
 
LVL 19

Expert Comment

by:R--R
ID: 35180925
Install it on the PC from where you are setting up outlook for outlook anywhere.
0
 
LVL 19

Expert Comment

by:R--R
ID: 35180934
0
 
LVL 7

Expert Comment

by:Saoi
ID: 35181052
I'm pretty confident the certificate is not the issue - ExRCA doesn't take a private CA into account and won't trust it which is the error received there.

Can you run the following from your EXCH2010 server and show the results:

Test-OutlookConnectivity -Protocol:Http -verbose
0
 
LVL 1

Author Comment

by:patrickfreer
ID: 35181123
I have installed all the available certificates yet Outlook Anywhere still refuses to work.

When looking at the certificate that’s used for OWA the chain tab has the following:

 ww
Both blanked out fields contain the server.domain.com address.
0
 
LVL 1

Author Comment

by:patrickfreer
ID: 35181154
Test-OutlookConnectivity -Protocol:Http -verbose

 
[PS] C:\Windows\system32>Test-OutlookConnectivity -Protocol:Http -verbose
VERBOSE: [14:39:40.561 GMT] Test-OutlookConnectivity : Initializing Active Directory server settings for the remote
Windows PowerShell session.
VERBOSE: [14:39:40.561 GMT] Test-OutlookConnectivity : Active Directory session settings for 'Test-OutlookConnectivity'
 are: View Entire Forest: 'False', Default Scope: 'domain.local', Configuration Domain Controller: 'server.domain.local',
 Preferred Global Catalog: 'server.domain.local', Preferred Domain Controllers: '{ server.domain.local }'
VERBOSE: [14:39:40.561 GMT] Test-OutlookConnectivity : Runspace context: Executing user:
domain.local/Users/Administrator, Executing user organization: , Current organization: , RBAC-enabled: Enabled.
VERBOSE: [14:39:40.561 GMT] Test-OutlookConnectivity : Beginning processing &
VERBOSE: [14:39:40.624 GMT] Test-OutlookConnectivity : Instantiating handler with index 0 for cmdlet extension agent
"Admin Audit Log Agent".
VERBOSE: [14:39:40.670 GMT] Test-OutlookConnectivity : Current ScopeSet is: { Recipient Read Scope: {{, }}, Recipient
Write Scopes: {{, }}, Configuration Read Scope: {{, }}, Configuration Write Scope(s): {{, }, }, Exclusive Recipient
Scope(s): {}, Exclusive Configuration Scope(s): {} }
VERBOSE: [14:39:40.733 GMT] Test-OutlookConnectivity : Target Site =
'domain.local/Configuration/Sites/Default-First-Site-Name'
VERBOSE: [14:39:40.733 GMT] Test-OutlookConnectivity : Target Domain = 'domain.local'
VERBOSE: [14:39:40.873 GMT] Test-OutlookConnectivity : Admin Audit Log: Entered Handler:OnComplete.
VERBOSE: [14:39:41.060 GMT] Test-OutlookConnectivity : Target Site =
'domain.local/Configuration/Sites/Default-First-Site-Name'
VERBOSE: [14:39:41.060 GMT] Test-OutlookConnectivity : Target Domain = 'domain.local'
Failed to find the mailbox. Mailbox = 'extest_9d767a9f2fda4@domain.local'.
    + CategoryInfo          : OperationStopped: (Microsoft.Excha...onnectivityTask:TestOutlookConnectivityTask) [Test-
   OutlookConnectivity], MailboxNotFoundException
    + FullyQualifiedErrorId : 633F0BAD,Microsoft.Exchange.Monitoring.TestOutlookConnectivityTask

VERBOSE: [14:39:41.076 GMT] Test-OutlookConnectivity : Ending processing &
[PS] C:\Windows\system32>

Open in new window

0
 
LVL 19

Expert Comment

by:R--R
ID: 35181292
Have you checked through  https://www.testexchangeconnectivity.com/ ?
0
 
LVL 7

Expert Comment

by:Saoi
ID: 35181303
Ah, you'll need to run the "new-testcasconnectivityuser.ps1" script from your <exchange installation path>\Scripts folder. This will create the user and then re-run the test.
0
 
LVL 1

Author Comment

by:patrickfreer
ID: 35181330
new-testcasconnectivityuser.ps1 give the following error:

 
[PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\new-TestCasConnectivityUser.ps1
Please enter a temporary secure password for creating test users. For security purposes, the password will be changed r
egularly and automatically by the system.
Enter password: **************
Create test user on: server.domain.local
Click CTRL+Break to quit or click Enter to continue.:
CreateTestUser : Mailbox could not be created. Verify that OU ( Users ) exists and that password meets complexity requi
rements.
At C:\Program Files\Microsoft\Exchange Server\V14\Scripts\new-TestCasConnectivityUser.ps1:267 char:31
+       $result = CreateTestUser <<<<  $exchangeServer $mailboxServer $securePassword $OrganizationalUnit $UMDialPlan $
UMExtension $Prompt
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,CreateTestUser

Open in new window

0
 
LVL 19

Expert Comment

by:R--R
ID: 35181392
Are you able to telnet server.domain.com 6004
6001 or 6002
0
 
LVL 1

Author Comment

by:patrickfreer
ID: 35181424
Ok the above was due to having two OU called "users" so i specified the correct OU and this worked. I was then able to run the "Test-OutlookConnectivity -Protocol:Http -verbose" command. this gave the following output:

 
ClientAccessServer   ServiceEndpoint                               Scenario                            Result  Latency
                                                                                                                  (MS)
------------------   ---------------                               --------                            ------  -------
server.domain.local    server.domain.local                             Autodiscover: Web service request.  Success   31.20
VERBOSE: [15:10:50.068 GMT] Test-OutlookConnectivity : RPC Endpoint = 'server.domain.local'
VERBOSE: [15:10:50.068 GMT] Test-OutlookConnectivity : Using connection parameters :
'domain.local\extest_9d767a9f2fda4: RpcProxy/RPC-over-HTTP, [server.domainsemail.com/Basic]'
VERBOSE: [15:10:50.068 GMT] Test-OutlookConnectivity : Pinging RpcProxy at the folling URL:
https://server.domainsemail.com/rpc/RpcProxy.dll.
VERBOSE: [15:10:50.068 GMT] Test-OutlookConnectivity : An unexpected exception occurred while pinging RpcProxy. The
most common reason for this occurring is that the IIS DefaultAppPool isn't running. Exception: The remote server
returned an error: (404) Not Found.
server.domain.local    server.domain.local                             RpcProxy::VerifyRpcProxy.           Failure   -1.00
VERBOSE: [15:10:50.068 GMT] Test-OutlookConnectivity : RPC Endpoint = 'server.domain.local'
VERBOSE: [15:10:50.068 GMT] Test-OutlookConnectivity : This step was skipped. This may have been caused by the failure
in a previous scenario. Operation = 'AddressbookTask::GetReferral'.
server.domain.local    server.domain.local                             RFRI::GetReferral.                  Skipped   -1.00
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : RPC Endpoint = 'server.domain.local'
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : This step was skipped. This may have been caused by the failure
in a previous scenario. Operation = 'AddressbookTask::GetProfile'.
server.domain.local    server.domain.local                             NSPI::GetProfileDetails.            Skipped   -1.00
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : RPC Endpoint = 'server.domain.local'
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : This step was skipped. This may have been caused by the failure
in a previous scenario. Operation = 'MailboxTask::Connect'.
server.domain.local    server.domain.local                             Mailbox::Connect.                   Skipped   -1.00
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : RPC Endpoint = 'server.domain.local'
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : This step was skipped. This may have been caused by the failure
in a previous scenario. Operation = 'MailboxTask::Logon'.
server.domain.local    server.domain.local                             Mailbox::Logon.                     Skipped   -1.00
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : Admin Audit Log: Entered Handler:OnComplete.
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : Ending processing &

Open in new window

0
 
LVL 1

Author Comment

by:patrickfreer
ID: 35181439
And yes i can telnet to the server on port 6004
0
 
LVL 7

Expert Comment

by:Saoi
ID: 35181481
and the output of get-OutlookAnywhere

Can you see the /Rpc and /RpcWithCert folders in IIS?
0
 
LVL 1

Author Comment

by:patrickfreer
ID: 35181509
I cannot seem to find /Rpc or /RpcWithCert folders listed in IIS.

Also the output of get-outlookanywhere:

 
[PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>Get-OutlookAnywhere
WARNING: Warning: "Rpc (Default Web Site)" was not found. Please ensure that the RPC over HTTP Proxy feature has been
added to server "server".


RunspaceId                      : ff171a0b-8943-4eef-895e-b3be43d4b149
ServerName                      : server
SSLOffloading                   : False
ExternalHostname                : server.domainsemail.com
ClientAuthenticationMethod      : Basic
IISAuthenticationMethods        : {Basic}
XropUrl                         :
MetabasePath                    : IIS://server.domain.local/W3SVC/1/ROOT/Rpc
Path                            :
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags         : {}
ExtendedProtectionSPNList       : {}
Server                          : server
AdminDisplayName                :
ExchangeVersion                 : 0.10 (14.0.100.0)
Name                            : Rpc (Default Web Site)
DistinguishedName               : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=server,CN=Servers,CN=Exchange Admini
                                  trative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=domain Mail,CN=Microsoft
                                  Exchange,CN=Services,CN=Configuration,DC=domain,DC=local
Identity                        : server\Rpc (Default Web Site)
Guid                            : 4cba025b-3dcf-4ec3-a3ab-1a63e0130a83
ObjectCategory                  : domain.local/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-Directory
ObjectClass                     : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}
WhenChanged                     : 16/03/2011 15:18:28
WhenCreated                     : 16/03/2011 08:53:35
WhenChangedUTC                  : 16/03/2011 15:18:28
WhenCreatedUTC                  : 16/03/2011 08:53:35
OrganizationId                  :
OriginatingServer               : server.domain.local
IsValid                         : True

Open in new window

0
 
LVL 7

Accepted Solution

by:
Saoi earned 2000 total points
ID: 35181646
Ok, that looks like our issue then!

There are some details here on how to recreate those two IIS folders: http://blog.chrislehr.com/2009/09/creating-rpc-directory-on-additional.htm

0
 
LVL 1

Assisted Solution

by:patrickfreer
patrickfreer earned 0 total points
ID: 35181701
Yes that was defiantly the issue, but it turns out RPC over HTTP was not installed. So under features of the server I installed it and all is working now.

Thanks for all the advice Saoi!
0
 
LVL 7

Expert Comment

by:Saoi
ID: 35181822
Glad to help - I almost asked if you'd installed RPC over HTTP :)
0
 
LVL 1

Author Closing Comment

by:patrickfreer
ID: 35221169
See Answer
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question