• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3627
  • Last Modified:

Outlook Anywere

I am having some issues setting up Outlook Anywhere using exchange 2010.

I have enabled Outlook Anywhere and attempted to connect using the following settings:

 image1 image2
On the server side we have 2008 R2 with Exchange 2010. We can connect to OWA and have configured are own certificate.

The certificate was setup by installing the certificate authority on the server; we created an exchange certificate and got this issued by our own certificate authority. After adding our certificate to the external client OWA has no problems with the certificate.

However when opening up outlook it asks for the username and password then brings up the following error:

 image3
Does anyone have any ideas on how to fix and/ or diagnose the issue?
0
patrickfreer
Asked:
patrickfreer
  • 9
  • 7
  • 5
  • +1
2 Solutions
 
SaoiCommented:
Hi,

Have you tried using the Exchange Connectivity Analyzer? https://www.testexchangeconnectivity.com/ Run the Outlook Anywhere Test and post back any errors :)

Sam
0
 
chakkoCommented:

In the Outlook setting for server name (same screen where you put your username).  Use the internal server name (same as you would put in the local LAN).
0
 
patrickfreerAuthor Commented:
Chakko the server name is set to my internal server name.

Saoi please see attached:

 oa-errors
Another note https://server.domain.com/owa works without any certificate errors.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
R--RCommented:
Open the certificate go to certificate path tab then you will the root certificate/chain.
Just highlight/select it and view certificate and install it.

Install all of them which you can see in the certificate path.
0
 
R--RCommented:
Install it on the PC from where you are setting up outlook for outlook anywhere.
0
 
R--RCommented:
0
 
SaoiCommented:
I'm pretty confident the certificate is not the issue - ExRCA doesn't take a private CA into account and won't trust it which is the error received there.

Can you run the following from your EXCH2010 server and show the results:

Test-OutlookConnectivity -Protocol:Http -verbose
0
 
patrickfreerAuthor Commented:
I have installed all the available certificates yet Outlook Anywhere still refuses to work.

When looking at the certificate that’s used for OWA the chain tab has the following:

 ww
Both blanked out fields contain the server.domain.com address.
0
 
patrickfreerAuthor Commented:
Test-OutlookConnectivity -Protocol:Http -verbose

 
[PS] C:\Windows\system32>Test-OutlookConnectivity -Protocol:Http -verbose
VERBOSE: [14:39:40.561 GMT] Test-OutlookConnectivity : Initializing Active Directory server settings for the remote
Windows PowerShell session.
VERBOSE: [14:39:40.561 GMT] Test-OutlookConnectivity : Active Directory session settings for 'Test-OutlookConnectivity'
 are: View Entire Forest: 'False', Default Scope: 'domain.local', Configuration Domain Controller: 'server.domain.local',
 Preferred Global Catalog: 'server.domain.local', Preferred Domain Controllers: '{ server.domain.local }'
VERBOSE: [14:39:40.561 GMT] Test-OutlookConnectivity : Runspace context: Executing user:
domain.local/Users/Administrator, Executing user organization: , Current organization: , RBAC-enabled: Enabled.
VERBOSE: [14:39:40.561 GMT] Test-OutlookConnectivity : Beginning processing &
VERBOSE: [14:39:40.624 GMT] Test-OutlookConnectivity : Instantiating handler with index 0 for cmdlet extension agent
"Admin Audit Log Agent".
VERBOSE: [14:39:40.670 GMT] Test-OutlookConnectivity : Current ScopeSet is: { Recipient Read Scope: {{, }}, Recipient
Write Scopes: {{, }}, Configuration Read Scope: {{, }}, Configuration Write Scope(s): {{, }, }, Exclusive Recipient
Scope(s): {}, Exclusive Configuration Scope(s): {} }
VERBOSE: [14:39:40.733 GMT] Test-OutlookConnectivity : Target Site =
'domain.local/Configuration/Sites/Default-First-Site-Name'
VERBOSE: [14:39:40.733 GMT] Test-OutlookConnectivity : Target Domain = 'domain.local'
VERBOSE: [14:39:40.873 GMT] Test-OutlookConnectivity : Admin Audit Log: Entered Handler:OnComplete.
VERBOSE: [14:39:41.060 GMT] Test-OutlookConnectivity : Target Site =
'domain.local/Configuration/Sites/Default-First-Site-Name'
VERBOSE: [14:39:41.060 GMT] Test-OutlookConnectivity : Target Domain = 'domain.local'
Failed to find the mailbox. Mailbox = 'extest_9d767a9f2fda4@domain.local'.
    + CategoryInfo          : OperationStopped: (Microsoft.Excha...onnectivityTask:TestOutlookConnectivityTask) [Test-
   OutlookConnectivity], MailboxNotFoundException
    + FullyQualifiedErrorId : 633F0BAD,Microsoft.Exchange.Monitoring.TestOutlookConnectivityTask

VERBOSE: [14:39:41.076 GMT] Test-OutlookConnectivity : Ending processing &
[PS] C:\Windows\system32>

Open in new window

0
 
R--RCommented:
Have you checked through  https://www.testexchangeconnectivity.com/ ?
0
 
SaoiCommented:
Ah, you'll need to run the "new-testcasconnectivityuser.ps1" script from your <exchange installation path>\Scripts folder. This will create the user and then re-run the test.
0
 
patrickfreerAuthor Commented:
new-testcasconnectivityuser.ps1 give the following error:

 
[PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\new-TestCasConnectivityUser.ps1
Please enter a temporary secure password for creating test users. For security purposes, the password will be changed r
egularly and automatically by the system.
Enter password: **************
Create test user on: server.domain.local
Click CTRL+Break to quit or click Enter to continue.:
CreateTestUser : Mailbox could not be created. Verify that OU ( Users ) exists and that password meets complexity requi
rements.
At C:\Program Files\Microsoft\Exchange Server\V14\Scripts\new-TestCasConnectivityUser.ps1:267 char:31
+       $result = CreateTestUser <<<<  $exchangeServer $mailboxServer $securePassword $OrganizationalUnit $UMDialPlan $
UMExtension $Prompt
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,CreateTestUser

Open in new window

0
 
R--RCommented:
Are you able to telnet server.domain.com 6004
6001 or 6002
0
 
patrickfreerAuthor Commented:
Ok the above was due to having two OU called "users" so i specified the correct OU and this worked. I was then able to run the "Test-OutlookConnectivity -Protocol:Http -verbose" command. this gave the following output:

 
ClientAccessServer   ServiceEndpoint                               Scenario                            Result  Latency
                                                                                                                  (MS)
------------------   ---------------                               --------                            ------  -------
server.domain.local    server.domain.local                             Autodiscover: Web service request.  Success   31.20
VERBOSE: [15:10:50.068 GMT] Test-OutlookConnectivity : RPC Endpoint = 'server.domain.local'
VERBOSE: [15:10:50.068 GMT] Test-OutlookConnectivity : Using connection parameters :
'domain.local\extest_9d767a9f2fda4: RpcProxy/RPC-over-HTTP, [server.domainsemail.com/Basic]'
VERBOSE: [15:10:50.068 GMT] Test-OutlookConnectivity : Pinging RpcProxy at the folling URL:
https://server.domainsemail.com/rpc/RpcProxy.dll.
VERBOSE: [15:10:50.068 GMT] Test-OutlookConnectivity : An unexpected exception occurred while pinging RpcProxy. The
most common reason for this occurring is that the IIS DefaultAppPool isn't running. Exception: The remote server
returned an error: (404) Not Found.
server.domain.local    server.domain.local                             RpcProxy::VerifyRpcProxy.           Failure   -1.00
VERBOSE: [15:10:50.068 GMT] Test-OutlookConnectivity : RPC Endpoint = 'server.domain.local'
VERBOSE: [15:10:50.068 GMT] Test-OutlookConnectivity : This step was skipped. This may have been caused by the failure
in a previous scenario. Operation = 'AddressbookTask::GetReferral'.
server.domain.local    server.domain.local                             RFRI::GetReferral.                  Skipped   -1.00
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : RPC Endpoint = 'server.domain.local'
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : This step was skipped. This may have been caused by the failure
in a previous scenario. Operation = 'AddressbookTask::GetProfile'.
server.domain.local    server.domain.local                             NSPI::GetProfileDetails.            Skipped   -1.00
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : RPC Endpoint = 'server.domain.local'
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : This step was skipped. This may have been caused by the failure
in a previous scenario. Operation = 'MailboxTask::Connect'.
server.domain.local    server.domain.local                             Mailbox::Connect.                   Skipped   -1.00
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : RPC Endpoint = 'server.domain.local'
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : This step was skipped. This may have been caused by the failure
in a previous scenario. Operation = 'MailboxTask::Logon'.
server.domain.local    server.domain.local                             Mailbox::Logon.                     Skipped   -1.00
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : Admin Audit Log: Entered Handler:OnComplete.
VERBOSE: [15:10:50.084 GMT] Test-OutlookConnectivity : Ending processing &

Open in new window

0
 
patrickfreerAuthor Commented:
And yes i can telnet to the server on port 6004
0
 
SaoiCommented:
and the output of get-OutlookAnywhere

Can you see the /Rpc and /RpcWithCert folders in IIS?
0
 
patrickfreerAuthor Commented:
I cannot seem to find /Rpc or /RpcWithCert folders listed in IIS.

Also the output of get-outlookanywhere:

 
[PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>Get-OutlookAnywhere
WARNING: Warning: "Rpc (Default Web Site)" was not found. Please ensure that the RPC over HTTP Proxy feature has been
added to server "server".


RunspaceId                      : ff171a0b-8943-4eef-895e-b3be43d4b149
ServerName                      : server
SSLOffloading                   : False
ExternalHostname                : server.domainsemail.com
ClientAuthenticationMethod      : Basic
IISAuthenticationMethods        : {Basic}
XropUrl                         :
MetabasePath                    : IIS://server.domain.local/W3SVC/1/ROOT/Rpc
Path                            :
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags         : {}
ExtendedProtectionSPNList       : {}
Server                          : server
AdminDisplayName                :
ExchangeVersion                 : 0.10 (14.0.100.0)
Name                            : Rpc (Default Web Site)
DistinguishedName               : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=server,CN=Servers,CN=Exchange Admini
                                  trative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=domain Mail,CN=Microsoft
                                  Exchange,CN=Services,CN=Configuration,DC=domain,DC=local
Identity                        : server\Rpc (Default Web Site)
Guid                            : 4cba025b-3dcf-4ec3-a3ab-1a63e0130a83
ObjectCategory                  : domain.local/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-Directory
ObjectClass                     : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}
WhenChanged                     : 16/03/2011 15:18:28
WhenCreated                     : 16/03/2011 08:53:35
WhenChangedUTC                  : 16/03/2011 15:18:28
WhenCreatedUTC                  : 16/03/2011 08:53:35
OrganizationId                  :
OriginatingServer               : server.domain.local
IsValid                         : True

Open in new window

0
 
SaoiCommented:
Ok, that looks like our issue then!

There are some details here on how to recreate those two IIS folders: http://blog.chrislehr.com/2009/09/creating-rpc-directory-on-additional.htm

0
 
patrickfreerAuthor Commented:
Yes that was defiantly the issue, but it turns out RPC over HTTP was not installed. So under features of the server I installed it and all is working now.

Thanks for all the advice Saoi!
0
 
SaoiCommented:
Glad to help - I almost asked if you'd installed RPC over HTTP :)
0
 
patrickfreerAuthor Commented:
See Answer
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 9
  • 7
  • 5
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now