tolinrome
asked on
RPC\HTTP Connectivity Test
I have a mailbox on Exchange 2010 and cannot get RPC\HTTP to work for me, but it does work for 2003 mailbox users. Here are the results for the exchange connectivity test attached.
You may also want to look at this message I posted earlier for additional info:
https://www.experts-exchange.com/questions/27379433/Exchange-2003-2010-OWA-logon.html
You may also want to look at this message I posted earlier for additional info:
https://www.experts-exchange.com/questions/27379433/Exchange-2003-2010-OWA-logon.html
Your accessing with a url that does not match the certificate name
your setup is not correct
1) mail.domain.com is pointing to your exchange 2003 server
2) webmail.domain.com is pointing to your exchange 2010 server
so you will need to change the
1) autodiscover.domain.com to point to exchange 2010
2) change the URL of outlook anywhere to use webmail.domain.com and not mail.domain.com
1) mail.domain.com is pointing to your exchange 2003 server
2) webmail.domain.com is pointing to your exchange 2010 server
so you will need to change the
1) autodiscover.domain.com to point to exchange 2010
2) change the URL of outlook anywhere to use webmail.domain.com and not mail.domain.com
ASKER
alanhardisty - the answer to your questions are yes, so there should be no problems with certificates.
Akhater - autodiscover.domainname.co m is pointing to the Exchange 2010 in the firewall.
If I cahnge the URL of outlook anywhere on 2010 to webmail.domainname.com then wouldnt all the clients not be able to connect RPC\HTTP since their settings in Outlook are for mail.domainname.com?
btw, where and how do I change the the URL for Outlook anywhere? On ther Server Configuration properties on the Outlook anywhere tab in 2010? Just want to make sure.
Thanks!
Akhater - autodiscover.domainname.co
If I cahnge the URL of outlook anywhere on 2010 to webmail.domainname.com then wouldnt all the clients not be able to connect RPC\HTTP since their settings in Outlook are for mail.domainname.com?
btw, where and how do I change the the URL for Outlook anywhere? On ther Server Configuration properties on the Outlook anywhere tab in 2010? Just want to make sure.
Thanks!
>autodiscover.domainname.c om is pointing to the Exchange 2010 in the firewall.<
Good
>>If I cahnge the URL of outlook anywhere on 2010 to webmail.domainname.com then wouldnt all the clients not be able to connect RPC\HTTP since their settings in Outlook are for mail.domainname.com?<<
clients who's mailbox are on 2010 should connect to 2010 and not 2003, you can't expect 2003 server to serve 2010 clients
>btw, where and how do I change the the URL for Outlook anywhere? On ther Server Configuration properties on the Outlook anywhere tab in 2010? Just want to make sure.<
yes in EMC -> server config -> Client access -> select your cas and go to properites, what is the url of outlook anywhere set to ?
Good
>>If I cahnge the URL of outlook anywhere on 2010 to webmail.domainname.com then wouldnt all the clients not be able to connect RPC\HTTP since their settings in Outlook are for mail.domainname.com?<<
clients who's mailbox are on 2010 should connect to 2010 and not 2003, you can't expect 2003 server to serve 2010 clients
>btw, where and how do I change the the URL for Outlook anywhere? On ther Server Configuration properties on the Outlook anywhere tab in 2010? Just want to make sure.<
yes in EMC -> server config -> Client access -> select your cas and go to properites, what is the url of outlook anywhere set to ?
ASKER
On 2010 Outlook anywhere is set to mail.domainname.com
I understand that the 2003 server cant serve 2010 mailboxes but I know there is redirection going on and I wanted to make sure that if I change the URL to mail.domainname.com then it wont effect 2003 clients.
Also, maybe this has something to do with the problem??
http://www.cgoosen.com/2010/11/outlook-anywhere-and-wildcard-certificates/
If I use the suggested command here below I just wan tto make sure I can revert back if something goes wrong.
Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:*.domain.com
I understand that the 2003 server cant serve 2010 mailboxes but I know there is redirection going on and I wanted to make sure that if I change the URL to mail.domainname.com then it wont effect 2003 clients.
Also, maybe this has something to do with the problem??
http://www.cgoosen.com/2010/11/outlook-anywhere-and-wildcard-certificates/
If I use the suggested command here below I just wan tto make sure I can revert back if something goes wrong.
Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:*.domain.com
ASKER
btw, webmail https://webmail.domainname.com doesnt work for 2010 users as well, only 2003 users.
On 2010 Outlook anywhere is set to mail.domainname.com <<
and mail.domain.com is pointing to 2003 so you should change this to webmail.domain.com and no the settings you do on 2010 will not affect 2003 clients
No it has nothing to do with this problem change the url to webmail and all shld work
and mail.domain.com is pointing to 2003 so you should change this to webmail.domain.com and no the settings you do on 2010 will not affect 2003 clients
No it has nothing to do with this problem change the url to webmail and all shld work
change the url to webmail.domain.com and run test exchange connectivity again
ASKER
It didnt work. So I then changed the firewall to point mail to the Exchange 2010 server (I also changed mail to webmail.domainname.com in Outlook anywhere) and after running the exchange connectivity test it is the same as I originally posted but this time it says:
"the certificate common name mail.domainname.com" doesnt validate against the mutual authentication string that was provided: msstd:webmail.domainame.co m"
Even internally when I go to https://webmail.domainname.com I still cant get mail for a 2010 user.
"the certificate common name mail.domainname.com" doesnt validate against the mutual authentication string that was provided: msstd:webmail.domainame.co
Even internally when I go to https://webmail.domainname.com I still cant get mail for a 2010 user.
I never told you to change the firewall of mail to point to 2010 server !
All I told you to do is change the URL in outlook anywhere to webmail instead of mail, you say you did this right ?
>"the certificate common name mail.domainname.com" doesnt validate against the mutual authentication string that was provided: msstd:webmail.domainame.co m"<
means that the changes didn't take place yet, can you reboot your 2010 server ?
All I told you to do is change the URL in outlook anywhere to webmail instead of mail, you say you did this right ?
>"the certificate common name mail.domainname.com" doesnt validate against the mutual authentication string that was provided: msstd:webmail.domainame.co
means that the changes didn't take place yet, can you reboot your 2010 server ?
ASKER
I made the change as you suggested and reset IIS and it didnt work , then I restarted the 2010 server and still didnt work. The firewall is the same as it was before any changes were made and is pointing mail to the 2003 mail server.
After changing the Outlook anywhere to webmail.domainname.com I stil cannot login internally to webmail and when I tested from a couple of minutes ago I got the same error:
the certificate common name mail.domainname.com doesnt validate against the mutual authentication string that was provided: msstd:webmail.domainame.co m
I'm sorry but I'm not sure why it isnt working and I appreciate your help.
After changing the Outlook anywhere to webmail.domainname.com I stil cannot login internally to webmail and when I tested from a couple of minutes ago I got the same error:
the certificate common name mail.domainname.com doesnt validate against the mutual authentication string that was provided: msstd:webmail.domainame.co
I'm sorry but I'm not sure why it isnt working and I appreciate your help.
can you give me a username/pass to test?
ASKER
is there anyway I can give it to you in private, since I wouldnt want the domain info etc posted?
go to http://www.zerohoursleep.com/contact just make sure to write more than 30 characters
ASKER
ok, it was sent, please contact me via email.
there is something fishy it seems you did run the Set-OutlookProvider command didn't you ?
run get-outlookprovider and send me the result
run get-outlookprovider and send me the result
ASKER
weird because now I am having exactly the opposite result
The certificate common name webmail.domain.com doesn't validate against the mutual authentication string that was provided: msstd:mail.domain.com
when before it was msstd:webmail.domain.com
you did change the url in outlookanywhere server right ?
if you did now it is time to run
Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:webmail.domain.com
tell me once done please
The certificate common name webmail.domain.com doesn't validate against the mutual authentication string that was provided: msstd:mail.domain.com
when before it was msstd:webmail.domain.com
you did change the url in outlookanywhere server right ?
if you did now it is time to run
Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:webmail.domain.com
tell me once done please
ASKER
the url in outlook anywhere is now "mail.domainname.com" - when you asked me to change it yesterday to "webmail.domainname.com" it didnt work so I cahnged it back to what it was originally.
What shoudl I do?
What shoudl I do?
please change it to webmail.domain.com and do not run set-outlookprovider yet
let me know when done
let me know when done
ASKER
ok changed to webmail.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ok, if I run that and something "goes wrong" how can I set it back to before I ran it?
yes we can set it back
Set-OutlookProvider expr -CertPrincipalName:$null
Set-OutlookProvider expr -CertPrincipalName:$null
ASKER
what does this command do to fix the problem?
please let me know once you run it
ASKER
ok did it.
working perfectly now
ASKER
but now webmail.domainname.com is down
what do you mean by down ?
ASKER
1. users with mailboxes on 2010 - they get the 2010 logon screen but cant logon - just freezes. (this should work once I direct mail in the firewall to the 2010 server?)
2. Users with 2003 mailboxes can connect to 2003 OWA.
3. for some reason now internally when I go to webmail.domainname.com it doesnt resolve - just keeps trying and waiting... How did the changes I make effect that?
2. Users with 2003 mailboxes can connect to 2003 OWA.
3. for some reason now internally when I go to webmail.domainname.com it doesnt resolve - just keeps trying and waiting... How did the changes I make effect that?
OWA was not working to start with, you have another thread for it opened and I am helping you there.
for point 3 you need to check your dns and/or proxy settings, what we did doesn't affect in anyway dns resolution nor owa
for point 3 you need to check your dns and/or proxy settings, what we did doesn't affect in anyway dns resolution nor owa
webmail.externaldomain.com
autodiscover.externaldomai
internalservername.interna
internalservername
If not - then you will have problems.