• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 582
  • Last Modified:

RPC\HTTP Connectivity Test

I have a mailbox on Exchange 2010 and cannot get RPC\HTTP to work for me, but it does work for 2003 mailbox users. Here are the results for the exchange connectivity test attached.

You may also want to look at this message I posted earlier for additional info:



http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_27379433.html email-test
0
tolinrome
Asked:
tolinrome
  • 16
  • 15
  • +1
1 Solution
 
Alan HardistyCommented:
Is your cert a SAN / UCC SSL cert with the following names included:

webmail.externaldomain.com (or whatever you have chosen)
autodiscover.externaldomain.com
internalservername.internaldomainname.local
internalservername

If not - then you will have problems.
0
 
Neil RussellTechnical Development LeadCommented:
Your accessing with a url that does not match the certificate name
0
 
AkhaterCommented:
your setup is not correct

1) mail.domain.com is pointing to your exchange 2003 server
2) webmail.domain.com is pointing to your exchange 2010 server

so you will need to change the
1) autodiscover.domain.com to point to exchange 2010
2) change the URL of outlook anywhere to use webmail.domain.com and not mail.domain.com
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
tolinromeAuthor Commented:
alanhardisty - the answer to your questions are yes, so there should be no problems with certificates.

Akhater - autodiscover.domainname.com is pointing to the Exchange 2010 in the firewall.
If I cahnge the URL of outlook anywhere on 2010 to webmail.domainname.com then wouldnt all the clients not be able to connect RPC\HTTP since their settings in Outlook are for mail.domainname.com?

btw, where and how do I change the the URL for Outlook anywhere? On ther Server Configuration properties on the Outlook anywhere tab in 2010? Just want to make sure.

Thanks!
0
 
AkhaterCommented:
>autodiscover.domainname.com is pointing to the Exchange 2010 in the firewall.<
   Good



>>If I cahnge the URL of outlook anywhere on 2010 to webmail.domainname.com then wouldnt all the clients not be able to connect RPC\HTTP since their settings in Outlook are for mail.domainname.com?<<

clients who's mailbox are on 2010 should connect to 2010 and not 2003, you can't expect 2003 server to serve 2010 clients


>btw, where and how do I change the the URL for Outlook anywhere? On ther Server Configuration properties on the Outlook anywhere tab in 2010? Just want to make sure.<

yes in EMC -> server config -> Client access -> select your cas and go to properites, what is the url of outlook anywhere set to ?
0
 
tolinromeAuthor Commented:
On 2010 Outlook anywhere is set to mail.domainname.com

I understand that the 2003 server cant serve 2010 mailboxes but I know there is redirection going on and I wanted to make sure that if I change the URL to mail.domainname.com then it wont effect 2003 clients.


Also, maybe this has something to do with the problem??
http://www.cgoosen.com/2010/11/outlook-anywhere-and-wildcard-certificates/

If I use the suggested command here below I just wan tto make sure I can revert back if something goes wrong.
Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:*.domain.com

0
 
tolinromeAuthor Commented:
btw, webmail https://webmail.domainname.com doesnt work for 2010 users as well, only 2003 users.
0
 
AkhaterCommented:
On 2010 Outlook anywhere is set to mail.domainname.com <<

and mail.domain.com is pointing to 2003 so you should change this to webmail.domain.com and no the settings you do on 2010 will not affect 2003 clients

No it has nothing to do with this problem change the url to webmail and all shld work
0
 
AkhaterCommented:
change the url to webmail.domain.com and run test exchange connectivity again
0
 
tolinromeAuthor Commented:
It didnt work. So I then changed the firewall to point mail to the Exchange 2010 server (I also changed mail to webmail.domainname.com in Outlook anywhere) and after running the exchange connectivity test it is the same as I originally posted but this time it says:

"the certificate common name mail.domainname.com" doesnt validate against the mutual authentication string that was provided: msstd:webmail.domainame.com"

Even internally when I go to https://webmail.domainname.com I still cant get mail for a 2010 user.
0
 
AkhaterCommented:
I never told you to change the firewall of mail to point to 2010 server !

All I told you to do is change the URL in outlook anywhere to webmail instead of mail, you say you did this right ?



>"the certificate common name mail.domainname.com" doesnt validate against the mutual authentication string that was provided: msstd:webmail.domainame.com"<

means that the changes didn't take place yet, can you reboot your 2010 server ?
0
 
tolinromeAuthor Commented:
I made the change as you suggested and reset IIS and it didnt work , then I restarted the 2010 server and still didnt work. The firewall is the same as it was before any changes were made and is pointing mail to the 2003 mail server.

After changing the Outlook anywhere to webmail.domainname.com I stil cannot login internally to webmail and when I tested from a couple of minutes ago I got the same error:

the certificate common name mail.domainname.com doesnt validate against the mutual authentication string that was provided: msstd:webmail.domainame.com

I'm sorry but I'm not sure why it isnt working and I appreciate your help.

0
 
AkhaterCommented:
can you give me a username/pass to test?
0
 
tolinromeAuthor Commented:
is there anyway I can give it to you in private, since I wouldnt want the domain info etc posted?
0
 
AkhaterCommented:
go to http://www.zerohoursleep.com/contact just make sure to write more than 30 characters
0
 
tolinromeAuthor Commented:
ok, it was sent, please contact me via email.
0
 
AkhaterCommented:
there is something fishy it seems you did run the Set-OutlookProvider command didn't you ?


run get-outlookprovider and send me the result
0
 
tolinromeAuthor Commented:
No, I didnt run that command. Here are the results you requested.


outlook-provider.JPG
0
 
AkhaterCommented:
weird because now I am having exactly the opposite result


The certificate common name webmail.domain.com doesn't validate against the mutual authentication string that was provided: msstd:mail.domain.com

when before it was msstd:webmail.domain.com


you did change the url in outlookanywhere server right ?

if you did now it is time to run
Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:webmail.domain.com

tell me once done please
0
 
tolinromeAuthor Commented:
the url in outlook anywhere is now "mail.domainname.com" - when you asked me to change it yesterday to "webmail.domainname.com" it didnt work so I cahnged it back to what it was originally.

What shoudl I do?
0
 
AkhaterCommented:
please change it to webmail.domain.com and do not run set-outlookprovider yet

let me know when done
0
 
tolinromeAuthor Commented:
ok changed to webmail.
0
 
AkhaterCommented:
ok good things are a bit more "normal" now please run

Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:mail.domain.com
0
 
tolinromeAuthor Commented:
ok, if I run that and something "goes wrong" how can I set it back to before I ran it?
0
 
AkhaterCommented:
yes we can set it back


Set-OutlookProvider expr -CertPrincipalName:$null
0
 
tolinromeAuthor Commented:
what does this command do to fix the problem?
0
 
AkhaterCommented:
please let me know once you run it
0
 
tolinromeAuthor Commented:
ok did it.
0
 
AkhaterCommented:
working perfectly now
0
 
tolinromeAuthor Commented:
but now webmail.domainname.com is down
0
 
AkhaterCommented:
what do you mean by down ?
0
 
tolinromeAuthor Commented:
1. users with mailboxes on 2010 - they get the 2010 logon screen but cant logon - just freezes. (this should work once I direct mail in the firewall to the 2010 server?)

2. Users with 2003 mailboxes can connect to 2003 OWA.

3.  for some reason now internally when I go to webmail.domainname.com it doesnt resolve - just keeps trying and waiting... How did the changes I make effect that?
0
 
AkhaterCommented:
OWA was not working to start with, you have another thread for it opened and I am helping you there.

for point 3 you need to check your dns and/or proxy settings, what we did doesn't affect in anyway dns resolution nor owa

0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 16
  • 15
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now