tonyperth
asked on
Exchange 2007 Mail Over HTTPS / Outlook Anywhere Not Working
I have a single Exchange 2007 Server Service Pack 2 running on Windows Server 2008 Service Pack 1. I have installed a UCC certificate issued by Godaddy with all the relevant alternate names including autodiscover. Port 443 is open and points to my mailserver. everything seems to be in order but I cannot configure any clients on the WAN, I have not tried from the LAN. Outlook finds the autodiscover information and starts to configure the server then I get a single logon box appearing which does not connect.
I have run https://www.testexchangeconnectivity.com with a test account and it fails at the following step:
Testing the Name Service Provider Interface (NSPI) on the Exchange Mailbox server.
An error occurred while testing the NSPI RPC endpoint.
Test Steps
Attempting to ping RPC endpoint 6004 (NSPI Proxy Interface) on server MAIL-SERVER.MyDomain.offic e.
The attempt to ping the endpoint failed.
Tell me more about this issue and how to resolve it
Additional Details
The RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime process.
I have browsed to my external names using https and I get the expected IIS 7 screen with a valid certificate, so the certificate seems to be ok.
I beleive I have all the relevant entries in the registry shown below:
I can telnet from the server on to itself on ports 6001, 6002 and 6004.
Any ideas what I can check now?
Thanks in advance,
Tony
I have run https://www.testexchangeconnectivity.com with a test account and it fails at the following step:
Testing the Name Service Provider Interface (NSPI) on the Exchange Mailbox server.
An error occurred while testing the NSPI RPC endpoint.
Test Steps
Attempting to ping RPC endpoint 6004 (NSPI Proxy Interface) on server MAIL-SERVER.MyDomain.offic
The attempt to ping the endpoint failed.
Tell me more about this issue and how to resolve it
Additional Details
The RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime process.
I have browsed to my external names using https and I get the expected IIS 7 screen with a valid certificate, so the certificate seems to be ok.
I beleive I have all the relevant entries in the registry shown below:
I can telnet from the server on to itself on ports 6001, 6002 and 6004.
Any ideas what I can check now?
Thanks in advance,
Tony
ASKER
Hello ncollings, thanks for your reply.
Yes, I have installed the feature "RPC over HTTP Proxy" in server manager and enabled Outlook Anywhere in the Exchnage Managemnt Console.
Yes, I have installed the feature "RPC over HTTP Proxy" in server manager and enabled Outlook Anywhere in the Exchnage Managemnt Console.
Does OWA work from the WAN? Also can you re-run the test but use manual settings not autodiscover.
ASKER
Yes OWA works perfectly from the WAN. Without autodiscover I get the same results.
Does the WAN interface have IPv6 enabled? If so would it be possible to disable this and re-run the test?
ASKER
It asks me for logon details?
ASKER
The RPC site was not allowing Windows Authentication. It is now and I can log on to see a blank page. The problem is still the same though.
Please try the site with just basic authentication enabled and nothing else
ASKER
Sorry I think I was getting the password wrong initially.
With only basic authentication enabled it asks me to logon, once it has credentials it is happy with I get the blank page.
With only basic authentication enabled it asks me to logon, once it has credentials it is happy with I get the blank page.
ASKER
any other thoughts ncolings?
Please confirm this test with the testexchangeconnectivity site:
Outlook Anywhere (RPC over HTTP)
Fill all the boxes and select "Manually specify server settings"
Use "DOMAIN\USER" not UPN
"RPC proxy server" should be the external url without https or path (mail.company.com)
"Exchange server" should be the internal netbios name of the server (EXCH-2K7)
"RPC proxy authentication method" must be "Basic"
Outlook Anywhere (RPC over HTTP)
Fill all the boxes and select "Manually specify server settings"
Use "DOMAIN\USER" not UPN
"RPC proxy server" should be the external url without https or path (mail.company.com)
"Exchange server" should be the internal netbios name of the server (EXCH-2K7)
"RPC proxy authentication method" must be "Basic"
ASKER
Hello ncollings,
I have rerun the test and entered the info as you have instructed and got the exact same reults as before. See my initial screen dump for details.
Where now? :)
I have rerun the test and entered the info as you have instructed and got the exact same reults as before. See my initial screen dump for details.
Where now? :)
On the CAS server, ping localhost
what is the response you receive?
if you receive something like ::1
--> Open the host(s) file on the CAS server
(you may need to take owner-ship to edit the hosts file)
a) comment out the line "::1 xxxx" (note # is for commenting the line)
b) Enter the IP-v4 address against the FQDN or netbios name of the server
Then test the Outlook anywhere again?
what is the response you receive?
if you receive something like ::1
--> Open the host(s) file on the CAS server
(you may need to take owner-ship to edit the hosts file)
a) comment out the line "::1 xxxx" (note # is for commenting the line)
b) Enter the IP-v4 address against the FQDN or netbios name of the server
Then test the Outlook anywhere again?
ASKER
Hello e aravind,
thank's for your help. When I ping localhost I get the expected resopnse below:
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.XXX XXXXX>ping localhost
Pinging MAIL-SERVER.XXXXXXXX.offic e [127.0.0.1] with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Any other ideas?
Tony
thank's for your help. When I ping localhost I get the expected resopnse below:
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.XXX
Pinging MAIL-SERVER.XXXXXXXX.offic
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Any other ideas?
Tony
I can telnet from the server on to itself on ports 6001, 6002 and 6004
>> do you see the return banner from all of these ports?
Sometimes you wont see the banner response for the port #6004
>> do you see the return banner from all of these ports?
Sometimes you wont see the banner response for the port #6004
ASKER
Same response to all three, shown below:
ncacn_http/1.0
ncacn_http/1.0
so, in general\normal\working conditions you are receiving the responses as ncacn_http.
Can you test the same during the time of the issue?
Is this issue affecting all the mailbox at a point of time? or only for few mailboxes?
Can you test the same during the time of the issue?
Is this issue affecting all the mailbox at a point of time? or only for few mailboxes?
ASKER
Hello e Aravind,
I am afraid there is no "time" of the issue. At all times outlook anywhere is unavailable for all mailboxes. I can't get it to work at all.
Tony
I am afraid there is no "time" of the issue. At all times outlook anywhere is unavailable for all mailboxes. I can't get it to work at all.
Tony
On the Mailbox server:
Locate:
HKEY_LOCAL_MACHINE\SYSTEM\ CurrentCon trolSet\Se rvices\lan manserver\ parameters
Then, add or modify the following DWORD registry values:
Description: Maximum Work Items
Value Name: MaxWorkItems
Data Type: REG_DWORD
Value data: 0x2000 or 8192 (decimal)
Do an IISreset & also restart MS Exchange System Attendant service.
Related (some-what)
==============
http://support.microsoft.com/kb/317249
http://support.microsoft.com/kb/232476
Locate:
HKEY_LOCAL_MACHINE\SYSTEM\
Then, add or modify the following DWORD registry values:
Description: Maximum Work Items
Value Name: MaxWorkItems
Data Type: REG_DWORD
Value data: 0x2000 or 8192 (decimal)
Do an IISreset & also restart MS Exchange System Attendant service.
Related (some-what)
==============
http://support.microsoft.com/kb/317249
http://support.microsoft.com/kb/232476
ASKER
Hello e aravind,
I added the key, reset IIS and restarted the MS Exchange System Attendant service. I then re-ran the test from testexchangeconnectivity.c om and got exactly the same results as before.
Should I remove the registry entry?
Tony
I added the key, reset IIS and restarted the MS Exchange System Attendant service. I then re-ran the test from testexchangeconnectivity.c
Should I remove the registry entry?
Tony
Can you test the Outlook-anywhere by launching the Outlook?
Try and check the Outlook from few client machines too
Try and check the Outlook from few client machines too
ASKER
Using Outlook 2010 it searches for my email addresses server settings and a logon box pops up named "Connect to autodiscover.XXXX" and says "Welcome to the autodiscover.XXXX". I entered my username and password and clicked OK.
I received an error stating
"The action cannot be completed. The connection to microsoft exchange in unavailable. Outlook must be online or connected to complete this action."
Once I click on OK I get the option to add the name of the mailserver and mailbox and check name. If I put in the details I receive another error stating
"The name cannot be resolved. The connection to microsoft exchange in unavailable. Outlook must be online or connected to complete this action."
The autodiscover seems to be working ok as it puts all the correct names in etc, it just can't connect. I also get the same results if I enter the info manually.
I received an error stating
"The action cannot be completed. The connection to microsoft exchange in unavailable. Outlook must be online or connected to complete this action."
Once I click on OK I get the option to add the name of the mailserver and mailbox and check name. If I put in the details I receive another error stating
"The name cannot be resolved. The connection to microsoft exchange in unavailable. Outlook must be online or connected to complete this action."
The autodiscover seems to be working ok as it puts all the correct names in etc, it just can't connect. I also get the same results if I enter the info manually.
Just in case, if you fire-open the Outlook...check the Outlook>connection-propeti es from the system-tray....do we see any https connections? (atleast 1 or 2 successful connections?)
ASKER
Sorry for the delay, I thought I had already responded. I checked the connections on an internal and external, and with Outlook Anywhere configured there are no connections at all. Checked using outlook /rpcdiag
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
never resolved
Have you installed the RPC over HTTP proxy component and enabled Outlook Anywhere in the management console on your CAS server?