Exchange 2007 Mail Over HTTPS / Outlook Anywhere Not Working

I have a single Exchange 2007 Server Service Pack 2 running on Windows Server 2008 Service Pack 1.  I have installed a UCC certificate issued by Godaddy with all the relevant alternate names including autodiscover.  Port 443 is open and points to my mailserver.  everything seems to be in order but I cannot configure any clients on the WAN, I have not tried from the LAN.  Outlook finds the autodiscover information and starts to configure the server then I get a single logon box appearing which does not connect.

I have run with a test account and it fails at the following step:

Testing the Name Service Provider Interface (NSPI) on the Exchange Mailbox server.
  An error occurred while testing the NSPI RPC endpoint.
   Test Steps
   Attempting to ping RPC endpoint 6004 (NSPI Proxy Interface) on server
  The attempt to ping the endpoint failed.
   Tell me more about this issue and how to resolve it
   Additional Details
  The RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime process.
 test exchange failure
I have browsed to my external names using https and I get the expected IIS 7 screen with a valid certificate, so the certificate seems to be ok.

I beleive I have all the relevant entries in the registry shown below:

 Registry Key
I can telnet from the server on to itself on ports 6001, 6002 and 6004.

Any ideas what I can check now?

Thanks in advance,

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.


Have you installed the RPC over HTTP proxy component and enabled Outlook Anywhere in the management console on your CAS server?
tonyperthAuthor Commented:
Hello ncollings, thanks for your reply.

Yes, I have installed the feature "RPC over HTTP Proxy" in server manager and enabled Outlook Anywhere in the Exchnage Managemnt Console.
Does OWA work from the WAN? Also can you re-run the test but use manual settings not autodiscover.
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

tonyperthAuthor Commented:
Yes OWA works perfectly from the WAN.  Without autodiscover I get the same results.
Does the WAN interface have IPv6 enabled? If so would it be possible to disable this and re-run the test?
tonyperthAuthor Commented:
No IPv6 has been disabled.

can you browse to:

 https://<WAN ADDRESS>/rpc/rpcproxy.dll

You should get a blank page
tonyperthAuthor Commented:
It asks me for logon details?
tonyperthAuthor Commented:
The RPC site was not allowing Windows Authentication.  It is now and I can log on to see a blank page.  The problem is still the same though.
Please try the site with just basic authentication enabled and nothing else
tonyperthAuthor Commented:
Sorry I think I was getting the password wrong initially.

With only basic authentication enabled it asks me to logon, once it has credentials it is happy with I get the blank page.
tonyperthAuthor Commented:
any other thoughts ncolings?
Please confirm this test with the testexchangeconnectivity site:

Outlook Anywhere (RPC over HTTP)
Fill all the boxes and select "Manually specify server settings"
"RPC proxy server" should be the external url without https or path (
"Exchange server" should be the internal netbios name of the server (EXCH-2K7)
"RPC proxy authentication method" must be "Basic"
tonyperthAuthor Commented:
Hello ncollings,

I have rerun the test and entered the info as you have instructed and got the exact same reults as before.  See my initial screen dump for details.

Where now? :)
On the CAS server, ping localhost
what is the response you receive?

if you receive something like ::1

--> Open the host(s) file on the CAS server
(you may need to take owner-ship to edit the hosts file)
a) comment out the line "::1 xxxx" (note # is for commenting the line)
b) Enter the IP-v4 address against the FQDN or netbios name of the server

Then test the Outlook anywhere again?
tonyperthAuthor Commented:
Hello e aravind,

thank's for your help.  When I ping localhost I get the expected resopnse below:

Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.XXXXXXXX>ping localhost

Pinging [] with 32 bytes of data:
Reply from bytes=32 time<1ms TTL=128
Reply from bytes=32 time<1ms TTL=128
Reply from bytes=32 time<1ms TTL=128
Reply from bytes=32 time<1ms TTL=128

Ping statistics for
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

Any other ideas?

I can telnet from the server on to itself on ports 6001, 6002 and 6004

>> do you see the return banner from all of these ports?
Sometimes you wont see the banner response for the port #6004
tonyperthAuthor Commented:
Same response to all three, shown below:


so, in general\normal\working conditions you are receiving the responses as ncacn_http.

Can you test the same during the time of the issue?
Is this issue affecting all the mailbox at a point of time? or only for few mailboxes?
tonyperthAuthor Commented:
Hello e Aravind,

I am afraid there is no "time" of the issue.  At all times outlook anywhere is unavailable for all mailboxes.  I can't get it to work at all.

On the Mailbox server:
Then, add or modify the following DWORD registry values:
Description: Maximum Work Items
Value Name: MaxWorkItems
Data Type: REG_DWORD
Value data: 0x2000 or 8192 (decimal)

Do an IISreset & also restart MS Exchange System Attendant service.

Related (some-what)
tonyperthAuthor Commented:
Hello e aravind,

I added the key, reset IIS and restarted the MS Exchange System Attendant service.  I then re-ran the test  from and got exactly the same results as before.

Should I remove the registry entry?

Can you test the Outlook-anywhere by launching the Outlook?
Try and check the Outlook from few client machines too
tonyperthAuthor Commented:
Using Outlook 2010 it searches for my email addresses server settings and a logon box pops up named "Connect to autodiscover.XXXX" and says "Welcome to the autodiscover.XXXX".  I entered my username and password and clicked OK.

I received an error stating

"The action cannot be completed.  The connection to microsoft exchange in unavailable.  Outlook must be online or connected to complete this action."

Once I click on OK I get the option to add the name of the mailserver and mailbox and check name.  If I put in the details I receive another error stating

"The name cannot be resolved.  The connection to microsoft exchange in unavailable.  Outlook must be online or connected to complete this action."

The autodiscover seems to be working ok as it puts all the correct names in etc, it just can't connect.  I also get the same results if I enter the info manually.

Just in case, if you fire-open the Outlook...check the Outlook>connection-propeties from the we see any https connections? (atleast 1 or 2 successful connections?)
tonyperthAuthor Commented:
Sorry for the delay, I thought I had already responded.  I checked the connections on an internal and external, and with Outlook Anywhere configured there are no connections at all.  Checked using outlook /rpcdiag
tonyperthAuthor Commented:
no more help was offered, and never resolved the issue.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tonyperthAuthor Commented:
never resolved
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.