• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 562
  • Last Modified:

set up outlook anywhere on office 2010 with exchange 2007

I am trying to set up outlook anywhere on my server and for my endusers. I setup the exchange tab to use the external host name of exmail.lltc.edu and basic authentication. I have a certificate of that name exmail.lltc.edu for our owa. Is there more to setting up the exchange than clicking on a tab and enabling it and added a host name? Will that work for this? When I try to configure my outlook to connect to the server from these settings I either a cannot find host name or the certificate does not match. Do I need to purchase a new certificate for this to work?

What other steps do I need to try in order to get this working? what am I missing? From the internet world my outlook cannot connect inside my network or see that name exmail.lltc.edu.
0
LLTC
Asked:
LLTC
  • 11
  • 11
1 Solution
 
JohnGrunwellCommented:
You want this to work internal as well as external?
http://technet.microsoft.com/en-us/library/aa998934(EXCHG.80).aspx
(certificate) http://support.microsoft.com/kb/929395
have you had a DNS record created from your ISP for exchange.domain.com to an external IP address
You need to open port 80 or 443 traffic in the firewall if you want Outlook Web Access to work
have you installed RPC over HTTP on the server?
0
 
LLTCAuthor Commented:
For the most part I would like to have people able to check their email from outlook when they are off campus without having to go to OWA. I have an outside dns record of exmail.lltc.edu. an external ip of 209.191.213.123 for that dns record.  A certificate for exmail.lltc.edu. I have port 80 open for web traffic and port 443 open of owa. Does it matter if its open for owa and not for outlook anywhere?

maybe I'm confused but what would be the address you would put in the outlook anywhere url? I put the exmail.lltc.edu and do I need to add anything else becasue of the https:// at the beginning of it? This is the address I try to put in on outlook. the exmail.lltc.edu. My domain internally is lltc.local. would this be the cause of the problem?

I have look over these tech libraries and did everything that was requested on them.

I have not tried the autodiscover one yet.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
JohnGrunwellCommented:
when setting up outlook 2010 you add the exchange account under more settings click on connection tab at the bottom check outlook anywhere click on exchange proxy enter the https://exmail.lltc.edu
Also go to https://www.testexchangeconnectivity.com/ click on outlookanywhere enter you data and run the test. then Post results and we'll see what else needs done.

0
 
LLTCAuthor Commented:
these are the errors I am getting from this when running inside my network. Should I be doing this outside of my network? I did this from my desktop at work. I don't know if I should be using the internal dns name of my exchange which is mail01.lltc.local or the same external name for https exmail.lltc.edu.
i have attached the checker info. I get green lights on everything else except for the end.



 outlook-errors.docx
0
 
JohnGrunwellCommented:
you should use the exmail.lltc.edu this is what you will connect them with outside the network it will work either way.   When you run the test can you expand the whole list and click copy and post. When you run the test are you using autodiscover check box or manually specifiy the server settings?
0
 
JohnGrunwellCommented:
In exchange management console under server config hub transport do you have a receive connector FQDN exmail.lltc.edu
0
 
LLTCAuthor Commented:
Testing RPC/HTTP connectivity.
The RPC/HTTP test failed
Test Steps
Attempting to resolve the host name exmail.lltc.edu in DNS.
 The host name resolved successfully.
Additional Details
IP addresses returned: 209.191.213.123
Testing TCP port 443 on host exmail.lltc.edu to ensure it's listening and open.
 The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server exmail.lltc.edu on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=exmail.lltc.edu, OU=IT, O=Leech Lake Tribal College, L="Cass Lake ", S=Minnesota, C=US, Issuer: CN=DigiCert High Assurance CA-3, OU=www.digicert.com, O=DigiCert Inc, C=US.
Validating the certificate name.
The certificate name was validated s
Additional Details
Host name exmail.lltc.edu was found in the Certificate Subject Common name.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
 ExRCA is attempting to build certificate chains for certificate CN=exmail.lltc.edu, OU=IT, O=Leech Lake Tribal College, L="Cass Lake ", S=Minnesota, C=US.
One or more certificate chains were constructed successfully.
Additional Details
A total of 2 chains were built. The highest quality chain ends in root certificate CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US.
Analyzing the certificate chains for compatibility problems with versions of Windows.
No Windows compatibility problems were identified.
Additional Details
The certificate chain has been validated up to a trusted root. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 1/11/2010 12:00:00 AM, NotAfter = 1/14/2013 11:59:59 PM

Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected
Additional Details
Accept/Require Client Certificates isn't configured.
Testing HTTP Authentication Methods for URL https://exmail.lltc.edu/rpc/rpcproxy.dll
The HTTP authentication methods are correct.
Additional Details
ExRCA found all expected authentication methods and no disallowed methods. Methods found: Basic
Testing SSL mutual authentication with the RPC proxy server.
Mutual authentication was verified successfully.
Additional Details
Certificate common name exmail.lltc.edu matches msstd:exmail.lltc.edu.
Attempting to ping RPC proxy exmail.lltc.edu.
RPC Proxy was pinged successfully.
Additional Details
Completed with HTTP status 200 - OK
Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server exmail.lltc.edu.
The attempt to ping the endpoint failed.
 Tell me more about this issue and how to resolve it
Additional Details
The RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime process.
0
 
LLTCAuthor Commented:
I am using the manually check box. The autodiscover errors out right away.

Under hub transport I have receive connectors tab
client mail01 with FQDN mail01.lltc.local
default mail01 with FQDN mail01.lltc.local
reinjection with FQDN mail01.lltc.local
Scan2Email with FQDN exmail.lltc.edu

These are the receive connectors I have. Do I need to create one?
0
 
LLTCAuthor Commented:
Here is the test using the mail01.lltc.local as the exchange server information

Testing RPC/HTTP connectivity.
The RPC/HTTP test failed.
Test Steps
Attempting to resolve the host name exmail.lltc.edu in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 209.191.213.123
Testing TCP port 443 on host exmail.lltc.edu to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server exmail.lltc.edu on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=exmail.lltc.edu, OU=IT, O=Leech Lake Tribal College, L="Cass Lake ", S=Minnesota, C=US, Issuer: CN=DigiCert High Assurance CA-3, OU=www.digicert.com, O=DigiCert Inc, C=US.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name exmail.lltc.edu was found in the Certificate Subject Common name.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
ExRCA is attempting to build certificate chains for certificate CN=exmail.lltc.edu, OU=IT, O=Leech Lake Tribal College, L="Cass Lake ", S=Minnesota, C=US.
One or more certificate chains were constructed successfully.
Additional Details
A total of 2 chains were built. The highest quality chain ends in root certificate CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Analyzing the certificate chains for compatibility problems with versions of Windows.
No Windows compatibility problems were identified.
Additional Details
The certificate chain has been validated up to a trusted root. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 1/11/2010 12:00:00 AM, NotAfter = 1/14/2013 11:59:59 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Testing HTTP Authentication Methods for URL https://exmail.lltc.edu/rpc/rpcproxy.dll.
The HTTP authentication methods are correct.
Additional Details
ExRCA found all expected authentication methods and no disallowed methods. Methods found: Basic
Testing SSL mutual authentication with the RPC proxy server.
Mutual authentication was verified successfully.
Additional Details
Certificate common name exmail.lltc.edu matches msstd:exmail.lltc.edu.
Attempting to ping RPC proxy exmail.lltc.edu
RPC Proxy was pinged successfully.
Additional Details
Completed with HTTP status 200 - OK
Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server mail01.lltc.local.
The endpoint was pinged successfully.
Additional Details
RPC Status Ok (0) returned in 767 ms.
Testing the Name Service Provider Interface (NSPI) on the Exchange Mailbox server.
An error occurred while testing the NSPI RPC endpoint.
Test Steps
Attempting to ping RPC endpoint 6004 (NSPI Proxy Interface) on server mail01.lltc.local.
The attempt to ping the endpoint failed.
 Tell me more about this issue and how to resolve it
Additional Details
The RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime process.
0
 
JohnGrunwellCommented:
When you add the email account in outlook as exchange type the correct server name and domain\username then click on more settings go to connection tab check outlook anywhere type the following as you would for manually config. it doesn't work?
Check the firewall and make sure 6001, 6002, 6004 port are allowed on 209.191.213.123
0
 
LLTCAuthor Commented:
on the firewall from the outside ANY source can come in from https to our exchange. WOuld there be another option to add the ports for that IP?
0
 
LLTCAuthor Commented:
This is where my problem is now. I got autodiscover to erroring out. SOmething to do with port 6004


Testing the Name Service Provider Interface (NSPI) on the Exchange Mailbox server.
An error occurred while testing the NSPI RPC endpoint.
       Test Steps
             Attempting to ping RPC endpoint 6004 (NSPI Proxy Interface) on server mail01.lltc.local.
      The attempt to ping the endpoint failed.
       Tell me more about this issue and how to resolve it

             Additional Details
      The RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime process.



0
 
JohnGrunwellCommented:
What OS is the server that exchange is installed on?
0
 
LLTCAuthor Commented:
windows 2k8 with exchange sp2

I found this post do you think I shoudl try this?
Th¿ problem turned out t¿ b¿ Windows Server 2008 h¿¿ m¿¿¿ TCP/IPv6 th¿ defaulting communication protocol stack over wh¿¿h relations ¿r¿ m¿¿¿ b¿ clients connecting t¿ th¿ server th¿t ¿¿ running Microsoft Exchange. Th¿ RPCProxy component tries t¿ connect t¿ th¿ DSProxy component through port 6004 over TCP/IPv6. B¿t, th¿ DSProxy component ¿¿¿¿ n¿t listen ¿n th¿ TCP/IPv6 stack, wh¿¿h causes connection requests fr¿m th¿ RPCProxy component t¿ fail.

Perform th¿ following procedure:
 
1.Under Network Relations, select th¿ network adapter, ¿n¿ th¿n click Properties.

2.In th¿ properties window, click t¿ clear th¿ check box f¿r Internet Protocol Version 6 (IPv6).

Note:
Clearing th¿¿ check box causes th¿ RPCProxy component ¿n th¿ Client Access server t¿ ¿¿¿ TCP/IPv4 t¿ talk t¿ th¿ DSProxy component ¿n th¿ Mailbox server.
3.Click St¿rt, ¿n¿ th¿n click R¿n.
 
4.Type regedit ¿n th¿ Open box.
 
5.B¿ Registry Editor, locate th¿ following registry key:

HKEY_Local_Machine\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters

6.R¿ght-click th¿ Parameters key, click N¿w, ¿n¿ th¿n click DWORD (32-bit) Value. F¿r th¿ key, add th¿ following values:
 
Name: DisabledComponents
 
Data: 0xFFFFFFFF
 
7.Restart th¿ Client Access server.
0
 
JohnGrunwellCommented:
http://www.buit.org/2008/01/04/outlook-anywhere-is-broken-on-ipv6-in-windows-server-2008/
Well looks like IPV6 causes some issues try to disable it on the NIC and see if that solves the issue.
0
 
JohnGrunwellCommented:
once you have this done it recommends a reboot, then see if you can telnet local host : 6004
0
 
LLTCAuthor Commented:
how do you telnet? I never tried that.
0
 
JohnGrunwellCommented:
you can run the testexchangeconnectivity.com again or this is telnet
command prompt type telnet localhost 6004 see if it connects
http://www.elmajdal.net/Win2k8/How_To_Enable_Telnet_In_Windows_Server_2008.aspx ( adding telnet to windows 2008 )
0
 
LLTCAuthor Commented:
I did my posted solution. I got all Ok's after taht on my microsoft check. I had to put mail01.lltc.local for my exchange server. In HTTPS i had to put exmail.lltc.edu in that section with basic authenication.

It would not sync with exchange still saying the same answer. Outlook cannot sync to exchange.

when adding the user name field under exchange server section I was putting my user name tim.johnson. It wanted the username of tim.johnson@lltc.edu instead. After I figured that out. It took my credentials and started syncing with exchange. I will check this from home now and hopefully I can get this working off campus.
0
 
LLTCAuthor Commented:
see my last post with this post regedit section.
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

  • 11
  • 11
Tackle projects and never again get stuck behind a technical roadblock.
Join Now