?
Solved

Outlook 2010 exchange server must be online

Posted on 2012-03-09
14
Medium Priority
?
1,121 Views
Last Modified: 2012-03-14
Have issues with a SBS2011 server and Outlook 2010/2007. Unable to connect to exchange to complete Outlook setup on a new machine.  Existing machines and outlook profiles continue to work, but cannot create new outlook profile on any domain PC. All updates and service packs are current.  Webmail is good. Exchange connectivity test website passes everything except RPC/HTTP test.  Last step fails as follows.



Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server pins.
The endpoint was pinged successfully.
Additional Details
RPC Status Ok (0) returned in 641 ms.
Testing the Name Service Provider Interface (NSPI) on the Exchange Mailbox server.
An error occurred while testing the NSPI RPC endpoint.
Test Steps
Attempting to ping RPC endpoint 6004 (NSPI Proxy Interface) on server pins.
The endpoint was pinged successfully.
Additional Details
RPC Status Ok (0) returned in 205 ms.
Testing NSPI "Check Name" for user bherde@network.com against server pins.
An error occurred while attempting to resolve the name.
Additional Details
An RPC error was thrown by the RPC Runtime process. Error 1717 UnknownIf
 
Autodiscover test passes, but does throw following error.
Attempting to resolve the host name network.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: xxx.xxx.xxx.xxx
Testing TCP port 443 on host network.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server network.com on port 443.
ExRCA wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation
 

- RequireSSL is off, but made no difference
- SSL cert has all the correct names and is valid till 2016.
- Authentication basic or NTLM makes no difference (set for NTLM)
- reset virtual directories for OWA


This was working a few months ago.  Do not know when it stopped, and only creation of a new outlook profile is affected.

Need some inspiration please.
0
Comment
Question by:billherde
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 6
14 Comments
 
LVL 2

Expert Comment

by:dphantom9002
ID: 37702568
Couple links to look at.

http://forums.msexchange.org/m_1800552564/mpage_1/key_/tm.htm#1800552564

or maybe this

http://www.networksteve.com/exchange/topic.php?TopicId=27580

have you tried running the Get-ExchangeCertificate again on the CAS server? make sure this certificate with the CN names listed is enabled for IIS service
0
 
LVL 3

Author Comment

by:billherde
ID: 37702740
Get-exchangecertificate returns the correct cert with IPWS enabled.DNS
Cert has following SAN names

Name=mail.???network.com
DNS Name=www.mail.???network.com
DNS Name=pins.pin.local
DNS Name=autodiscover.pin.local
DNS Name=autodiscover.???network.com
DNS Name=???network.com
DNS Name=pin.local

All above addresses resolve properly in DNS.

I can agree this sure looks like a cert problem, possible autodiscover.
I can connect to https://server/autodiscover/autodiscover.html and get the customary certificate warning follwed by error 404.

Cannot use Outlook Email Test Configuration, as I cannot launch Outlook without a working profile.

Keep ideas coming!
0
 
LVL 2

Expert Comment

by:dphantom9002
ID: 37702756
What are your event logs showing?  error IDs?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 3

Author Comment

by:billherde
ID: 37702769
PS  Outlook will connect as expected via POP or IMAP.
0
 
LVL 3

Author Comment

by:billherde
ID: 37702819
System and Application event logs show nothing related, but Exchange managment throws an event ID 6 Cmdlet failed. Cmdlet Get-User, parameters {Identity=NT AUTHORITY\SYSTEM}.
0
 
LVL 2

Expert Comment

by:dphantom9002
ID: 37702886
0
 
LVL 2

Expert Comment

by:dphantom9002
ID: 37702898
Is your SBS server still a Global Catalog?
0
 
LVL 3

Author Comment

by:billherde
ID: 37702907
Saw that.  Did not figure it needed much more on that line as IMAP,POP and webmail work for same user.
0
 
LVL 3

Author Comment

by:billherde
ID: 37702910
Yes, server is GC, and there is another working GC inthe domain.
0
 
LVL 2

Expert Comment

by:dphantom9002
ID: 37702978
try recreating the auto discover virtual directory
0
 
LVL 2

Assisted Solution

by:dphantom9002
dphantom9002 earned 2000 total points
ID: 37702979
try recreating the autodiscover virtual directories.
0
 
LVL 3

Author Comment

by:billherde
ID: 37703071
Used reset virtual directory in managment console followed by iisreset, no joy.
0
 
LVL 3

Accepted Solution

by:
billherde earned 0 total points
ID: 37703221
Following the same line of remove and replace, I disabled OutlookAnywhere, then deleted the directories in IIS for owa, RPC, ECP and autodiscover.  iisreset. then enabled outlookanywhere. Once eventviewer indicated complete, it is finally working.

Thanks for the help.
0
 
LVL 3

Author Closing Comment

by:billherde
ID: 37719014
It became apparent that all the settings were correct, it was just another case of Microsoft off in the weeds with no apparent explanation.  Users were alerted to reporary outage, and the related services removed and reinstalled.

How did that joke about the car built by Microsoft go?  -- "You are driving down the freeway and you car suddenly stops.  You get out and replace the engine, then restart the car and continue on your way.  Curiously you accept this as normal."
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this step by step procedure, you will come to know the details of creating an Outlook meeting in 2007, 2010, 2013 & 2016.
You need to know the location of the Office templates folder, so that when you create new templates, they are saved to that location, and thus are available for selection when creating new documents.  The steps to find the Templates folder path are …
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question