Remote Site very slow to open Outlook 2010, Synchronise emails,
Hi
We have remote sites that are connected via Satellite links to a Head Office (also on a Satellite Link).
The sites are connected together via a VPN created by XipLink devices.
The Head Office is the Hub of the WAN and has the main services installed at the site (Exchange, WSUS Master, Financial System etc.)
To improve the local experience at the Remote Sites, we have installed one server at the remote sites.
Its roles are:
Domain Controller (Inc. Global Catalogue)
DNS Server
DHCP Server
WSUS Replica Server (downloads from Windows Update, not the WSUS Master)
File Server
Print Server
DFS Replication
The idea is that the local users run off the local file server for their redirected folders (Home Drive and Profile) and store all their documents on a Shared Drive on the Server.
We then use DFS to replicate the data back to head office overnight for backup.
The majority of the users at the Head Office and each of the Remote Sites do not move between sites. However, as usual, it is a small group of Managers who will travel between the sites and expect their laptops to work “just like it is in their Office”
However, it doesn’t seem to be working very well for the remote users to access Outlook, nor for the users Roaming Profiles, but for this question I will focus on Outlook.
The ping times between the Remote Site and the Exchange Server sits at around 1200ms, when not congested.
The ping time to access an internet site (8.8.8.8) is around 600ms.
That is sensible as the route between the Remote Site and the Head Office is a double Satellite hop.
However, at times the ping times back to Exchange blows out to over 3000ms.
Outlook 2010
When I start Outlook when connected at the remote site, it sits at “Loading Profile” for ages, over 5 minutes.
When I start Outlook unconnected to any network, Outlook starts almost instantaneous.
There seems to be a difference in Outlook behaviour when I set the clients DNS to an internal vs external server when at the remote site.
DNS for clients set to Internal DNS Servers:
Outlook is showing “Connected to Microsoft Exchange”, the Inbox doesn’t update, and Outlook shows “Updating this folder”. But that’s it. It doesn’t update.
If I try the test Connection Status, (Control, Right Click on Outlook icon) it shows connected via TCP/IP
I can send emails, which reaches the Exchange Server, as they appear in my Blackberry.
But they don’t appear in my Inbox.
I can ping both the internal IP address (10.254.149.12) and the Outlook Anywhere address, mail.yyyyyy.com, which resolves to the same internal address
DNS for clients set to Google’s External DNS Server (8.8.8.8):
Outlook is showing “Connected to Microsoft Exchange”, the Inbox updates, and I am able to send and receive emails.
If I try the test Connection Status, (Control, Right Click on Outlook icon) it shows connected via HTTP
I can ping both the internal IP address (10.254.149.12) and the Outlook Anywhere address, mail.yyyyyy.com, which resolves to the external IP address 58.x.x.x
There is a forward lookup zone within the AD DNS servers for the mail.yyyyy.com Outlook Anywhere address that has a Host (A) record pointing to the exchange server.
So the issue Im having is I dont want to have the primary DNS server of the clients set as Google Public DNS server (8.8.8.8) as we cant resolve internal names.
But i need Outlook to work!
Any ideas?
We have remote sites that are connected via Satellite links to a Head Office (also on a Satellite Link).
The sites are connected together via a VPN created by XipLink devices.
The Head Office is the Hub of the WAN and has the main services installed at the site (Exchange, WSUS Master, Financial System etc.)
To improve the local experience at the Remote Sites, we have installed one server at the remote sites.
Its roles are:
Domain Controller (Inc. Global Catalogue)
DNS Server
DHCP Server
WSUS Replica Server (downloads from Windows Update, not the WSUS Master)
File Server
Print Server
DFS Replication
The idea is that the local users run off the local file server for their redirected folders (Home Drive and Profile) and store all their documents on a Shared Drive on the Server.
We then use DFS to replicate the data back to head office overnight for backup.
The majority of the users at the Head Office and each of the Remote Sites do not move between sites. However, as usual, it is a small group of Managers who will travel between the sites and expect their laptops to work “just like it is in their Office”
However, it doesn’t seem to be working very well for the remote users to access Outlook, nor for the users Roaming Profiles, but for this question I will focus on Outlook.
The ping times between the Remote Site and the Exchange Server sits at around 1200ms, when not congested.
The ping time to access an internet site (8.8.8.8) is around 600ms.
That is sensible as the route between the Remote Site and the Head Office is a double Satellite hop.
However, at times the ping times back to Exchange blows out to over 3000ms.
Outlook 2010
When I start Outlook when connected at the remote site, it sits at “Loading Profile” for ages, over 5 minutes.
When I start Outlook unconnected to any network, Outlook starts almost instantaneous.
There seems to be a difference in Outlook behaviour when I set the clients DNS to an internal vs external server when at the remote site.
DNS for clients set to Internal DNS Servers:
Outlook is showing “Connected to Microsoft Exchange”, the Inbox doesn’t update, and Outlook shows “Updating this folder”. But that’s it. It doesn’t update.
If I try the test Connection Status, (Control, Right Click on Outlook icon) it shows connected via TCP/IP
I can send emails, which reaches the Exchange Server, as they appear in my Blackberry.
But they don’t appear in my Inbox.
I can ping both the internal IP address (10.254.149.12) and the Outlook Anywhere address, mail.yyyyyy.com, which resolves to the same internal address
DNS for clients set to Google’s External DNS Server (8.8.8.8):
Outlook is showing “Connected to Microsoft Exchange”, the Inbox updates, and I am able to send and receive emails.
If I try the test Connection Status, (Control, Right Click on Outlook icon) it shows connected via HTTP
I can ping both the internal IP address (10.254.149.12) and the Outlook Anywhere address, mail.yyyyyy.com, which resolves to the external IP address 58.x.x.x
There is a forward lookup zone within the AD DNS servers for the mail.yyyyy.com Outlook Anywhere address that has a Host (A) record pointing to the exchange server.
So the issue Im having is I dont want to have the primary DNS server of the clients set as Google Public DNS server (8.8.8.8) as we cant resolve internal names.
But i need Outlook to work!
Any ideas?
ASKER
Hi,
Thanks for the suggestions.
The Roaming Profiles are stored on the local server.
And Cached mode is already on.
But to have a test of this, I removed the Profiles line in the User Accounts, so no more roaming profile.
I logged onto a PC with a new account that has never logged onto that PC or even on the Domain before.
When Outlook was trying to auto-setup Outlook with the current users settings, it took a very long time and required me to enter manual settings, waited at and eventually failed with a message saying it
"Cannot open the Default EMail Folders, Network problems are preventing connection to Microsoft Exchange"
I was pinging the exchange server during that test, and it was online and responding the entire time at around 1200ms
So I dont think its related to Roaming Profiles now.
Thanks for the suggestions.
The Roaming Profiles are stored on the local server.
And Cached mode is already on.
But to have a test of this, I removed the Profiles line in the User Accounts, so no more roaming profile.
I logged onto a PC with a new account that has never logged onto that PC or even on the Domain before.
When Outlook was trying to auto-setup Outlook with the current users settings, it took a very long time and required me to enter manual settings, waited at and eventually failed with a message saying it
"Cannot open the Default EMail Folders, Network problems are preventing connection to Microsoft Exchange"
I was pinging the exchange server during that test, and it was online and responding the entire time at around 1200ms
So I dont think its related to Roaming Profiles now.
The latency is worrying, it is more than I would be happy with. If you only had satellite on one connection it might be ok, but both sides I don't think you are going to see any improvement not matter what you do.
My preference would have been to put a server in a data centre (Exchange and a DC on a VM). Then had the roaming users connect to that. It will give them a much better experience from any office plus away from the office.
Are you using satellite both ways, or is one path land based of some description?
Simon.
My preference would have been to put a server in a data centre (Exchange and a DC on a VM). Then had the roaming users connect to that. It will give them a much better experience from any office plus away from the office.
Are you using satellite both ways, or is one path land based of some description?
Simon.
ASKER
Hi,
Unfortunately the only choice for b
oth ends for connectivity is Satellite.
And the infrastructure at the head office is something I inherited so I can not change that easily. Maybe later but not anytime soon.
So where I sit now is that I can't create new users at the site due to the error:
"Cannot open the Default EMail Folders, Network problems are preventing connection to Microsoft Exchange"
And existing users can only access emails if I force them to use the external IP of Outlook Anywhere by having their primary DNS as 8.8.8.8
Unfortunately the only choice for b
oth ends for connectivity is Satellite.
And the infrastructure at the head office is something I inherited so I can not change that easily. Maybe later but not anytime soon.
So where I sit now is that I can't create new users at the site due to the error:
"Cannot open the Default EMail Folders, Network problems are preventing connection to Microsoft Exchange"
And existing users can only access emails if I force them to use the external IP of Outlook Anywhere by having their primary DNS as 8.8.8.8
Perhaps the old DNS is cached and causing issues with the new setup
Have you tried FLushing the DNS
Have you tried FLushing the DNS
ASKER
Ok, I now believe it is a VPN issue where the connection back to head office is HALF working.
SMB shares are working, I can access Head Office file shares from Remote Site
I can ping the various servers in Head Office from Remote Site.
DFS looks like it is also still working.
However, Active Directory and DNS are NOT updating at the Remote Site.
Outlook is also not working through the LAN, it doesn’t connect or update Outlook.
Outlook will only connect when it accesses the external Outlook Anywhere site.
WSUS Syncronisation also has stopped.
Looking back on the FRS logs at the Remote Site, it looks like this started to fail around the night of the 21st August so some changes must have been made then. Im trying to work out who did what.
Is there any other tests I can do or things to look at to see what is exactly broken?
SMB shares are working, I can access Head Office file shares from Remote Site
I can ping the various servers in Head Office from Remote Site.
DFS looks like it is also still working.
However, Active Directory and DNS are NOT updating at the Remote Site.
Outlook is also not working through the LAN, it doesn’t connect or update Outlook.
Outlook will only connect when it accesses the external Outlook Anywhere site.
WSUS Syncronisation also has stopped.
Looking back on the FRS logs at the Remote Site, it looks like this started to fail around the night of the 21st August so some changes must have been made then. Im trying to work out who did what.
Is there any other tests I can do or things to look at to see what is exactly broken?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The answer wasnt that Outlook or AD was faulty, rather the VPN was faulty and passing enough traffic that I believed it was working correctly, when it wasnt.
If someone looks at this question, check if the AD is sync-ing correctly.
repadmin /kcc <DOMAINCONTROLLER>
is a useful command.
If someone looks at this question, check if the AD is sync-ing correctly.
repadmin /kcc <DOMAINCONTROLLER>
is a useful command.
Where are the roaming profiels stored? ON the local server or across the network?
OUtlooks default save locations is in the users Profile
So having them on a romaing profile will likely slow its response
If you dont need them, get rid of them.
If you are working over a slow network or users are using laptops
Check that Cached exchange mode is being used in their outlook settings
This should help quite a bit