Solved

why MS Outlook randomly switch settings of access Exchange over HTTP

Posted on 2013-05-30
6
1,355 Views
Last Modified: 2013-06-01
I’ve configured RPC over HTTPS on exchange 2007 server on 2003 R2 64 windows ; configured few of my remote users MS outlook 2007 with outlook anywhere “connect to MS Exchange using HTTP and exchange proxy settings. Outlook anywhere is working great until clients outlook settings randomly resets to standard access.
MS Outlook 2007 will keep settings for just a few outlook restarts and  reset it back to standard use without HTTP.

Same users have access to their mailboxes via terminal server desktop MS outlook. MS outlook within terminal server will do the opposite. IT will reconfigure to run via HTTP and I can reconfigure it back to standard access with http but few restarts later it will go back to    “connect to MS Exchange using HTTP”
How can I force client MS outlook profile s to keep the settings which were set and saved?
Why is MS outloook  randomly (i can't figure out the logic)  resets Outlook anywhere setting?
0
Comment
Question by:leop1212
  • 3
  • 3
6 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
If you have Outlook Anywhere configured in Exchange, then ALL clients will be configured with the Outlook Anywhere settings. There is nothing you can easily do to stop that.
However that doesn't mean they will use it. The Outlook Anywhere settings that are pushed out by Autodiscover mean that on a LAN (A fast connection) the client should use TCP/IP, and only on a slow connection do they fall back to HTTPS.

Therefore the first thing you have to verify is what is actually being used.
Hold down CTRL while right clicking on the Outlook icon in the system tray. Choose Connection Status. ON the network everything should be TCP/IP.

The next thing to think about is the actual setting being removed.
You shouldn't need to configure the clients at all, the fact that you did means that Autodiscover isn't working properly. The clients should get those settings on their next Autodiscover pass.

Run a test account through the Microsoft test site at http://exrca.com/ and see whether that flags anything.

Simon.
0
 

Author Comment

by:leop1212
Comment Utility
Simon,
I just ran excra tests and outlook autodiscover works fine.
I am getting an error when I use outlook Anywhere (RPC over HTTP) test
when choose "use autodiscover to detect server setting I am getting SSL certificate error.
and  the problem here is that I have main website on ISP public IP address and
autodiscover for some reason not looking at DNS record for mail server for SSL certificate  as IP address listed for the host name is for the website (completely different subnet from my exchange server )  see screenshot
when I ran same test with "manually specify server settings" I got another authentication error on port 6002. Should I have 6002 open on the firewall?
so the bottom line is that all internal users have outlook anywhere enabled as its pushed by autodiscover locally while remote users who do need outlook anywhere settings keep losing them.
manualtest.jpg
outlookanywhere.jpg
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
The whole point of Outlook Anywhere is for it to run over a single port - 443. You don't open any other port. 6001 and 6002 are internal ports only.

Autodiscover errors are not unusual because the process uses a number of URLs:

example.com
autodiscover.example.com
then SRV records and finally a redirect.

Do you have autodiscover.example.com on your SSL certificate? If you do, does it resolve to your Exchange server?

Simon.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 

Author Comment

by:leop1212
Comment Utility
i only have exchange.mydain.com on my SSL Cert
how do I add autodiscover.mydomain.com to SSL Cert?
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
Comment Utility
You would need a different kind of certificate if you want to use the host name method. This is called a Unified Communications (UC), SAN (Subject Alternative Name) or Multiple Domain certificate. You will need to be using a commercial certificate, as the self signed ones generated by Exchange are not supported for use with Outlook Anywhere.
http://semb.ee/certs

If you don't want to purchase a new certificate, then you can use SRV record if your external DNS provider supports them: http://semb.ee/srv
However if they don't, then you are faced with either changing DNS provider or changing the type of certificate.

Simon.
0
 

Author Closing Comment

by:leop1212
Comment Utility
Simon,
very good troubleshooting and great info. thank you
0

Featured Post

Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now