Solved

why MS Outlook randomly switch settings of access Exchange over HTTP

Posted on 2013-05-30
6
1,381 Views
Last Modified: 2013-06-01
I’ve configured RPC over HTTPS on exchange 2007 server on 2003 R2 64 windows ; configured few of my remote users MS outlook 2007 with outlook anywhere “connect to MS Exchange using HTTP and exchange proxy settings. Outlook anywhere is working great until clients outlook settings randomly resets to standard access.
MS Outlook 2007 will keep settings for just a few outlook restarts and  reset it back to standard use without HTTP.

Same users have access to their mailboxes via terminal server desktop MS outlook. MS outlook within terminal server will do the opposite. IT will reconfigure to run via HTTP and I can reconfigure it back to standard access with http but few restarts later it will go back to    “connect to MS Exchange using HTTP”
How can I force client MS outlook profile s to keep the settings which were set and saved?
Why is MS outloook  randomly (i can't figure out the logic)  resets Outlook anywhere setting?
0
Comment
Question by:leop1212
  • 3
  • 3
6 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39209641
If you have Outlook Anywhere configured in Exchange, then ALL clients will be configured with the Outlook Anywhere settings. There is nothing you can easily do to stop that.
However that doesn't mean they will use it. The Outlook Anywhere settings that are pushed out by Autodiscover mean that on a LAN (A fast connection) the client should use TCP/IP, and only on a slow connection do they fall back to HTTPS.

Therefore the first thing you have to verify is what is actually being used.
Hold down CTRL while right clicking on the Outlook icon in the system tray. Choose Connection Status. ON the network everything should be TCP/IP.

The next thing to think about is the actual setting being removed.
You shouldn't need to configure the clients at all, the fact that you did means that Autodiscover isn't working properly. The clients should get those settings on their next Autodiscover pass.

Run a test account through the Microsoft test site at http://exrca.com/ and see whether that flags anything.

Simon.
0
 

Author Comment

by:leop1212
ID: 39211519
Simon,
I just ran excra tests and outlook autodiscover works fine.
I am getting an error when I use outlook Anywhere (RPC over HTTP) test
when choose "use autodiscover to detect server setting I am getting SSL certificate error.
and  the problem here is that I have main website on ISP public IP address and
autodiscover for some reason not looking at DNS record for mail server for SSL certificate  as IP address listed for the host name is for the website (completely different subnet from my exchange server )  see screenshot
when I ran same test with "manually specify server settings" I got another authentication error on port 6002. Should I have 6002 open on the firewall?
so the bottom line is that all internal users have outlook anywhere enabled as its pushed by autodiscover locally while remote users who do need outlook anywhere settings keep losing them.
manualtest.jpg
outlookanywhere.jpg
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39211973
The whole point of Outlook Anywhere is for it to run over a single port - 443. You don't open any other port. 6001 and 6002 are internal ports only.

Autodiscover errors are not unusual because the process uses a number of URLs:

example.com
autodiscover.example.com
then SRV records and finally a redirect.

Do you have autodiscover.example.com on your SSL certificate? If you do, does it resolve to your Exchange server?

Simon.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:leop1212
ID: 39212058
i only have exchange.mydain.com on my SSL Cert
how do I add autodiscover.mydomain.com to SSL Cert?
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39212793
You would need a different kind of certificate if you want to use the host name method. This is called a Unified Communications (UC), SAN (Subject Alternative Name) or Multiple Domain certificate. You will need to be using a commercial certificate, as the self signed ones generated by Exchange are not supported for use with Outlook Anywhere.
http://semb.ee/certs

If you don't want to purchase a new certificate, then you can use SRV record if your external DNS provider supports them: http://semb.ee/srv
However if they don't, then you are faced with either changing DNS provider or changing the type of certificate.

Simon.
0
 

Author Closing Comment

by:leop1212
ID: 39213800
Simon,
very good troubleshooting and great info. thank you
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question