Solved

Exchange 2013 and Outlook 2007, 2010, 2013 Cannot connect

Posted on 2013-11-15
4
11,744 Views
1 Endorsement
Last Modified: 2013-11-21
Hi Chaps,
I have wasted so much time on this that I am hoping someone can hold my hand and take me through some basic steps.

I have two servers both running Server 2012 Standard.

x 1 = Mainserver01 Domain Controller
x 1 = Mainserver02 Exchange 2013

At this time I am only interested in getting my internal clients to connect via outlook and this is proving to be the most difficult thing I have ever encountered.

I have previously deployed a single server that hosted both the Domain Controller and Exchange and all went well.  This could be internal DNS related as I am not an expert but I am open and happy to try anything.  Happy to carry out tests again and again if it means I get this sorted with your help.

Internally I can connect via https://servername.internaldomain.local/owa
Mail sends and receives via this and all is good.

However, I cannot get any outlook clients to connect.

When I start up (for example) Outlook 2010, it automatically fills in the users details and they all appear to be correct. I get

Establish network connection - Ticked Green
Search for username@externaldomain.com server settings - Ticked Green

Then it hangs at log on to server and says: The action cannot be completed.  The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action.

When I click OK, I am presented with the check name screen and it shows the GUID long number as the exchange server xxxxxx@externaldomain.com
and =SMTP: username@externaldomain.com.  If i click OK I can enter the settings manually which I do as follows:

Server: mainserver02.internaldomain.local
I click More Settings and then go to the Connection Tab and tick Connect to Microsoft Exchange using HTTP and click Exchange Proxy Settings.
In there I complete "https://mainserver02.internaldomain.local"
I tick on fast networks
I select NTLM (i have tried them all at some point!)

It simply will not connect... anyone got any suggestions??

Hope so ... its an experts exchange! :)
1
Comment
Question by:wedmonds1
  • 3
4 Comments
 

Author Comment

by:wedmonds1
ID: 39652640
Ok so I now have a single outlook 2010 client connecting.  No changes made it just worked.
All others still do not connect using 2013 and 2007.
Also server itself  with outlook 2013 installed directly on it will not connect.

I exported the working cert from the working machine and imported as CA on another 2010 machine and it still fails.  Further investigation  makes me think it could still be a cert problem as I cannot see my newly imported cert in the CA.  I view it from IE and it shows up on working outlook 2010 but not on the new one I am trying to get working.

any ideas chaps?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39653659
Get a trusted SSL certificate would be the first thing I would do.
Then ensure that the external host name on the server resolves internally to Exchange and you have set all of the internal and external URLs to the correct setting.

My article here: http://semb.ee/hostnames goes through the process for Exchange 2010, the script at the end works for Exchange 2013 also.

Simon.
0
 

Accepted Solution

by:
wedmonds1 earned 0 total points
ID: 39653843
I appear to have resolved it.
I created a self signed cert and ensured that the server name being requested was inside the cert.  

Then I logged on as the user and i imported the certificate in the trusted CA
BUT and its a BIG BUT
when I checked the CA area I could not see it.
After much research I found that when I was logged on as a roaming user that the certificate did not go into the CA.
I had to log on as a domain admin and then import the certificate by going running MMC adding the certificate snap in and then importing the certificate.  
It then showed up and I was able to log back in as the user and complete the outlook setup making sure to utilise the RPC over HTTP in security and using NTLM.

Looking back, I also found a MS article http://support.microsoft.com/kb/2264398#appliesto
that refers to a similar missing registry key causing a similar problem to that lots of others have reported but this looks to be relevant only to LOCAL profiles and not roaming profiles and when I navigated to the key it showed 'Roaming'.

Hope this helps someone.  
I am on a mission to help others now as this has sucked so much of my time.

Getting an external cert if obviously another way of fixing it and I do appreciate your feedback so thank you.
0
 

Author Closing Comment

by:wedmonds1
ID: 39665324
It works and I can replicate and explain it!
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
This video discusses moving either the default database or any database to a new volume.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now