Solved

Exchange 2013 - reset all settings

Posted on 2014-01-27
9
2,817 Views
Last Modified: 2014-02-09
Hi,
We have an exchange 2007/2013 coexisting environment. I've been migrating a few test mailboxes from 2007 to 2013 and everything was working fine.
When I tried to change the internals and externals virtual directories to make the 2013 proxy to 2007 (http://social.technet.microsoft.com/Forums/exchange/en-US/f0ede355-d1d5-4dbd-80ea-06777ff2bedd/exchange-2007-and-2013-coexistnec-activesync-issue?forum=exchangesvrmobility) , I certainly messed up a few things. Or maybe when I rolled back that attempt...

Now, users whose mailbox is on 2013 works fine in OWA, but Outlook clients can't connect to Exchange server. Everytime I try to create an Outlook profile whose mailbox is on Exchange 2013 it's asking for credentials.

If I dig further and try to manually configure server settings:

 - If I specify the Exchange 2013 server and try a 'Check Name', it says: "Outlook cannot log on. Verify you are connected to the network and are using the proper server and mailbox name. The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action."

 - If I specify the Exchange 2007 server and try a 'Check Name', the server changes for the fqdn of the 2013 server and it does resolve 'Check Name' process. Clicking on Next at this point completes the 'Add new e-mail account wizard". But is I try to start Outlook, I got an error saying "Microsoft Exchange is unavailable"

I'm thinking of uninstalling the Exchange 2013 server and reinstalling it, but I'm afraid of AD behavior. As I'm in prod mode, that would be the last thing to try.

I would like to know if anyone knows a way of resetting all Exchange 2013 server settings, including IIS.

Thanks,

Martin
0
Comment
Question by:deewave
  • 5
  • 4
9 Comments
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39812861
Hello,

Have you setup a legacy FQDN for your 2007 environment and have you obtained and installed a cert for that FQDN?

-JJ
0
 

Author Comment

by:deewave
ID: 39813137
yes I have set up an internal FQDN for our legacy (2007) server in our DNS

I'm not sure about the cert. How can I verify that?  Here is the output of get-exchangecertificate on my 2013 server:
Thumbprint                                Services   Subject
----------                                --------   -------
F4548A32306A6ABEB57BC729D3414F7E780496F5  .......    CN=serv-exch2013.limocar.int, OU=IT, O=Transdev, L=QC, S=Boisbr...
3CFFBFAF44CA22640E1AB3B6B18FE5EF5FD5C9B3  .......    C=CA, S=QC, L=Boisbriand, O=Transdev Canada Inc., OU=IT, CN=mai...
B62CC75DB32D3FB32401C5C5A2C4205FE1ADD338  ....S..    CN=serv-exch2013
072D556BC6A83342CFCF0C0368AC8188066D0F24  ....S..    CN=Microsoft Exchange Server Auth Certificate
C5C3B1EBD738878223524BE851A404C881FE8C27  IP.WS..    CN=mail.transdev.ca, OU=Domain Control Validated, O=mail.transd...
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39813185
Run get-exchangecertificate | fl

That will show you which certificate each protocol is active on.

Did you purchase a new cert for the legacy name?

-JJ
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:deewave
ID: 39817721
No I haven't purchased a new cert. I created one with the wizard on Exchange 2013 and did the request with our internal certificate authority server
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39817795
Do all your clients and the Exchange servers have that CA's root cert installed?

-JJ
0
 

Author Comment

by:deewave
ID: 39819105
I guess so, because as I said, it was working before.
How can I verify that?
0
 
LVL 37

Accepted Solution

by:
Jamie McKillop earned 250 total points
ID: 39820679
Run get-exchangecertificate | fl on all your CAS servers. On the 2007 servers, you should see the legacy.yourdomain.com cert and it should have "IIS" in the Services property. On your 2013 servers, you should have a cert that has mail.yourdomain.com and autodiscover.yourdomain.com and IIS should be in the Services property.

You should be able to resolve these domain names to the corresponding CAS or CAS array both internally and externally.

Run Get-ClientAccess server for each of your client access servers. Make sure the AutodiscoverInternalURI property points to https://autodiscover.yourdomain.com/autodiscover/autodiscover.xml

Run Get-OutlookAnywhere for each of your client access servers. Make sure the internal and external URL are set to mail.yourdomain.com on each one

Run Get-Webservicesvirtualdirectory -Identity "<CAS Server>\EWS (Default Web Site)"  and make sure ExternalUrl is https://mail.yourdomain.com/EWS/Exchange.asmx on the 2013 servers and https://legacy.yourdomain.com/EWS/Exchange.asmx on the 2007 servers

Run Get-OABVirtualDirectory -Identity "<CAS Server>\OAB (Default Web Site)" and make sure the ExternalURl is https://mail.yourdomain.com/OAB on the 2013 servers and https://legacy.contoso.com/OAB on the 2007 servers

-JJ
0
 

Assisted Solution

by:deewave
deewave earned 0 total points
ID: 39833619
ok, we finally hired an external consultant to complete that job, so I wont go much in details

1st, there is an issue with WinXP + Office2007 or WinXP + Office2010 combinaison. There are several threads on the web, but mainly we needed to use a split-dns and create a forward lookup zone for our external domains, so they could be resolved internally

2nd, OutlookAnywhere and AutoDiscover needed some tweaking
Set-OutlookProvider EXPR -Server exch2013.domain.local -CertPrincipalName none
Set-OutlookProvider EXPR -Server $null

3rd, upgrade all WinXP - Office2007 to client to either Win7 and/or Office2010. Because WinXP - Office2007 was still asking credentials (at startup only)
0
 

Author Closing Comment

by:deewave
ID: 39845130
not quite sure on how to attribute points in this case. Answer was well described by jjmck, but not very accurate. My question was how to reset Exchange 2013 settings to their default, finally ended up to something else. So 250 points and a grade A should be correct.

Thanks for the help!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question