Exchange 2013 - reset all settings

Posted on 2014-01-27
Medium Priority
Last Modified: 2014-02-09
We have an exchange 2007/2013 coexisting environment. I've been migrating a few test mailboxes from 2007 to 2013 and everything was working fine.
When I tried to change the internals and externals virtual directories to make the 2013 proxy to 2007 (http://social.technet.microsoft.com/Forums/exchange/en-US/f0ede355-d1d5-4dbd-80ea-06777ff2bedd/exchange-2007-and-2013-coexistnec-activesync-issue?forum=exchangesvrmobility) , I certainly messed up a few things. Or maybe when I rolled back that attempt...

Now, users whose mailbox is on 2013 works fine in OWA, but Outlook clients can't connect to Exchange server. Everytime I try to create an Outlook profile whose mailbox is on Exchange 2013 it's asking for credentials.

If I dig further and try to manually configure server settings:

 - If I specify the Exchange 2013 server and try a 'Check Name', it says: "Outlook cannot log on. Verify you are connected to the network and are using the proper server and mailbox name. The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action."

 - If I specify the Exchange 2007 server and try a 'Check Name', the server changes for the fqdn of the 2013 server and it does resolve 'Check Name' process. Clicking on Next at this point completes the 'Add new e-mail account wizard". But is I try to start Outlook, I got an error saying "Microsoft Exchange is unavailable"

I'm thinking of uninstalling the Exchange 2013 server and reinstalling it, but I'm afraid of AD behavior. As I'm in prod mode, that would be the last thing to try.

I would like to know if anyone knows a way of resetting all Exchange 2013 server settings, including IIS.


Question by:deewave
  • 5
  • 4
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39812861

Have you setup a legacy FQDN for your 2007 environment and have you obtained and installed a cert for that FQDN?


Author Comment

ID: 39813137
yes I have set up an internal FQDN for our legacy (2007) server in our DNS

I'm not sure about the cert. How can I verify that?  Here is the output of get-exchangecertificate on my 2013 server:
Thumbprint                                Services   Subject
----------                                --------   -------
F4548A32306A6ABEB57BC729D3414F7E780496F5  .......    CN=serv-exch2013.limocar.int, OU=IT, O=Transdev, L=QC, S=Boisbr...
3CFFBFAF44CA22640E1AB3B6B18FE5EF5FD5C9B3  .......    C=CA, S=QC, L=Boisbriand, O=Transdev Canada Inc., OU=IT, CN=mai...
B62CC75DB32D3FB32401C5C5A2C4205FE1ADD338  ....S..    CN=serv-exch2013
072D556BC6A83342CFCF0C0368AC8188066D0F24  ....S..    CN=Microsoft Exchange Server Auth Certificate
C5C3B1EBD738878223524BE851A404C881FE8C27  IP.WS..    CN=mail.transdev.ca, OU=Domain Control Validated, O=mail.transd...
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39813185
Run get-exchangecertificate | fl

That will show you which certificate each protocol is active on.

Did you purchase a new cert for the legacy name?

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why


Author Comment

ID: 39817721
No I haven't purchased a new cert. I created one with the wizard on Exchange 2013 and did the request with our internal certificate authority server
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39817795
Do all your clients and the Exchange servers have that CA's root cert installed?


Author Comment

ID: 39819105
I guess so, because as I said, it was working before.
How can I verify that?
LVL 37

Accepted Solution

Jamie McKillop earned 1000 total points
ID: 39820679
Run get-exchangecertificate | fl on all your CAS servers. On the 2007 servers, you should see the legacy.yourdomain.com cert and it should have "IIS" in the Services property. On your 2013 servers, you should have a cert that has mail.yourdomain.com and autodiscover.yourdomain.com and IIS should be in the Services property.

You should be able to resolve these domain names to the corresponding CAS or CAS array both internally and externally.

Run Get-ClientAccess server for each of your client access servers. Make sure the AutodiscoverInternalURI property points to https://autodiscover.yourdomain.com/autodiscover/autodiscover.xml

Run Get-OutlookAnywhere for each of your client access servers. Make sure the internal and external URL are set to mail.yourdomain.com on each one

Run Get-Webservicesvirtualdirectory -Identity "<CAS Server>\EWS (Default Web Site)"  and make sure ExternalUrl is https://mail.yourdomain.com/EWS/Exchange.asmx on the 2013 servers and https://legacy.yourdomain.com/EWS/Exchange.asmx on the 2007 servers

Run Get-OABVirtualDirectory -Identity "<CAS Server>\OAB (Default Web Site)" and make sure the ExternalURl is https://mail.yourdomain.com/OAB on the 2013 servers and https://legacy.contoso.com/OAB on the 2007 servers


Assisted Solution

deewave earned 0 total points
ID: 39833619
ok, we finally hired an external consultant to complete that job, so I wont go much in details

1st, there is an issue with WinXP + Office2007 or WinXP + Office2010 combinaison. There are several threads on the web, but mainly we needed to use a split-dns and create a forward lookup zone for our external domains, so they could be resolved internally

2nd, OutlookAnywhere and AutoDiscover needed some tweaking
Set-OutlookProvider EXPR -Server exch2013.domain.local -CertPrincipalName none
Set-OutlookProvider EXPR -Server $null

3rd, upgrade all WinXP - Office2007 to client to either Win7 and/or Office2010. Because WinXP - Office2007 was still asking credentials (at startup only)

Author Closing Comment

ID: 39845130
not quite sure on how to attribute points in this case. Answer was well described by jjmck, but not very accurate. My question was how to reset Exchange 2013 settings to their default, finally ended up to something else. So 250 points and a grade A should be correct.

Thanks for the help!

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Planning to migrate your EDB file(s) to a new or an existing Outlook PST file? This video will guide you how to convert EDB file(s) to PST. Besides this, it also describes, how one can easily search any item(s) from multiple folders or mailboxes…
Suggested Courses

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question