Exchange EWS externally not working

Posted on 2014-04-30
Medium Priority
Last Modified: 2014-06-23

Having some issues getting Exchange Web Services to work.
Need EWS to work with Lync 2013 mobile, and external desktop clients.

Using TMG to try to publish EWS.
OWA, Activesync, Lync is already published with TMG and working.
Using autodiscover with autodiscover.contoso.com.

Whenever we do a test with Remote Connectivity, the result is:
The remote name could not be resolved. 'ExchangeInternal.contoso.com'

For some reason it returns the internal name of the Exchange server, i'm guessing the TMG is returning it, but why ?
Checked InternalURL and ExternalURL for WebServicesVirtualDirectory:

InternalUR: https://ExhangeInternal.contoso.com/EWS/Exchange.asmx
ExternalURL: https://mail.contoso.com/EWS/Exchange.asmx

Tried setting the ExternalURL in the Remote Connectivity test manually, and then it works.

Any ideas why this might happen, and how to solve this ?

Our setup:
Lync 2013 internal server
Lync 2013 edge server
TMG 2010
Exchange 2010

Question by:Lenblock
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40033520
Do you have split-brain DNS? If so, what about setting the internal URL to match the external URL?

Expert Comment

ID: 40033978
How you done the following?

Open Exchange Powershell - Now you need to set the CAS details and autodiscover, etc:
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUri https://mail.contoso.com/autodiscover/autodiscover.xml

Open in new window

Now change the InternalUrl attribute of the EWS:
Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://mail.contoso.com/ews/exchange.asmx

Open in new window

Next change the InternalUrl attribute for Web-based Offline Address Book distribution:
Set-OABVirtualDirectory -Identity "CAS_Server_name\oab (Default Web Site)" -InternalUrl https://mail.contoso.com/oab

Open in new window

Now change the InternalUrl attribute of the UM Web service:
Set-UMVirtualDirectory -Identity "CAS_Server_Name\unifiedmessaging (Default Web Site)" -InternalUrl https://mail.contoso.com/unifiedmessaging/service.asmx

Now open IIS management and recycle the MSExchangeAutodiscoverAppPool application pool.

If that doesn't help, next guess would be TMG is trying to reverse proxy Exchange, in which case I would change all the external EWS details to internal, because that's what people will be being served (same procedure as above but set everything to internal URLs).

-Or- Don't use TMG to proxy EWS, because I am struggling to see a point to that, anyway?

Author Comment

ID: 40068380

Not to familiar with split-brain DNS.
Both internal and external have contoso.com
We have DNS servers in our LAN, and a public DNS.

All URL's are set up for external services, with exception of Outlook Anywhere.
We don't have Outlook Anywhere set up, should that make any difference for EWS ?

Tried hitching the EWS on the OWA publishing rule in TMG and still get the same error.
OWA, Activesync, autodiscover have the similar internal and external URL.
internal: https://ExhangeInternal.contoso.com/XX
External: https://mail.contoso.com/XX

It works when setting the EWS external URL manually when testing, but fails with autodiscover.

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

LVL 31

Expert Comment

by:Gareth Gudger
ID: 40068511
Not to familiar with split-brain DNS.
 Both internal and external have contoso.com
 We have DNS servers in our LAN, and a public DNS.

What you are describing here is split-brain DNS. That your external and internal URLs all match. Furthermore than your Public DNS points to the public IP of your CAS. Then you have recreated the contoso.com domain internally and the same records points to the internal IPs of the server, as opposed to the public IPs.

All URL's are set up for external services, with exception of Outlook Anywhere.
 We don't have Outlook Anywhere set up, should that make any difference for EWS ?

Outlook Anywhere isn't a factor. But the addresses you have for EWS does.

Run this command that HostOne mentioned to make the internals and externals match for EWS.
Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://mail.contoso.com/ews/exchange.asmx

Also set the Autodiscover URL.

Set-ClientAccessServer -Identity CAS-SERVER-NAME –AutoDiscoverServiceInternalUri https://mail.contoso.com/Autodiscover/Autodiscover.xml

Accepted Solution

Lenblock earned 0 total points
ID: 40104320

Enabled Outlook Anywhere, and it worked as it should, it returned the correct path.
Guessing something sometime happened, which is causing EWS to fail when Outlook Anywhere is not enabled.

Guessing a reset virtual directory for ews could be helpful in solving this ?
Would a reset directory require anything more than just setting the path again ?


Author Closing Comment

ID: 40151493
Enabling outlook anywhere solved the issue

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question