Exchange EWS externally not working

Posted on 2014-04-30
Medium Priority
Last Modified: 2014-06-23

Having some issues getting Exchange Web Services to work.
Need EWS to work with Lync 2013 mobile, and external desktop clients.

Using TMG to try to publish EWS.
OWA, Activesync, Lync is already published with TMG and working.
Using autodiscover with autodiscover.contoso.com.

Whenever we do a test with Remote Connectivity, the result is:
The remote name could not be resolved. 'ExchangeInternal.contoso.com'

For some reason it returns the internal name of the Exchange server, i'm guessing the TMG is returning it, but why ?
Checked InternalURL and ExternalURL for WebServicesVirtualDirectory:

InternalUR: https://ExhangeInternal.contoso.com/EWS/Exchange.asmx
ExternalURL: https://mail.contoso.com/EWS/Exchange.asmx

Tried setting the ExternalURL in the Remote Connectivity test manually, and then it works.

Any ideas why this might happen, and how to solve this ?

Our setup:
Lync 2013 internal server
Lync 2013 edge server
TMG 2010
Exchange 2010

Question by:Lenblock
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40033520
Do you have split-brain DNS? If so, what about setting the internal URL to match the external URL?

Expert Comment

ID: 40033978
How you done the following?

Open Exchange Powershell - Now you need to set the CAS details and autodiscover, etc:
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUri https://mail.contoso.com/autodiscover/autodiscover.xml

Open in new window

Now change the InternalUrl attribute of the EWS:
Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://mail.contoso.com/ews/exchange.asmx

Open in new window

Next change the InternalUrl attribute for Web-based Offline Address Book distribution:
Set-OABVirtualDirectory -Identity "CAS_Server_name\oab (Default Web Site)" -InternalUrl https://mail.contoso.com/oab

Open in new window

Now change the InternalUrl attribute of the UM Web service:
Set-UMVirtualDirectory -Identity "CAS_Server_Name\unifiedmessaging (Default Web Site)" -InternalUrl https://mail.contoso.com/unifiedmessaging/service.asmx

Now open IIS management and recycle the MSExchangeAutodiscoverAppPool application pool.

If that doesn't help, next guess would be TMG is trying to reverse proxy Exchange, in which case I would change all the external EWS details to internal, because that's what people will be being served (same procedure as above but set everything to internal URLs).

-Or- Don't use TMG to proxy EWS, because I am struggling to see a point to that, anyway?

Author Comment

ID: 40068380

Not to familiar with split-brain DNS.
Both internal and external have contoso.com
We have DNS servers in our LAN, and a public DNS.

All URL's are set up for external services, with exception of Outlook Anywhere.
We don't have Outlook Anywhere set up, should that make any difference for EWS ?

Tried hitching the EWS on the OWA publishing rule in TMG and still get the same error.
OWA, Activesync, autodiscover have the similar internal and external URL.
internal: https://ExhangeInternal.contoso.com/XX
External: https://mail.contoso.com/XX

It works when setting the EWS external URL manually when testing, but fails with autodiscover.

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

LVL 31

Expert Comment

by:Gareth Gudger
ID: 40068511
Not to familiar with split-brain DNS.
 Both internal and external have contoso.com
 We have DNS servers in our LAN, and a public DNS.

What you are describing here is split-brain DNS. That your external and internal URLs all match. Furthermore than your Public DNS points to the public IP of your CAS. Then you have recreated the contoso.com domain internally and the same records points to the internal IPs of the server, as opposed to the public IPs.

All URL's are set up for external services, with exception of Outlook Anywhere.
 We don't have Outlook Anywhere set up, should that make any difference for EWS ?

Outlook Anywhere isn't a factor. But the addresses you have for EWS does.

Run this command that HostOne mentioned to make the internals and externals match for EWS.
Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://mail.contoso.com/ews/exchange.asmx

Also set the Autodiscover URL.

Set-ClientAccessServer -Identity CAS-SERVER-NAME –AutoDiscoverServiceInternalUri https://mail.contoso.com/Autodiscover/Autodiscover.xml

Accepted Solution

Lenblock earned 0 total points
ID: 40104320

Enabled Outlook Anywhere, and it worked as it should, it returned the correct path.
Guessing something sometime happened, which is causing EWS to fail when Outlook Anywhere is not enabled.

Guessing a reset virtual directory for ews could be helpful in solving this ?
Would a reset directory require anything more than just setting the path again ?


Author Closing Comment

ID: 40151493
Enabling outlook anywhere solved the issue

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question