Link to home
Create AccountLog in
Avatar of averyln
averylnFlag for United States of America

asked on

Outlook Clients are connecting to the wrong Exchange Server

We have a large complex domain with several sites.  Each site is connected via VPN and also has its own domain, DNS and mail server to support the users at the site.  In addition, with the exception of one site with two facilities, each site has its own mail domain name but from an AD perspective, they are sites within the same forest.

We recently started to have an issue were in one site, our outlook clients were connected to the email server in another site.  We can manually change the proxy settings and outlook will function but when you close Outlook and reopen it, it goes to the other  site.  Now we are having the issue at another site as well.  When the problem occurs, all of the clients get set to the mail server at the top of the primary site.  We have a combination of Exchange 2010 and 2013 along with Server 2008R2 and 2012.

DNS looks to be correct - but we just can grasp what his happening.  Some details:

Site 1 - mail.site1name.com (internal resolution to site1server.domain.local
Site 2 - mail.site1name.com (internal resolution to site2server.domain.local - second facility under this site)
Site 3 - mail.site3name.com (internal resolution to site3sever.domain.local
site 4 - mail.site4name.com (internal resolution to site4server.domain.local)

each site has an autodiscover.siteXname.com entry in the DNS for that site as well.  This entry does resolve to the internal mail server at that site - so, autodiscover.site4name.com -> site4server.domain.local

Problem:

user at site 3 configures outlook for msstd:site3server.site3name.com.  All is good until the user closes outlook.  As soon as they open outlook again, the configuration switches to mail.site1name.com.  For users to function, they have to manually correct this and then they can access their email.  This was working just fine, but some event changed how this was functioning for one site and now it is happening at another.  We can't put our finger on what could have caused this, but we do need to fix it.

Any assistance would be greatly appreciated.
Avatar of Tim Edwards
Tim Edwards
Flag of Canada image

We have the same setup as you. This did happen in our Forest when one organization decided to turn on Outlook Anywhere. I do not know if that is what happened in yours but you can check. The fix was a GPO which I have attached below.

http://support.microsoft.com/kb/2426686

Import that adm, configure the RPC/HTTP Connection Flags setting to enabled and No Flags setting.  When it takes effect it will grey out the settings in Outlook.

As well you can test on individual mailbox with the following ps command:

Set-CASMailbox *edit with username* -MAPIBlockOutlookRpcHttp $True
Avatar of averyln

ASKER

Tim:

thanks for the quick reply.  We have had Outlook Anywhere turned well before this started happening.  It is almost like the Outlook client cannot find the local CAS and goes to the one at the top of the forest.

For example if  run
     get-clientaccessserver -identity "mail.site4name.com"

I get the error
    "The operation couldn't be performed because object 'mail.site4name.com' couldn't be found on
      DCServer.site4domain.local'.

It seems like this is an autodiscover or DNS issue, but everything looks ok from where i sit now.
By holding down CTRL and right clicking on the Outlook task bar icon you can test your Email AutoConfiguration... please post the results and logs, just remove any confidential info
Hello,

Sounds like you have the wrong external hostname set for OutlookAnywhere,

For each of your CAS server run:

Get-OutlookAnywhere -Server <servername> | select ExternalHostname

Open in new window


This value should correspond to the external hostaname that maps to that particular server. If it doesn't match, change it.

You should also check your setting for OAB, EWS, and Activesync to make sure they are correct on each server.

-JJ
mail.site4name.com- confused, do you have a domain for each site?

And when giving get-clientaccessserver -identity <>, this should be the server name, not the cas array name..

coming to your problem...

What is the databases on all the sites set in their RPCClientAccessServer? Can you paste the output of "Get-MailboxDatabase |select Name, RPCClientAccessServer"

All the databases on the respective sites need to be updated with their respective RPC serevr endpoint in the same site.
Set-mailboxDatabase <MBX1Site1> -RpcClientAccessServer "CASServer/ArraySite1" etc..

Can you also test Test-OutlookConnectivity in each site?
Avatar of averyln

ASKER

Tim:
  Not on site, so I will have someone check the outlook autodiscover on a client after the weekend.

Jamie:
  checked the external host and it does have the correct external name - mail.site4name.com
  checked OAB and all Databases the site exchange server can see do have OABs configured

Murali:
  my bad on the error, put the external name in instead of the server name, so that become less of an issue.

It appears the plot just got thicker.  When i ran "Get-MailboxDatabase |select Name, RPCClientAccessServer" on this server, there are three mailboxes that are shown and all of them do not have a value in the RPCClientAccessServer field.  This is troubling on a number of levels.  First, it appears this may have happened when we removed some certs from our Certificate Server at our main site.  We did this as part of a problem resolution with Radius authentication of our wireless clients at that site.  So, somehow, the removal of the extra certs that seem to have been preventing our wireless clients from accessing the network must have, although i am not sure how, impacted the RPC at this site.

Secondly, now the site with the Certificate server does not show up when you run the get-mailboxdatabase at any of the sites.  When you run the command at the site with the Certificate Server, i don't see all the sites there either and the one we are addressing here does not show up.

is it possible that the certs that were removed were/are somehow linked to exchange servers on the sits that are not present in the get-mailboxdatabase query?

I can update the RPCClientAccesServer values on these to see if they work but i won't be able to test it for a few days.
Lots of good suggestions here already.

One thing though. Are you experiencing any problems with AD replication at the problem site? DC functioning as it should? Not sure how many DCs you have at that site. But do you see any problems if you run DCDIAG from a command line?

No recent changes to AD Sites or Services MMC? Changes in subnets?
Avatar of averyln

ASKER

we are experiencing some replicate issues as well.  I was just made aware of this, so I am in the process of looking into that as well.  I don' think there have been any AD/Site changes, but at this point I don't think I can rule this out.  I'm going to start with the replication problem and then go from there.
Avatar of averyln

ASKER

Sorry, I didn't respond completely to your  last question. Each site has its own primary domain controller.  so, there are 6 DCs in the forest.
ASKER CERTIFIED SOLUTION
Avatar of Gareth Gudger
Gareth Gudger
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of averyln

ASKER

Thanks Gareth.  were able to resolve the AD Sync issues.  So will move on to the next part of this issue and will repost.