Outlook Clients are connecting to the wrong Exchange Server
We have a large complex domain with several sites. Each site is connected via VPN and also has its own domain, DNS and mail server to support the users at the site. In addition, with the exception of one site with two facilities, each site has its own mail domain name but from an AD perspective, they are sites within the same forest.
We recently started to have an issue were in one site, our outlook clients were connected to the email server in another site. We can manually change the proxy settings and outlook will function but when you close Outlook and reopen it, it goes to the other site. Now we are having the issue at another site as well. When the problem occurs, all of the clients get set to the mail server at the top of the primary site. We have a combination of Exchange 2010 and 2013 along with Server 2008R2 and 2012.
DNS looks to be correct - but we just can grasp what his happening. Some details:
Site 1 - mail.site1name.com (internal resolution to site1server.domain.local
Site 2 - mail.site1name.com (internal resolution to site2server.domain.local - second facility under this site)
Site 3 - mail.site3name.com (internal resolution to site3sever.domain.local
site 4 - mail.site4name.com (internal resolution to site4server.domain.local)
each site has an autodiscover.siteXname.com
Problem:
user at site 3 configures outlook for msstd:site3server.site3nam
Any assistance would be greatly appreciated.
We recently started to have an issue were in one site, our outlook clients were connected to the email server in another site. We can manually change the proxy settings and outlook will function but when you close Outlook and reopen it, it goes to the other site. Now we are having the issue at another site as well. When the problem occurs, all of the clients get set to the mail server at the top of the primary site. We have a combination of Exchange 2010 and 2013 along with Server 2008R2 and 2012.
DNS looks to be correct - but we just can grasp what his happening. Some details:
Site 1 - mail.site1name.com (internal resolution to site1server.domain.local
Site 2 - mail.site1name.com (internal resolution to site2server.domain.local - second facility under this site)
Site 3 - mail.site3name.com (internal resolution to site3sever.domain.local
site 4 - mail.site4name.com (internal resolution to site4server.domain.local)
each site has an autodiscover.siteXname.com
Problem:
user at site 3 configures outlook for msstd:site3server.site3nam
Any assistance would be greatly appreciated.
ASKER
Tim:
thanks for the quick reply. We have had Outlook Anywhere turned well before this started happening. It is almost like the Outlook client cannot find the local CAS and goes to the one at the top of the forest.
For example if run
get-clientaccessserver -identity "mail.site4name.com"
I get the error
"The operation couldn't be performed because object 'mail.site4name.com' couldn't be found on
DCServer.site4domain.local
It seems like this is an autodiscover or DNS issue, but everything looks ok from where i sit now.
thanks for the quick reply. We have had Outlook Anywhere turned well before this started happening. It is almost like the Outlook client cannot find the local CAS and goes to the one at the top of the forest.
For example if run
get-clientaccessserver -identity "mail.site4name.com"
I get the error
"The operation couldn't be performed because object 'mail.site4name.com' couldn't be found on
DCServer.site4domain.local
It seems like this is an autodiscover or DNS issue, but everything looks ok from where i sit now.
By holding down CTRL and right clicking on the Outlook task bar icon you can test your Email AutoConfiguration... please post the results and logs, just remove any confidential info
Hello,
Sounds like you have the wrong external hostname set for OutlookAnywhere,
For each of your CAS server run:
This value should correspond to the external hostaname that maps to that particular server. If it doesn't match, change it.
You should also check your setting for OAB, EWS, and Activesync to make sure they are correct on each server.
-JJ
Sounds like you have the wrong external hostname set for OutlookAnywhere,
For each of your CAS server run:
Get-OutlookAnywhere -Server <servername> | select ExternalHostnameThis value should correspond to the external hostaname that maps to that particular server. If it doesn't match, change it.
You should also check your setting for OAB, EWS, and Activesync to make sure they are correct on each server.
-JJ
mail.site4name.com- confused, do you have a domain for each site?
And when giving get-clientaccessserver -identity <>, this should be the server name, not the cas array name..
coming to your problem...
What is the databases on all the sites set in their RPCClientAccessServer? Can you paste the output of "Get-MailboxDatabase |select Name, RPCClientAccessServer"
All the databases on the respective sites need to be updated with their respective RPC serevr endpoint in the same site.
Set-mailboxDatabase <MBX1Site1> -RpcClientAccessServer "CASServer/ArraySite1" etc..
Can you also test Test-OutlookConnectivity in each site?
And when giving get-clientaccessserver -identity <>, this should be the server name, not the cas array name..
coming to your problem...
What is the databases on all the sites set in their RPCClientAccessServer? Can you paste the output of "Get-MailboxDatabase |select Name, RPCClientAccessServer"
All the databases on the respective sites need to be updated with their respective RPC serevr endpoint in the same site.
Set-mailboxDatabase <MBX1Site1> -RpcClientAccessServer "CASServer/ArraySite1" etc..
Can you also test Test-OutlookConnectivity in each site?
ASKER
Tim:
Not on site, so I will have someone check the outlook autodiscover on a client after the weekend.
Jamie:
checked the external host and it does have the correct external name - mail.site4name.com
checked OAB and all Databases the site exchange server can see do have OABs configured
Murali:
my bad on the error, put the external name in instead of the server name, so that become less of an issue.
It appears the plot just got thicker. When i ran "Get-MailboxDatabase |select Name, RPCClientAccessServer" on this server, there are three mailboxes that are shown and all of them do not have a value in the RPCClientAccessServer field. This is troubling on a number of levels. First, it appears this may have happened when we removed some certs from our Certificate Server at our main site. We did this as part of a problem resolution with Radius authentication of our wireless clients at that site. So, somehow, the removal of the extra certs that seem to have been preventing our wireless clients from accessing the network must have, although i am not sure how, impacted the RPC at this site.
Secondly, now the site with the Certificate server does not show up when you run the get-mailboxdatabase at any of the sites. When you run the command at the site with the Certificate Server, i don't see all the sites there either and the one we are addressing here does not show up.
is it possible that the certs that were removed were/are somehow linked to exchange servers on the sits that are not present in the get-mailboxdatabase query?
I can update the RPCClientAccesServer values on these to see if they work but i won't be able to test it for a few days.
Not on site, so I will have someone check the outlook autodiscover on a client after the weekend.
Jamie:
checked the external host and it does have the correct external name - mail.site4name.com
checked OAB and all Databases the site exchange server can see do have OABs configured
Murali:
my bad on the error, put the external name in instead of the server name, so that become less of an issue.
It appears the plot just got thicker. When i ran "Get-MailboxDatabase |select Name, RPCClientAccessServer" on this server, there are three mailboxes that are shown and all of them do not have a value in the RPCClientAccessServer field. This is troubling on a number of levels. First, it appears this may have happened when we removed some certs from our Certificate Server at our main site. We did this as part of a problem resolution with Radius authentication of our wireless clients at that site. So, somehow, the removal of the extra certs that seem to have been preventing our wireless clients from accessing the network must have, although i am not sure how, impacted the RPC at this site.
Secondly, now the site with the Certificate server does not show up when you run the get-mailboxdatabase at any of the sites. When you run the command at the site with the Certificate Server, i don't see all the sites there either and the one we are addressing here does not show up.
is it possible that the certs that were removed were/are somehow linked to exchange servers on the sits that are not present in the get-mailboxdatabase query?
I can update the RPCClientAccesServer values on these to see if they work but i won't be able to test it for a few days.
Lots of good suggestions here already.
One thing though. Are you experiencing any problems with AD replication at the problem site? DC functioning as it should? Not sure how many DCs you have at that site. But do you see any problems if you run DCDIAG from a command line?
No recent changes to AD Sites or Services MMC? Changes in subnets?
One thing though. Are you experiencing any problems with AD replication at the problem site? DC functioning as it should? Not sure how many DCs you have at that site. But do you see any problems if you run DCDIAG from a command line?
No recent changes to AD Sites or Services MMC? Changes in subnets?
ASKER
we are experiencing some replicate issues as well. I was just made aware of this, so I am in the process of looking into that as well. I don' think there have been any AD/Site changes, but at this point I don't think I can rule this out. I'm going to start with the replication problem and then go from there.
ASKER
Sorry, I didn't respond completely to your last question. Each site has its own primary domain controller. so, there are 6 DCs in the forest.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Gareth. were able to resolve the AD Sync issues. So will move on to the next part of this issue and will repost.
http://support.microsoft.com/kb/2426686
Import that adm, configure the RPC/HTTP Connection Flags setting to enabled and No Flags setting. When it takes effect it will grey out the settings in Outlook.
As well you can test on individual mailbox with the following ps command:
Set-CASMailbox *edit with username* -MAPIBlockOutlookRpcHttp $True