Solved

Cannot connect Outlook 2007 to Exchange 2013

Posted on 2015-01-02
37
412 Views
Last Modified: 2015-01-04
I'm in the process of migrating mailboxes over to exchange 2013 server from exchange 2007 server.  Mailflow is still configured through exchange 2007.  I migrated a single mailbox from ex2007 to ex2013 and attempted to connect from a 2007 client and I can't seem to do it.  The client computer is running Win8.1 Pro 64bit with Outlook 2007 sp3 + Nov 2012 patch.  I'm not exactly sure how the email profile should be configured in order to connect.  I'd like to get this worked out first before I continue on with the migration.  I haven't configured a new owa certificate for ex2013 yet because I was thinking I could test LAN connectivity first before I redirect the OWA flow.  Some guidance would be appreciated very much.  Thanks.

Pete
0
Comment
Question by:sndmnsix
  • 22
  • 6
  • 6
  • +2
37 Comments
 
LVL 19

Expert Comment

by:R--R
ID: 40528597
0
 

Author Comment

by:sndmnsix
ID: 40528599
Unfortunately, this company doesn't have any licensing for outlook 2010.   Do you think I can download on a trial basis?
0
 

Author Comment

by:sndmnsix
ID: 40528622
Are there any common Outlook 2007 configuration problems that have seemed to be issues in the past that I could check on?  I'll work on getting a copy of office 2010 for troubleshooting purposes in the meantime.  thanks.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:sndmnsix
ID: 40528637
I recently discovered that I can connect to that mailbox via owa if that helps you.
0
 
LVL 12

Expert Comment

by:David Paris Vicente
ID: 40528670
Can you provide more intel.

What happens when outlook try to connect?
What is reported when you ctrl+right click the Outlook Icon in your bottom right corner and choose test email configuration, insert the email address and password or Run -> Outlook /rpcdiag and check what is reported.

Also if you can provide intel about your virtual directories.
•Get-WebServicesVirtualDirectory
•Get-OwaVirtualDirectory
•Get-ActiveSyncVirtualDirectory
•Get-AutodiscoverVirtualDirectory
•Get-EcpVirtualDirectory


Regards
0
 

Author Comment

by:sndmnsix
ID: 40528682
Thanks...I'll gather those things for you
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40528804
I haven't configured a new owa certificate for ex2013 yet because I was thinking I could test LAN connectivity first before I redirect the OWA flow.

I always recommend to get your certificate and URLs in place before attempting to connect with Outlook. I assume you can log in via 2013 OWA with this moved user okay?

Check my article on 2013 namespace design, DNS, certificates and URL configuration.
https://supertekboy.com/2014/07/08/designing-simple-namespace-exchange-2013/
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40529673
When first create an Outlook profile for this user does autodiscover find the mailbox etc? Does Outlook even open? Also when you launch outlook hold crtl+right click and check the Connection Status. You should see the mailbox GUID and it attempting to connect.

Certs are not manditory to get this working for this one individual user (you will receive a lot of cert errors) but as Gareth stated it is a best practice to have all certs in place before moving mailboxes to the new Exchange environment.

Will.
0
 

Author Comment

by:sndmnsix
ID: 40530353
I always recommend to get your certificate and URLs in place before attempting to connect with Outlook. I assume you can log in via 2013 OWA with this moved user okay?

Yes, on the moved user's mailbox, I was able to access OWA successfully from the same machine.
0
 

Author Comment

by:sndmnsix
ID: 40530356
When first create an Outlook profile for this user does autodiscover find the mailbox etc? Does Outlook even open? Also when you launch outlook hold crtl+right click and check the Connection Status. You should see the mailbox GUID and it attempting to connect.

 Certs are not manditory to get this working for this one individual user (you will receive a lot of cert errors) but as Gareth stated it is a best practice to have all certs in place before moving mailboxes to the new Exchange environment.

**
The autodiscover does find the mailbox when I first set up the user for an outlook profile.  I'll check on the ctrl+right click and see what I get.  Thanks
0
 

Author Comment

by:sndmnsix
ID: 40530372
What happens when outlook try to connect?
 What is reported when you ctrl+right click the Outlook Icon in your bottom right corner and choose test email configuration, insert the email address and password or Run -> Outlook /rpcdiag and check what is reported
.

When I run outlook /rpcdiag:
I get a CID value of 6, null data for proxy server, server field is populated, empty brackets "[]" for Auth, empty brackets for encryption, RPCport has null data, and Type is Directory.

I'm actually running an remote desktop session to the client computer right now so I couldn't right-click successfully.  Thanks
0
 

Author Comment

by:sndmnsix
ID: 40530381
Hi David,
When I try to get the virtual directory information, I can't read everything on the screen.  Is there a way to pipe the return data so I can see everything returned?

Also if you can provide intel about your virtual directories.
•Get-WebServicesVirtualDirectory
•Get-OwaVirtualDirectory
•Get-ActiveSyncVirtualDirectory
•Get-AutodiscoverVirtualDirectory
•Get-EcpVirtualDirectory
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40530411
Hey sndmnsix,

You can do each command like this for example. This will dump it to a text file on the C: drive called EWS.TXT. Then you can attach those text files here. Or cut and paste.

Get-WebServicesVirtualDirectory >> c:\ews.txt

Open in new window


Also, Outlook 2007 is a very old client. Can you confirm if you have the latest service packs and updates applied to Outlook? Any luck with the Outlook 2010 client? Maybe you could get a trial of 2013 from Microsoft?
http://www.microsoft.com/en-us/evalcenter/evaluate-office-professional-plus-2013
0
 

Author Comment

by:sndmnsix
ID: 40530423
thanks Gareth,
Here's the data returned.

EWS:      https://servername/EWS/Exchange.asmx
OWA:      https://servername/OWA
ASYNC:      https://servername/Microsoft-Server-ActiveSync
ECP:        https://servername/ECP
Auto:      Return the servername only.
0
 
LVL 12

Expert Comment

by:David Paris Vicente
ID: 40530428
Hi sndmnsix,

do it like Gareth said  will be more easy to check the info, and check your internal and external url's for the directories.
0
 

Author Comment

by:sndmnsix
ID: 40530438
Hi David,
When I run the get commands to return the URLs, I'm not getting more than just 1 virtual directory.  Not sure where I would look for the secondary URL.  When I run the Get commands, am I receiving the internal URLs?  It would seem so since its returning NetBIOS names.  Thanks

Pete
0
 

Author Comment

by:sndmnsix
ID: 40530444
Oh, I'm sorry I see now.  I checked the ECP,EWS,EAS, and OWA virtual directory and there wasn't an external URL assigned yet for any of them.
0
 
LVL 12

Assisted Solution

by:David Paris Vicente
David Paris Vicente earned 334 total points
ID: 40530460
At least check the autodiscover virtual directory  because AutoDiscover feature in Exchange 2013 let’s client application such as Office Outlook 2007, 2010 and 2013 to connect to Exchange server automatically. AutoDiscover feature automatically discovers the mailbox settings for user profile in Office Outlook application. AutoDiscover also works for supported mobile applications. In Exchange 2013, you must configure URLs for AutoDiscover service via Exchange Management Shell.
The command below will configure the URL for AutoDiscover service.

Set-ClientAccessServer -Identity "Name of the server" -AutoDiscoverServiceInternalUri https://autodiscover.yourdomain.com/Autodiscover/Autodiscover.xml

Open in new window

then use this one to check
Get-ClientAccessServer | FL AutoDiscoverServiceInternalUri 

Open in new window


After this use the test email configuration in outlook to see if Outlook is detecting the autodiscover url and if is pointing to the correct one.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40530464
Just for your reference for on screen to show it for all CAS servers in the environment easily use the following PS command.

Get-WebServicesVirtualDirectory | fl Identity, Internal*, External*

Open in new window


You can use this piped command for all of the PS virtual directory commands get-owavirtualdirectory, get-activesyncvirtualdirectory etc.

Will.
0
 

Author Comment

by:sndmnsix
ID: 40530476
Hi David,
When I run Get-ClientAccessServer | FL AutoDiscoverServiceInternalURi, this is what is returned.   Doesn't seem right.  Would the InternalUri be the machine name of the exchange server?


AutoDiscoverServiceInternalUri : https://{externalservername}/autodiscover/autodiscover.xml

AutoDiscoverServiceInternalUri : https://{autodiscover.domain}/Autodiscover/Autodiscover.xml
0
 

Author Comment

by:sndmnsix
ID: 40530481
Hi Will,
Thanks for that.  I'll keep that in my book.  

Pete
0
 
LVL 12

Expert Comment

by:David Paris Vicente
ID: 40530485
Can you past here the output??
0
 

Author Comment

by:sndmnsix
ID: 40530487
When I run this

[PS] C:\Windows\system32>Get-Autodiscovervirtualdirectory | fl Identity, Internal*, External*


Identity                      : {ex2007server\Autodiscover (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
InternalUrl                   :
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
ExternalUrl                   :

Identity                      : ex2013server\Autodiscover (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
InternalUrl                   :
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
ExternalUrl                   :
0
 

Author Comment

by:sndmnsix
ID: 40530490
Hi David,

Below is the capture of that command:

[PS] C:\Windows\system32>Get-ClientAccessServer | FL AutoDiscoverServiceInternalUri


AutoDiscoverServiceInternalUri : https://{externalname.domain.com/autodiscover/autodiscover.xml

AutoDiscoverServiceInternalUri : https://autodiscover.domain.com/Autodiscover/Autodiscover.xml
0
 
LVL 12

Accepted Solution

by:
David Paris Vicente earned 334 total points
ID: 40530499
That it seems correct, but as you can see your autodiscover is pointing to an externalname.domain.com and you didn't setup a certificate for Exchange 2013 to answer for that name.

You can export the certificate from the Exchange 2007 and install it in the 2013 and set up the services that will answer by that externalname (SMTP,OWA, etc).
You should also set up the external url for the other services to the externalname.domain.com

Let us know if helped.
0
 

Author Comment

by:sndmnsix
ID: 40530502
Hi David,
If I try to export the certificate from 2007, it won't let me export the private key.  I kinda assuming this is a necessity for this to be successful right ?

Pete
0
 
LVL 12

Expert Comment

by:David Paris Vicente
ID: 40530557
Yeap.

You need to Export the certificate with private key from the IIS server where it is installed the Exchange 2007.
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40530673
If you can't export the cert, you should be able to go back to whoever issued it and ask for it to be rekeyed.
0
 

Author Comment

by:sndmnsix
ID: 40530674
Hi David,
The reissued certificate has been install and tested successfully with this site:
https://testconnectivity.microsoft.com/

The hostname which is returned regarding the internalUri is pointed to the new exchange server internally.  The record already exisited but was pointing to the 2007 server.  I pointed it to the new server's private IP.

AutoDiscoverServiceInternalUri : https://{externalname.domain.com}/Autodiscover/Autodiscover.xml

On a side note:
When I go to reconfigure the outlook 2007 profile, I'll try to specify the new server that this person's mailbox is on but it can't resolve the account.  If I specify the old server, it immediate changes the name to the new server and then resolves the name ???  It's strange how I can't just type in the new server name for resolution.

Pete
0
 

Author Comment

by:sndmnsix
ID: 40530678
If you can't export the cert, you should be able to go back to whoever issued it and ask for it to be rekeyed.

Hi Gareth,
Yep.. I went ahead and did that.  Everything checks out in those regards.  I read your article about split brain DNS.  There was already a record there for the hostname that would resolve externally so I just changed it to point to the internal address of the 2013 server.   Let me know what you think.

Pete
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40530682
Just to clarify. So your environment was configured for split-brain already. You had a record for autodiscover.yourdomain.com and you changed that from the IP of 2007 to the IP of 2013. If so, that is fine. :)

So, to go back to when you said you can't resolve with the new server name. You said the autodiscover test succeeds at https://testconnectivity.microsoft.com/. Is your autodiscover DNS record externally pointing to the 2013 server? Just want to make sure the test isn't succeeding against the old 2007 server.
0
 

Author Comment

by:sndmnsix
ID: 40530687
Hi Gareth,
After the test, I went ahead to the secured owa website of that domain and logged in as a valid user who currently exists on the new 2013 box.  Seemed to test out perfectly.  

I'm not really sure if I'm split-brain or not.  Anyway I could find out if I did this part right?
0
 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 166 total points
ID: 40530694
Generally if you have a zone on your internal DNS servers for your external DNS namespace and those external DNS entries point to the internal IPs of the servers, that is split brain DNS. Also, all your internal URLs and external URLs in Exchange would be configured with the same value.

Lastly, did you confirm whether Outlook 2007 was fully patched? Or did you get a trial of 2013?
0
 

Author Comment

by:sndmnsix
ID: 40530700
OH.. I'll check the 2007 client version real quick.  I'm fairly certain they are.  

As far as zones are concerned.  I only have one lookup zone.  Do I need to create another zone and make a new record for that host ?  Does the hostname need to exist on both zones with public and private addressing ?
0
 

Author Comment

by:sndmnsix
ID: 40530707
Outlook 2007 (12.0.6665.5003) SP3 MSO (12.0.6607.1000)
0
 

Author Closing Comment

by:sndmnsix
ID: 40530745
As a result of the certificate reissue and proper DNS records the 2007 client can finally connect to the mailbox.  Thanks very much guys for your patience on this one.  I learned some very valuable things from this.  Take care and happy new year.

Pete
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40530771
Glad to help Pete!
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
Many people use more than one email account and so it becomes difficult for them to manage them when they use separate accounts,  so, in this article, I have shared an easy way to add Other Mail Accounts in your Google Inbox. It helps to combine all…
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question