?
Solved

RPC over HTTPS and GAL

Posted on 2015-01-08
4
Medium Priority
?
249 Views
Last Modified: 2015-05-12
Hi,

Here is my setup:

Domain Controller on Windows 2008 R2 server.
Exchange 2007 on Windows 2008 R2 Server (member server).


I'm able to setup Outlook 2010 outside my office enviroment using RCP over HTTPS and this works fine. At the bottom right of my Outlook window it states "All folders are up to date - Connected to Microsoft Exchange". I'm able to send and receive emails fine too.

Unfortunately when I click on my Address book and go to Global Address List, I get this error:

"The connection to the Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action"

The FQDN of the Exchange server is: exchange.mailuk.local on IP 10.0.30.40 (office LAN IP)

The RPC over HTTPS is: webmail.mailuk.org.uk

Now, If I were to VPN into my office network from my PC and change my host file so that it is:

10.0.30.40      exchange.mailuk.local

My Global Address List appears fine.

This is only fine because I have VPN'd into the office network and have change my host file so that
the local IP resolves to the same FQDN as my Exchange server which is sat in the office.

I hope I have explained this well.

Here is my question:

Is there a way of me achieving the same result of seeing the Global Address List when using RPC over HTTPS in Outlook 2010 but without the VPN and changing my PC's host file?  


Many Thanks
0
Comment
Question by:markbenham
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 2000 total points
ID: 40539243
The issue with your situation is Autodiscover is not accessible externally. When you connect to the VPN if you hold crtl+right click the Outlook icon in the system tray and select AutoConfiguration. If you run the test you will notice that your autodiscover and EWS are internal links. This is why it does not work externally.

Your SAN cert for OWA should also have DNS names for AutoDiscover and you should also have a CNAME record with your DNS host provider for autodiscover.domain.com pointing to mail.domain.com.

Once you have this setup externally it will work fine. You will also notice that Out Of Office will not work either using Outlook Anywhere when you are not on your VPN connection.

Just register autodiscover CNAME externally and that will resolve your issue.

Another thing, once you have regeristed this autodiscover externally you will also need to update your URL's for autodiscover on Exchange virtual directories.

Will.
0
 

Author Comment

by:markbenham
ID: 40539666
Hi Will,

Many Thanks for your prompt response.

That is correct. Out of Office is also not working.

I will add the CNAME record to my DNS and see how that goes.

Please can you guide me as to how I update the URL's for autodiscover on Exchange virtual directories?

Many Thanks
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 2000 total points
ID: 40540001
You need to use the following commands.

Get-webservicesvirtualdirectory | fl identity, internal*, external*

This will display the current URL's you have set on all CAS servers.

You will then need to run the following command.
Set-webservicesvirtualdirectory -identity "servername\EWS (default web site)" -externalURL https://mail.domain.com/EWS/Exchange.amsx

You will also need to set the URL for OAB and Client Access Server AutoDiscover.

Set-oabvirtualdirectory -identity "servername\oab (default web site)" -externalURL https://mail.domain.com/oab

For Out Of Office and AutoDiscover use the following commands.

Set-ClientAccessServer -identity servername -AutodiscoverServiceInternalUri https://mail.domain.com/Autodiscover/Autodiscover.xml

Once you have setup all of your URL's you can run the outlook autocongif test again to ensure all URL are correct. Anything that states external should have https://mail.domain.com/oab, EWS etc.

If you have any other questions let me know.

Will.
0
 

Author Comment

by:markbenham
ID: 40541847
Hi Will,

Thanks for this and I will try it but is there a way of reversing this process if it doen't work.

Sorry - I'm a bit cautious that I may make it worst then what I have now.

Many Thanks again
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Outlook for dependable use in a very small business   This article is about using the Outlook application (part of Microsoft Office) in a very small business, or for homeowners where dependability and reliability are critical requirements. This …
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
This video discusses moving either the default database or any database to a new volume.
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question