[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 260
  • Last Modified:

RPC over HTTPS and GAL

Hi,

Here is my setup:

Domain Controller on Windows 2008 R2 server.
Exchange 2007 on Windows 2008 R2 Server (member server).


I'm able to setup Outlook 2010 outside my office enviroment using RCP over HTTPS and this works fine. At the bottom right of my Outlook window it states "All folders are up to date - Connected to Microsoft Exchange". I'm able to send and receive emails fine too.

Unfortunately when I click on my Address book and go to Global Address List, I get this error:

"The connection to the Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action"

The FQDN of the Exchange server is: exchange.mailuk.local on IP 10.0.30.40 (office LAN IP)

The RPC over HTTPS is: webmail.mailuk.org.uk

Now, If I were to VPN into my office network from my PC and change my host file so that it is:

10.0.30.40      exchange.mailuk.local

My Global Address List appears fine.

This is only fine because I have VPN'd into the office network and have change my host file so that
the local IP resolves to the same FQDN as my Exchange server which is sat in the office.

I hope I have explained this well.

Here is my question:

Is there a way of me achieving the same result of seeing the Global Address List when using RPC over HTTPS in Outlook 2010 but without the VPN and changing my PC's host file?  


Many Thanks
0
markbenham
Asked:
markbenham
  • 2
  • 2
2 Solutions
 
Will SzymkowskiSenior Solution ArchitectCommented:
The issue with your situation is Autodiscover is not accessible externally. When you connect to the VPN if you hold crtl+right click the Outlook icon in the system tray and select AutoConfiguration. If you run the test you will notice that your autodiscover and EWS are internal links. This is why it does not work externally.

Your SAN cert for OWA should also have DNS names for AutoDiscover and you should also have a CNAME record with your DNS host provider for autodiscover.domain.com pointing to mail.domain.com.

Once you have this setup externally it will work fine. You will also notice that Out Of Office will not work either using Outlook Anywhere when you are not on your VPN connection.

Just register autodiscover CNAME externally and that will resolve your issue.

Another thing, once you have regeristed this autodiscover externally you will also need to update your URL's for autodiscover on Exchange virtual directories.

Will.
0
 
markbenhamAuthor Commented:
Hi Will,

Many Thanks for your prompt response.

That is correct. Out of Office is also not working.

I will add the CNAME record to my DNS and see how that goes.

Please can you guide me as to how I update the URL's for autodiscover on Exchange virtual directories?

Many Thanks
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
You need to use the following commands.

Get-webservicesvirtualdirectory | fl identity, internal*, external*

This will display the current URL's you have set on all CAS servers.

You will then need to run the following command.
Set-webservicesvirtualdirectory -identity "servername\EWS (default web site)" -externalURL https://mail.domain.com/EWS/Exchange.amsx

You will also need to set the URL for OAB and Client Access Server AutoDiscover.

Set-oabvirtualdirectory -identity "servername\oab (default web site)" -externalURL https://mail.domain.com/oab

For Out Of Office and AutoDiscover use the following commands.

Set-ClientAccessServer -identity servername -AutodiscoverServiceInternalUri https://mail.domain.com/Autodiscover/Autodiscover.xml

Once you have setup all of your URL's you can run the outlook autocongif test again to ensure all URL are correct. Anything that states external should have https://mail.domain.com/oab, EWS etc.

If you have any other questions let me know.

Will.
0
 
markbenhamAuthor Commented:
Hi Will,

Thanks for this and I will try it but is there a way of reversing this process if it doen't work.

Sorry - I'm a bit cautious that I may make it worst then what I have now.

Many Thanks again
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now