Solved

RPC over HTTPS and GAL

Posted on 2015-01-08
4
242 Views
Last Modified: 2015-05-12
Hi,

Here is my setup:

Domain Controller on Windows 2008 R2 server.
Exchange 2007 on Windows 2008 R2 Server (member server).


I'm able to setup Outlook 2010 outside my office enviroment using RCP over HTTPS and this works fine. At the bottom right of my Outlook window it states "All folders are up to date - Connected to Microsoft Exchange". I'm able to send and receive emails fine too.

Unfortunately when I click on my Address book and go to Global Address List, I get this error:

"The connection to the Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action"

The FQDN of the Exchange server is: exchange.mailuk.local on IP 10.0.30.40 (office LAN IP)

The RPC over HTTPS is: webmail.mailuk.org.uk

Now, If I were to VPN into my office network from my PC and change my host file so that it is:

10.0.30.40      exchange.mailuk.local

My Global Address List appears fine.

This is only fine because I have VPN'd into the office network and have change my host file so that
the local IP resolves to the same FQDN as my Exchange server which is sat in the office.

I hope I have explained this well.

Here is my question:

Is there a way of me achieving the same result of seeing the Global Address List when using RPC over HTTPS in Outlook 2010 but without the VPN and changing my PC's host file?  


Many Thanks
0
Comment
Question by:markbenham
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 500 total points
ID: 40539243
The issue with your situation is Autodiscover is not accessible externally. When you connect to the VPN if you hold crtl+right click the Outlook icon in the system tray and select AutoConfiguration. If you run the test you will notice that your autodiscover and EWS are internal links. This is why it does not work externally.

Your SAN cert for OWA should also have DNS names for AutoDiscover and you should also have a CNAME record with your DNS host provider for autodiscover.domain.com pointing to mail.domain.com.

Once you have this setup externally it will work fine. You will also notice that Out Of Office will not work either using Outlook Anywhere when you are not on your VPN connection.

Just register autodiscover CNAME externally and that will resolve your issue.

Another thing, once you have regeristed this autodiscover externally you will also need to update your URL's for autodiscover on Exchange virtual directories.

Will.
0
 

Author Comment

by:markbenham
ID: 40539666
Hi Will,

Many Thanks for your prompt response.

That is correct. Out of Office is also not working.

I will add the CNAME record to my DNS and see how that goes.

Please can you guide me as to how I update the URL's for autodiscover on Exchange virtual directories?

Many Thanks
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 40540001
You need to use the following commands.

Get-webservicesvirtualdirectory | fl identity, internal*, external*

This will display the current URL's you have set on all CAS servers.

You will then need to run the following command.
Set-webservicesvirtualdirectory -identity "servername\EWS (default web site)" -externalURL https://mail.domain.com/EWS/Exchange.amsx

You will also need to set the URL for OAB and Client Access Server AutoDiscover.

Set-oabvirtualdirectory -identity "servername\oab (default web site)" -externalURL https://mail.domain.com/oab

For Out Of Office and AutoDiscover use the following commands.

Set-ClientAccessServer -identity servername -AutodiscoverServiceInternalUri https://mail.domain.com/Autodiscover/Autodiscover.xml

Once you have setup all of your URL's you can run the outlook autocongif test again to ensure all URL are correct. Anything that states external should have https://mail.domain.com/oab, EWS etc.

If you have any other questions let me know.

Will.
0
 

Author Comment

by:markbenham
ID: 40541847
Hi Will,

Thanks for this and I will try it but is there a way of reversing this process if it doen't work.

Sorry - I'm a bit cautious that I may make it worst then what I have now.

Many Thanks again
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes a serious pitfall that can happen when deleting shapes using VBA.
This article helps those who get the 0xc004d307 error when trying to rearm (reset the license) Office 2013 in a Virtual Desktop Infrastructure (VDI) and/or those trying to prep the master image for Microsoft Key Management (KMS) activation. (i.e.- C…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question