mailbox migrated to 2013 now outlook is disconnected

Upgrading to exchange 2013 from 2007, the users I have migrated cannot access their email.  Outlook 2010 say disconnected at the bottom of the screen, OWA just keeps taking them back to the main screen. I migrated 7 of 88 users.
How can I get my 7 users on line with either out access or OWA access
John HausknechtITAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Guy LidbetterCommented:
Have you tried recreating the profile in Outlook at all? Are you using the 2007 OWA or the 2013 OWA?

For Outlook, have you updated the autodiscover records to point at the 2013 CAS?

Regards

Guy
0
Simon Butler (Sembee)ConsultantCommented:
Number one reason I see for that happening is the URLs are configured incorrectly. For example both servers have been configured with the same URLs.

It could also be poor replication, where the domain hasn't caught up and is telling the client that the mailbox is still on the old server.

Doing an Autodiscover test in Outlook will confirm what the server is returning.

Simon.
0
John HausknechtITAuthor Commented:
Auto discovery is still pointing to the old 2007 CAS, where do I see that setting and change it?
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Guy LidbetterCommented:
Its a DNS entry... look for autodiscover.domain.com and change it to point to your 2013 cas array\server

Have you created a 2013 CAS array DNS entry? Which OWA are you using? Still 2007 as well?
0
John HausknechtITAuthor Commented:
OK got it, any issues with changing tis during the day or should I wait for after hours.  I have 88 users and I have only migrated 7 of them.

Also, we have a 3rd party doing our filtering then sending us the email they redirect our email base on the server IP, they are still pointing to Exchange2007. Should that now point to the 2013 cas?
0
Guy LidbetterCommented:
It shouldn't be a problem, Ex13 CAS boxes will just redirect any legacy requests to the appropriate 2007 CAS box.

Yes, the external filter should definitely point to the EX13 CAS.
0
Simon Butler (Sembee)ConsultantCommented:
"Have you created a 2013 CAS array DNS entry"

There is no CAS Array on Exchange 2013. The setting is there, but is not required.
Furthermore, having Autodiscover pointing to Exchange 2007 makes no difference, Exchange will return the correct information on either version.
Autodiscover internally is managed via this setting:

get-clientaccessserver | select identity, autodiscoverserviceinternaluri

Ideally the same entry should be on all servers, with the host name specified pointing to a host that is on the trusted SSL certificate.

Simon.
0
Guy LidbetterCommented:
Correction, there is no CAS Array object as an RPC endpoint is no longer used since the CAS is stateless. However a CAS Array VIP is still used for load balancing\HA reasons providing services like OWA, ECP, OAB, EWS and Autodiscover.

AS exchange will attempt to discover the autodiscover settings initially through the SCP (A service connection point created when you install a CAS role) before looking at DNS it can be handled "Internally" as Simon says.

However this is obviously not working as your users can't access their mailboxes. So...

Point your mail.domain.com internal url to your 2013 CAS Array\Server, and do the same for your Autodiscover DNS record, or set your autodiscover as a CNAME for the new array, however you previously has it setup.

Then try connect one of the migrated Outlook clients and test.
0
Simon Butler (Sembee)ConsultantCommented:
"However a CAS Array VIP is still used for load balancing\HA reasons providing services like OWA, ECP, OAB, EWS and Autodiscover"

That doesn't make any sense.
There is NO CAS ARRAY in Exchange 2013.

There might be a VIP, but that would be with a load balancer. However you never needed a load balancer to use a CAS array on Exchange 2010.
Don't use terms that do not apply to Exchange 2013, they simply confuse the asker and anyone else viewing the question.

Simon.
0
Guy LidbetterCommented:
Ermm... conceded... "THERE IS NO CAS ARRAY" The 2010 entity or concept is gone other than the remnants that aren't actually used in EX13...

However, we are not here to argue semantics and terminology... we are here to help.... my query remains whether the CAS VIP has been configured for internal URL's or not.
0
John HausknechtITAuthor Commented:
Hermes2 = Exchange2007
Hermes3 = Exchange2013

When I run the get-clientaccessserver | select identity, autodiscoverserviceinternaluri it returns the same value for both

Identity                                                                        AutoDiscoverServiceInternalUri
--------                                                                        ------------------------------
HERMES2                                                                         https://autodiscover.forsythpl.org/Autodiscover/Autodiscover.xml
HERMES3                                                                         https://autodiscover.forsythpl.org/Autodiscover/Autodiscover.xml
0
Guy LidbetterCommented:
As long as autodiscover.forsythpl.org resolves to a 2013 CAS server, that's fine.

So as I mentioned the Autodiscover DNS entry should point to either the CAS IP's or be a CNAME for the VIP (i.e. Mail.forsythpl.org)

Regards

Guy
0
John HausknechtITAuthor Commented:
I will make the DNS and IP for the redirected mail change, my manager has asked that ZI wait until after we close.  I will keep you updated.

As a work around I was able to the 7 users web access by use the OWA access
https://hermes3/OWA
0
John HausknechtITAuthor Commented:
I made the change to have:
Autodiscover is set to hermes3.forsythpl.org our 2013  CAS
Fitering server (3rd party) points to our 2013 CAS

The users that have been migrated to or created on the 2013 CAS cannot access their email
I created a new user on 2013 and when I setup the user on outlook2010 it wants a password but it does not recognize it..  Users that already have an outlook set up and were migrated to 2013 say disconnected.

Since I switch the Auto discovery and filter server setting external uses cannot access their email through OWA, It is redirecting to legacy.forsythpl.org and it is not recognized.

Some settings that may not be set right are:

hermes2 (Exchange2007)
Internal http://email.forsythpl.org
External https://legacy.forsythpl.org/OWA
Authentication Basic and "Use Name Only" are checked

Hermes3 (exchange 2013)
Internal https://email.forsythpl.org/OWA
External https://email.forsythpl.org/OWA
Authentication Basic and "Domain\User" are checked

I also have an internal DNS set to:
 email     Alias     hermes2.forsythpl.org   I change this to hermes 3 but did not see a difference

I did not set up an external DNS to point to my Legacy (2007 exchange) I was told I did not need it since we use the3rd party filter service

Thank for all your help with these issues it is truly  appreciated!!
0
Simon Butler (Sembee)ConsultantCommented:
"hermes2 (Exchange2007)
 Internal http://email.forsythpl.org
 External https://legacy.forsythpl.org/OWA"

Wrong.
That is wrong.

You have used the same URL on two different versions, So Exchange is bouncing around and being redirected all over the place.

You need to setup legacy.forsythpl.org in your internal and external DNS, pointing to Exchange 2007.
In Exchange 2007 change all of the URLs to legacy.forsythpl.org.

" did not set up an external DNS to point to my Legacy (2007 exchange) I was told I did not need it since we use the3rd party filter service "
Also wrong advice. If you are accessing Exchange 2007 from outside (OWA etc) then you need the host name setup correctly.

Simon.
0
John HausknechtITAuthor Commented:
The users that have been migrated to 2013 still cannot access their email.

If they already had outlook on the old 2007 it says disconnected

If they are new to outlook it keeps asking for a password, I have attached a word doc with the screen shotemailscreenshot.docx
0
Simon Butler (Sembee)ConsultantCommented:
Unfortunately I don't open word documents off the internet.
Password prompts are pretty common, but they don't actually mean authentication issues.

Have you got all of the URLs set correctly within Exchange 2013, which match the SSL certificate. The host name being configured must resolve to the Exchange 2013 server.
That includes the Autodiscover, EWS, Outlook Anywhere host names.
http://semb.ee/hostnames2013

On Outlook Anywhere, what authentication setting do you have? If it is set to NTLM, try negotiate.

Simon.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
John HausknechtITAuthor Commented:
They can access outlook anywhere via the web connection if they already have an account.
Legacy = https://legacy.forsythpl.org/owa
2013 = https://email.forsythpl.org/owa

When trying to create the account with outlook on the 2013 system it gets to log onto the server and stops - this is when it request the password which it never takes.  It is like it cannot see the new exchange.
0
Simon Butler (Sembee)ConsultantCommented:
What URL have you configured for Outlook Anywhere? As you have posted an address for OWA.
If you run an Autodiscover test on a client that is already connected, what does it show for connection information?

Simon.
0
John HausknechtITAuthor Commented:
Outlook Anywhere has email.forsythpl.org

Authentication is set to negotiate

Allow SSL Off loading is checked


Thank you,
John
0
John HausknechtITAuthor Commented:
Note to everyone ** Don't test on XP system**  Exchange 2013 needs Windows7 or latter.
I am embarrassed to say!!

Thank you for all your help!!!
0
John HausknechtITAuthor Commented:
Thank you for all your help!!! I have everyone back on and accessing their email.  Now I can start the migration process.

What I had to do

My URLs were not set correctly
My local DNS was still pointing to the Exc2007 CAS
I did not set my external DNS for the legacy Exc2007 CAS
I did not have legacy in my Exc 20013 servers certificate
I did not create a new certificate for the old legacy 2007 server
I was testing my user access with an XP system - this was a bit embarrasing
I resolved the issue of user on 2013 access my old Public folders with this link  http://support.microsoft.com/kb/2834139/
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.