Exchange 2010 - Outlook 2010 enabling CONNECT OVER HTTP by default at remote site

Hello,

I have an Exchange 2010 system installed at a client site, and there are (2) Active Directory sites configured.  The sites are configured as separate sites in Active Directory, with each site having a DC/GC, and each site having it's own separate CAS server and DATABASE server for Exchange:

NY SITE:
- DC/GC
- EXCH-NYCAS
- EXCH-NYDB

FL SITE:
- DC/GC
- EXCH-FLCAS
- EXCH-FLDB

Our INTERNET DOMAIN NAME (mydomain.com) is the same as my WINDOWS DOMAIN NAME (mydomain.com).

Exchange works and connects for all users in all sites automatically, no configuration necessary.  Autoconfigure does its thing...but I notice that all of the Outlook 2010 clients in the FL site are defaulting to "CONNECT TO EXCHANGE OVER HTTP"...we noticed this on an EXTREMELY LARGE MAILBOX USER because their mailbox was running more slowly than you would think....we investigated and shows that FOR CAS calls, ALL calls were going to the PUBLIC IP ADDRESS of the CAS, and the CAS was then making calls back over the VPN to the database server in the FL site.  

If we UNCHECK "CONNECT OVER HTTP..." it speeds things up AMAZINGLY!  However, the next time that I close and restart Outlook, the checkmark is back and it's connecting over OUTLOOK ANYWHERE again.

How can I change this in the remote site?  The main site is fine.
Thank you!
LVL 5
jkeegan123Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Satyendra SharmaMicrosoft UC Technical ArchitectCommented:
So if i understand your scenario correctly NYC is your internet facing Exchange site?
And NYC is configured to proxy to FL over your site to site vpn?

Do all the clients in the FL site connect over HTTP or only this particular one?
Any GPO setting pushed for Outlook clients in the environment specifically related to outlook anywhere settings?
0
Simon Butler (Sembee)ConsultantCommented:
The behaviour you are seeing is by design. If Outlook Anywhere is enabled, then it goes to all clients. You cannot change that behaviour, as you have seen it is overridden by Autodiscover.

Your fix isn't viable, therefore you need to look at why it is using Outlook Anywhere.

Outlook Anywhere works in a failover mechanism. It initially attempts to connect to the server using TCP/IP connections, if that fails, it will then attempt to use Outlook Anywhere. Thus you need to look at whether there is something blocking the connection. Perhaps your Exchange server address or Autodiscover address isn't resolving or you cannot connect to the server correctly?

Another thing you can try is setup a split DNS, so that your external host name resolves internally to the internal IP address of the Exchange server. While not resolving the underlying problem it would ensure that the traffic stays inside the network.

Simon.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jkeegan123Author Commented:
@Sharma:  Yes ALL FL users are doing this.
@Simon:  I am aware of everything that you said and after posting, I got to the configurations and ... let's just say it was messy to be nice.  

I ended up setting up SPLIT DNS because autodiscover was pointing to the internet record and the internet zone was NOT an internal split zone, I ended up having to create that.  Once I created that, created an "A" record for each physical site and their corresponding CAS and exported the certs to match (AMAZINGLY all of this was wrong but the certificates SAN's were correct...) and everything was shiny happy.

Points to Simon since that is what ended up resolving it.  Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.