Improve company productivity with a Business Account.Sign Up

x
?
Solved

Outlook 2007 RPC over HTTP Not Working

Posted on 2016-08-24
8
Medium Priority
?
135 Views
1 Endorsement
Last Modified: 2016-09-11
Hello,

We have 2 other PCs set up with RPC over HTTP running Outlook 2007, which are working fine.  However, there is one that keeps getting the error "The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action." when the username and password are entered.

I followed the same steps I did on the other 2 PCs that are working fine.  There is no encryption.

Thank you for your help.
1
Comment
Question by:JParra72
8 Comments
 
LVL 18

Expert Comment

by:Ivan
ID: 41769457
Hi,

that 3rd computer is same as 2 other, domain joined or not? On same network, same DNS settings?

Regards,
Ivan.
0
 

Author Comment

by:JParra72
ID: 41769458
All 3 PCs are outside of the domain.  Meaning, they are offsite not in our office.  That's why they need to use RPC over HTTP.

Thanks!
0
 
LVL 7

Expert Comment

by:Scobber
ID: 41770437
I thought owa mandates the use of ssl for rpc over http

If be looking at certificate trust.

FYI the computers being outside the domain is no excuse for a poorly implemented exchange server.
When configured correctly outlook does not care if the machine is joined to the domain or not. It makes no difference
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 

Author Comment

by:JParra72
ID: 41770505
Why would it work on one PC and not on the other?  If it works on one PC then everything should be ok, right?  On the PC with the issue, the security certificate is installed.  I verified this using certmgr.msc,  it is installed in the "Trusted Root Certification Authority" folder.

When I was setting up the profile manually, in the connection tab, the checkbox regarding encryption is unchecked because that is the way the others are set up and working.

Thanks
0
 
LVL 7

Expert Comment

by:Scobber
ID: 41770519
You should have settings on your rpc endpoint matching your client
Typically your authentication should be set to basic and the proxy settings set to SSL you can turn off certificate verification etc...

Open the proxy address in IE
do you get a certificate error?
Does the iis server serve a page??

You might have to check the advanced tab in the ie settings, go to security, and check your ciphers

SSL 2 / 3 have vulnerabilities and should not be used inside of testing so enable them along with tls 1,1.1,1.2. Restart and test your outlook client

If that works you need to fix your cipher suites and disable ssl on your server while keeping Tls enabled

Http://www.ssllabs.com is a good resource for testing the strength of your ssl implementation


As far as your certificates go are they CA issued? Or self signed?
Are they public CA or Enterprise CA
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 41770549
"it is installed in the "Trusted Root Certification Authority" folder."

That sounds like you are using an internally issued certificate or the self signed certificate generated by Exchange, as there should be nothing to install on the clients.

Outlook Anywhere is not supported with the self signed certificate generated by Exchange 2007 and higher.
Furthermore, if you are using Exchange 2007 you should check that Autodiscover is working correctly.

If you aren't using a trusted SSL certificate, I suggest that you deploy one.
0
 

Author Comment

by:JParra72
ID: 41787926
The server is Exchange 2003
0
 
LVL 7

Accepted Solution

by:
Scobber earned 2000 total points
ID: 41789140
Shouldn't matter, open internet information services and check the auth settings on your virtual directories.

Usually it will be either basic or ntlm

Basic forces SSL ntlm does not

Don't use digest

How's your patches going? At some point Windows won't trust 1024 bit SSL and this needs to be fixed

Anther potential problem is deprecation of security ciphers
https://community.qualys.com/thread/14251

For example

If SSL 3 has been disabled on the client due to its weakness and your server wants SSL 3 clients won't connect

These are the pains of using out of support software
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This guide provides step by step instructions on how to convert an Offline(.ost) to a Personal file(.pst). A different situation occurs when a conversion of OST file to PST format is needed. Use the described manual methods and SysTools OST to PST C…
Importing Outlook PST contacts to Exchange Server can become a complicated task. Situations arise where an Exchange user is not able to import contacts from PST to Exchange Mailboxes in an efficient manner. Try SysTools Exchange Import to move conta…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
To export Lotus Notes to Outlook PST or Exchange and Domino Server files to Exchange Server or PST files with ease, go for Kernel for Lotus Notes to Outlook conversion tool. Through the video, you can watch the conversion process. A common user with…

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question