Solved

Outlook 2007 RPC over HTTP Not Working

Posted on 2016-08-24
8
69 Views
1 Endorsement
Last Modified: 2016-09-11
Hello,

We have 2 other PCs set up with RPC over HTTP running Outlook 2007, which are working fine.  However, there is one that keeps getting the error "The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action." when the username and password are entered.

I followed the same steps I did on the other 2 PCs that are working fine.  There is no encryption.

Thank you for your help.
1
Comment
Question by:JParra72
8 Comments
 
LVL 16

Expert Comment

by:Ivan
ID: 41769457
Hi,

that 3rd computer is same as 2 other, domain joined or not? On same network, same DNS settings?

Regards,
Ivan.
0
 

Author Comment

by:JParra72
ID: 41769458
All 3 PCs are outside of the domain.  Meaning, they are offsite not in our office.  That's why they need to use RPC over HTTP.

Thanks!
0
 
LVL 7

Expert Comment

by:Scobber
ID: 41770437
I thought owa mandates the use of ssl for rpc over http

If be looking at certificate trust.

FYI the computers being outside the domain is no excuse for a poorly implemented exchange server.
When configured correctly outlook does not care if the machine is joined to the domain or not. It makes no difference
0
 

Author Comment

by:JParra72
ID: 41770505
Why would it work on one PC and not on the other?  If it works on one PC then everything should be ok, right?  On the PC with the issue, the security certificate is installed.  I verified this using certmgr.msc,  it is installed in the "Trusted Root Certification Authority" folder.

When I was setting up the profile manually, in the connection tab, the checkbox regarding encryption is unchecked because that is the way the others are set up and working.

Thanks
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 7

Expert Comment

by:Scobber
ID: 41770519
You should have settings on your rpc endpoint matching your client
Typically your authentication should be set to basic and the proxy settings set to SSL you can turn off certificate verification etc...

Open the proxy address in IE
do you get a certificate error?
Does the iis server serve a page??

You might have to check the advanced tab in the ie settings, go to security, and check your ciphers

SSL 2 / 3 have vulnerabilities and should not be used inside of testing so enable them along with tls 1,1.1,1.2. Restart and test your outlook client

If that works you need to fix your cipher suites and disable ssl on your server while keeping Tls enabled

Http://www.ssllabs.com is a good resource for testing the strength of your ssl implementation


As far as your certificates go are they CA issued? Or self signed?
Are they public CA or Enterprise CA
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 41770549
"it is installed in the "Trusted Root Certification Authority" folder."

That sounds like you are using an internally issued certificate or the self signed certificate generated by Exchange, as there should be nothing to install on the clients.

Outlook Anywhere is not supported with the self signed certificate generated by Exchange 2007 and higher.
Furthermore, if you are using Exchange 2007 you should check that Autodiscover is working correctly.

If you aren't using a trusted SSL certificate, I suggest that you deploy one.
0
 

Author Comment

by:JParra72
ID: 41787926
The server is Exchange 2003
0
 
LVL 7

Accepted Solution

by:
Scobber earned 500 total points
ID: 41789140
Shouldn't matter, open internet information services and check the auth settings on your virtual directories.

Usually it will be either basic or ntlm

Basic forces SSL ntlm does not

Don't use digest

How's your patches going? At some point Windows won't trust 1024 bit SSL and this needs to be fixed

Anther potential problem is deprecation of security ciphers
https://community.qualys.com/thread/14251

For example

If SSL 3 has been disabled on the client due to its weakness and your server wants SSL 3 clients won't connect

These are the pains of using out of support software
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now